Whether you already have an active blog, or you’re just starting out, I want to make one thing crystal clear: Be sure to backup (make copies of) your site files on a regular basis. AND make sure you store those files in a separate place. Do not store your site file backups on your server! If your website server catches on fire, or crashes, or gets hacked, (note: all 3 have happened to me!) and your backup files are sitting on that same server… you’re screwed.
When you first paid for your website hosting account, or you installed WordPress software, you were probably given the option of having regular site backups. This is a good idea. But what you need to know is that those automated site file backups are stored on the SAME server as your website.
So you need to go one step further and take those backup files and upload them to an independent server – like Amazon Cloud – or download them to your own computer or storage drive. Here’s what happened to a Freedomite who did not heed this advice:
Last night someone hacked into my CPanel and deleted all of my website files. Backups were deleted as well (my programmer, for some reason, thought it was smart to save the backups to my CPanel). HostGator also says they do not have a backup. Something about automatic backups are disabled once there are too many files in the account (an email counts as a file).
It’s a triple whammy.
To get the password, it had to have been a malicious attack. Probably because of the work we are doing. HostGator security says it looked like a professional job. Will have to re-create things.
Perhaps there is a silver lining in it all (I am now wiser), but last night was not fun – I was up until 3:00 am – five hours with HostGator and my programmer with no luck.
Just wanted to share. Should be a good lesson for Freedomites to be extra careful and to triple backup things! The cyber security element is only going to get worse going forward.
Cyber security is especially important for WordPress-based sites because there are so many people using it, and it’s open source software (anyone can view the code), so it’s like a magnet for hackers. That’s also why it’s important to upgrade to the newest WordPress version as soon as each new version is released – WordPress is continually finding security breaks and fixing them.
What I do for my websites, is that once a site is generating a lot of traffic or income, I pay a programmer to convert most of the site to PHP (a computer coding language); keeping only the blog in WordPress – because you just can’t beat WordPress for search engine rankings.
And yes, I back up all my website files once a month to an independent location – we use Amazon Cloud server – but you could also use DropBox.