Whether you have an eCommerce store, write about your favorite topics online, or promote services on your site, backups are absolutely critical. They provide incredible peace of mind — if your WordPress site is ever hacked or if it goes down for any reason, you can quickly and easily restore it in full.
Until now, Jetpack has offered daily backups as an option for site owners. And while this is a great step to protect your site, Jetpack’s real-time backups are the best way to get complete peace of mind. They save a copy of your site each and every time a change is made — a page is updated, a post is added, a setting is tweaked, or a product is purchased — all behind the scenes without requiring you to lift a finger. That way, you know that you’ll never lose a second of your hard work or a single customer order.
And we believe so strongly that every WordPress site should have real-time backups that we’re making them even more affordable and accessible.
That’s why we’re now including real-time backups in each of our Backup and Security plans.
Continue reading → Never Miss a Moment: All Backups Are Now Real-time
At some point, you’ll need to restore a backup of your site. Maybe your WordPress website got hacked, or something went wrong during an update. Whatever the case might be, backing up your website regularly is the best way to ensure that you never lose any important data.
Fortunately, there’s more than one way to back up and restore a WordPress website. Knowing how each method works will enable you to decide what option to use.
In this article, we’ll take a closer look at the reasons why you need to back up your WordPress site. Then we’ll talk about the different types of backups and help you decide which method works best for you. Let’s get to work!
Continue reading → How to Restore a WordPress Site From a Backup (Full Guide)
It’s every site owner’s worst nightmare — you visit your website and find that it’s completely down. What do you do? Where do you go from here?
There are a variety of reasons your website might be inaccessible — it was hacked, there was a theme or plugin conflict, you accidentally deleted something — but it can be crippling no matter what. If your site is down even briefly, you could lose customers, clients, or followers. If it’s down longer (especially because of a hack) you could lose your cash flow, drop in search engine rankings or suffer permanent damage to your reputation. And, of course, if you have no way to restore it, you might lose your past orders or content, and then need to hire someone to fix it for you.
That’s where backups can save the day! A good backup plugin requires very little setup on your end but saves your site automatically so that, if the unthinkable happens, you can get back up and running again quickly. It’s more than just a handy tool; it’s peace of mind.
But there are a lot of good options out there. How do you know which one to choose?
We’ve examined the best WordPress backup plugins and compared them based on their features, pros and cons, ease of use, and pricing.
Continue reading → Choosing the Best WordPress Backup Plugin: Top 7 Plugins Compared
If you’ve ever experienced a broken website, you know just how devastating it can be to try to recover or rebuild if you don’t have a copy to restore from. It can cost hours, days, or even months of downtime; leading to revenue loss, increased expenses, and emotional distress for you and anyone who relies on your site. Being able to restore your files and database if anything goes wrong can prevent this kind of painful situation. This is why making backups of your WordPress site, with a tool like Jetpack Backup, is absolutely critical.
In this article we’ll walk you through:
- What is a WordPress backup?
- Why do you need a backup of your site?
- Methods for creating a WordPress backup
- Automatic backups from your web host
- Manual backups
- Backups using plugins
- Which manual backup method is the best?
- How often should I back up my WordPress site?
- Where should I store my WordPress backups?
- How do I know that I haven’t missed any files when performing a manual backup of my WordPress site?
- What makes WordPress backup with a plugin better than manual?
- How many backups should I keep?
Continue reading → How to Back Up a WordPress Site (Manually & Automatically)
Jetpack is acquiring WPScan, a WordPress vulnerability database. WPScan is used across the WordPress ecosystem to learn about new vulnerabilities to WordPress core, themes, and plugins.
WPScan started as a simple Ruby script in 2011 to help identify vulnerabilities in self-hosted WordPress websites. The simple script matured into a large software project and gained popularity amongst the security and WordPress communities.
Vulnerabilities are sourced from around the web, as well as security researchers from both the community and WPScan. In 2021, WPScan was able to double the amount of vulnerabilities added to the database compared to 2020. In total, it has cataloged more than 23,000 WordPress vulnerabilities over the last 10 years.
Continue reading → Jetpack Acquires WordPress Vulnerability Database WPScan
During an internal audit of the Smash Balloon Social Post Feed plugin (also known as Custom Facebook Feed), we discovered several sensitive AJAX endpoints were accessible to any users with an account on the vulnerable site, like subscribers. Some of these endpoints could enable Stored Cross-Site Scripting (XSS) attacks to occur.
A successful Stored XSS attack could enable bad actors to store malicious scripts on every post and page of the affected site. If a logged-in administrator visits one of the affected URLs, the script may run on their browser and execute administrative actions on their behalf, like creating new administrators and installing rogue plugins.
We reported the vulnerabilities to this plugin’s author via email, and they recently released version 4.0.1 to address them. We strongly recommend that you update to the latest version of the Smash Balloon Social Post Feed plugin and have an established security solution on your site, such as Jetpack Security.
Continue reading → Security Issues Patched in Smash Balloon Social Post Feed Plugin
Whether you’re launching a business site, an online store, or a hobby blog, WordPress offers flexibility, ease of use, and advanced functionality that will help make it a smashing success.
But before you’re ready to go live, spend a few minutes thinking about security. Protect your site as much as possible to keep it safe from hackers and working for fans and customers at all times.
Continue reading → WordPress Security: How to Secure Your Site From Hackers
During an internal audit of the WP Fastest Cache plugin, we uncovered an Authenticated SQL Injection vulnerability and a Stored XSS (Cross-Site Scripting) via Cross-Site Request Forgery (CSRF) issue.
If exploited, the SQL Injection bug could grant attackers access to privileged information from the affected site’s database (e.g., usernames and hashed passwords). It can only be exploited if the classic-editor plugin is also installed and activated on the site.
Successfully exploiting the CSRF & Stored XSS vulnerability could enable bad actors to perform any action the logged-in administrator they targeted is allowed to do on the targeted site.
We reported the vulnerabilities to this plugin’s author via email, and they recently released version 0.9.5 to address them. We strongly recommend that you update to the latest version of the plugin and have an established security solution on your site, such as Jetpack Security.
Continue reading → Multiple vulnerabilities in WP Fastest Cache plugin
When it comes to running a WooCommerce store, a secure checkout process is one of the most critical elements. While every step in the buyer’s journey is important, protecting your data and your customers’ personal details is absolutely essential. Keeping credit card numbers and other sensitive information shielded from hackers or other data breaches should be every store owner’s number one priority.
Here are ten ways to ensure a safe and secure WooCommerce checkout experience:
Continue reading → Ten Steps for a Secure WooCommerce Checkout Experience
Security is absolutely imperative whether you own a blog, small business site, or eCommerce store. After all, if your site is ever hacked, you risk damaging your reputation, losing your files and database, hurting your SEO rankings, and turning personal customer and visitor data over to hackers.
As with many things in life, prevention is much better than treatment. And, thankfully, WordPress makes it easy to secure your site and prevent a hack.
We’re going to take an in-depth look at 12 of the best WordPress security plugins, compare them in a variety of areas, and help you choose the best plugin for your particular site. Plus, we’ll answer some common WordPress security questions.
Continue reading → Choosing the Best WordPress Security Plugin: Top 12 Plugins Compared