Not All Website Backups are Created Equal (and Why Automatic is Better than Manual)

Whether your website has one page or thousands, you should back up all of your content regularly. Automation is the foolproof way of making sure you’re never caught out.

The Manual Approach

A lot of website owners rely on external hard drives, USB flash drives, or CDs. Any backup is better than none, but storing your files and backups in the same physical place leaves them vulnerable to damage, theft, or loss.

Not to mention that you need to remember to do it and handhold your computer and server throughout the process.

Saving a copy of your files in a separate physical location, also called an off-site backup, is the best way to ensure your site is properly backed up. If something happens to your house or office and your main files are compromised, your off-site backup will be safely stored somewhere else. In case of data loss, you’ll be able to restore your site.

Enabling Automated Backups

The easiest way to perform backups on your website is to install a plugin that does it for you. Jetpack does this by using the same infrastructure that reliably serves millions of WordPress.com sites every day.

Jetpack backs up your WordPress database and any files in your plugins, themes, and uploads folders. This includes all the unique and irreplaceable data in WordPress, and everything properly integrated into the WordPress installation.

The process is automated, regular, and verifiable.

Managing Your Backups

Our most affordable backup solution for WordPress sites is Jetpack’s Personal plan. At just $39 per year, your site is automatically backed up daily, you get a 30-day archive, and unlimited storage (as well as spam filtering and priority support).

For business or news sites that post new content or product updates multiple times a day, the Professional plan also offers real-time backups. Every time you update your site, Jetpack gets notified and immediately backs up your site, making sure your changes are replicated and synchronized. Jetpack Professional also scans your website for security threats, so your website is always safe.

Next Steps: Compare plans and choose the right one for your site.

Posted in Security | Tagged , , | 2 Comments

Protect Your Website From This Common Form of Hacking

Your login page is the most vulnerable part of your website. It is the perfect target for a brute force attack — the most common form of online hacking.

What is a Brute Force Attack?

A brute force attack is the most rudimentary form of hacking: it employs bots that try different combinations of usernames and passwords until they find the right one. These are called malicious login attempts and can affect your website’s performance.

Each time a visitor lands on your website, their IP address makes an HTTP request to your website’s server. When bots are constantly visiting your login page in an attempt to crack your password, the number of HTTP requests spikes. All this website traffic will slow down your site, or worse, cause your server to run out of memory.

Secure Login Credentials

Choosing strong login credentials is the first step to better web security — on any site. Change your username from “admin” to something unique. “Admin” might be simple to remember, but it’s also easy to hack. Avoid using passwords that contain a version of your own name or a word in the dictionary. Choose a passphrase with a mix of numbers and letters or use a password manager that will generate secure passwords and save them for you.

If you have Jetpack installed on your site, you can enable Secure Sign On and use the same credentials you use for WordPress.com to sign in to self-hosted WordPress.org sites quickly and securely. You can choose to make this the only way to log in and disable the default login form completely.

Jetpack Brute Force Attack Protection

It’s not just your blog content at risk during a brute force attack. If a hacker successfully accesses your administrator account, your entire server could be compromised. That’s why every Jetpack Protect plan includes protection from brute force attacks, including distributed attacks that use many servers against your site.

When an IP registers too many failed login attempts, Jetpack will block that IP from accessing the login form, quickly limiting HTTP requests before they slow down your site. Your site will be protected, and you can see the number of attacks that Jetpack has stopped with a widget in your self-hosted site’s dashboard.

Next Steps: Compare plans and choose the right one for your site.

Posted in Security | Tagged , , | 3 Comments

Understanding the Value of Website Backups

WordPress websites of all sizes rely on web hosts to keep them up and running. However, glitches, malware, and human error can all threaten your site. As a website owner, it’s your responsibility to ensure you have an up-to-date backup of your site at all times.

Protect Against Brute Force Attacks

Your first defense is to block suspicious login attempts with a security plugin like Jetpack that offers brute force attack protection.

A brute force attack is the most rudimentary — and common — form of website attack. In an attempt to gain access to your site, large networks of automated bots try different combinations of usernames and passwords until they find the right one. These malicious login attempts can also affect your website’s performance.

Protect Against Malware and Code Vulnerabilities

Although brute force attacks are very common (and successful), they aren’t the only thing that can jeopardize your website.

Malware — sometimes referred to as “viruses” — can be plugins, themes, and other scripts that pretend to be legitimate products (sometimes actually providing an apparently valuable service). Malware contains code behind the scenes that steals or deletes your data, modifies your links to steal your traffic, or simply breaks your site.

Code vulnerabilities can have a similar effect, but the difference is that they are unintentional. No code is perfect, and sometimes developers write code that contain unknown loopholes that can be exploited by malicious hackers to achieve the same goals as malware.

In both cases, the solution is proper malware protection via an automated security scanning service (similar to an “anti-virus” product) that regularly scans all your code to see whether known vulnerabilities are present or whether modifications have been made without authorization.

Minimize Downtime with a Contingency Plan

Even if you have all the protections described above in place, you should still have a contingency plan for the situations where human error or new hacking techniques compromise your site.

Your contingency plan for accidental damage, malware, and brute force attacks should include daily backups of all of your web content. If anything happened to your site, having a recent and easily accessible backup will ensure it’s up and running again quickly — either by restoring it or by migrating it to another server — thus keeping downtime to a minimum, which most cases could mean loss of income or reduced search engine rankings.

Automatic backup services like Jetpack’s Personal plan make it easy to restore your site in a few clicks. High-traffic sites that generate revenue, like eCommerce, subscription, or advertising sites, should choose the real-time backups offered in Jetpack Professional. (“Real-time” means a current backup is always available and includes an unlimited backup archive, so you can always roll your site back to any point in time since signing up.)

Tie Up Loose Ends with a Personal Touch

Mistakes happen and it’s all-too-easy to accidentally delete a database or compromise your site’s functions while trying to update your files and plugins. If you have access to or can afford to keep a developer on retainer, you should rely on them to update or restore your site.

For most users, however, the personal yet expert support we offer as part of all our paid plans is enough to guarantee that additional peace of mind.

Next Steps: Compare plans and choose the right one for your site.

Posted in Security | Tagged , , , , | Comments Off on Understanding the Value of Website Backups

Securing your Site with Jetpack

jetpack-security

Website security is important, although it can seem daunting or tedious — it doesn’t have to be. These six simple and effective best practices will help you protect your WordPress website from malicious, unwanted attention (hint: Jetpack can help!).

Continue reading → Securing your Site with Jetpack

Posted in Security | Tagged , , , , , , , | 5 Comments
  • Enter your email address to follow this blog and receive news and updates from Jetpack!

    Join 103,517 other followers

  • Our most popular posts

  • Browse by topic

  • Unlimited Video Hosting

    Jetpack Premium now provides unlimited use of our video CDN. Save on hosting storage and bandwidth costs by streaming fast, ad-free video from our global network.

    Learn More