One of the things that people struggle with all the time when it comes to hosting their own site is backups. How do you backup a WordPress site? Why do you need to? The simple answer is that for one reason or another, data can be lost or corrupted – even on big hosts.
In New Inceptions’ lifetime (which officially has been since 2010), I’ve had malware installed on the same server as mine before. That malware can affect everything and everyone on the storage space of the server.
I was reminded of this in the past week.
You might have noticed that I didn’t have a blog post last week. However, I did write one. It was 2000 words of awesomeness about the things I’ve been learning and relearning about email marketing.
Obviously, it wasn’t posted – and here’s why: after I made the post, I saved it as a draft. Well, something didn’t go right on my particular install at the time. So just as my screen was coming up from “saving”, I scrolled through to see if there wasn’t anything else that might need changed. As I did this, I realized that two-thirds of my post had disappeared!
Needless to say, I was somewhat furious.
I’ll probably eventually redo the post as I get more results from what I’ve been learning. However, in the meantime I’m just going to tell you that it’s going to become a primary focus of mine in the foreseeable future. Up to my first 10k Subscribers – at least!
Long Story Short
I don’t know if this has anything to do with with it, but the install of one of my clients had been hacked into last weekend. No traffic was getting to their site and that meant no revenue for me. Bad times!
In the meantime, I didn’t realize that this was going on. And the next thing I knew, malware started causing issues on my site as well. I didn’t have any idea that this was possible. I always thought that if it was a different install of WordPress, then we wouldn’t have that issue. Not so.
The particular issue that this malware was causing me was CRAZY amounts of traffic – at least for my site. This ended up being bot traffic, and to make matters worse, it was causing my site to call for a ton of Cron jobs. These particular kind of jobs eat at the number of how many “processes” that your host provides you. Hostgator usually limits each shared host customer to 25. Not bad – mainly because you can typically keep it under 10 if your site is humming along without any problems.
Well, as soon as I realized how many processes these jobs were taking up and in how slow my site was acting, I figured that it had been corrupted and I needed to take it offline. I did and thought to myself “well, looks like I’ll have to build the website back up from scratch”. Why? Because that’s what I had to do the last time my site got hacked. In fact, that was when I thought it was a great time to buy Enfold as my theme.
If you’ve never had that feeling, it’s a bad feeling to have. Hopefully what I’m about to say next will prevent you from having to feel that too many times yourself!
One Last Shot
It’s funny, but my engineering training always shows up one way or another. Especially when I have problems with technical things. Where many people might start panicking, my brain just flips to a logical step by step troubleshooting mode.
In this particular instance, when I realized I was going to have to shut down the site, I dropped in a maintenance plugin – actually one that collected emails to let people know when it was back up.
As soon as I activated that plugin, I noticed that the Cron Jobs were dropping and I was able to actually navigate around my site. (Even if this wasn’t the case I know that I can manually cancel processes by going into Cpanel and manually stopping each one. (This is why it’s good to have a large monitor or in my case, multiple monitors. You can do multiple things at once. In grad school it was research on one monitor and write on the other. In this case it was stop one process in Cpanel, and then move to another page. Stop a couple more and move to another page.)
Not too long ago, I had to move my site from its previous installation to where it is now on Hostgator. You’d think this would be somewhat easy. Just like people copy videos on YouTube or Facebook – download from one account and upload on another.
It’s not that simple when transferring a WordPress install.
What you have to do is actually download another plugin that will download all the pieces of WordPress. This includes the files that you upload, but it also takes in account the database (that keeps track of your posts and any links you have on them), the theme, AND the plugins.
Well, I knew I didn’t want to backup all that information. I wanted something that could save just the files I wanted. My old plugin put everything into one archive folder. That simply wasn’t going to do.
I wanted something that could separate the files apart. Because more than likely the affected files were going to be in the theme OR in the plugins.
I eventually found a solution that was going to give me this option.
My Solution for Malware
UpdraftPlus was the backup software that allowed me to separate all these files into compartments. Here’s how the restore went down.
- Installed UpdraftPlus.
- Create New Backups.
- Download the parts that I want. In my case it was the Database and Uploads parts. (FYI: Uploads houses the information for Enfold – so technically I’m keeping my theme settings!)
- Write down list of plugins being used.
- Create a new install of WordPress.
- Re-install UpdraftPlus.
- Restore (upload) the Database and Uploads which I just downloaded.
- Reinstall the theme and each plugin that was on my list.
And there you go.
This process took me a matter of 2+ hours with a site that part of the time was fighting me. However, I’d rather put in that time compared to having to redo the site again.
So that you’re prepared when your site gets hacked, install UpdraftPlus in your site right now. It’s free for what I used it for. You can have it save your backups on a number of remote servers – I’m pretty sure Dropbox and Google Drive are part of that selection. Not sure what the premium version does.
Also, make sure you install the plugin from McAfee so that your site is being scanned on a regular basis for malware. Even though it didn’t show up this particular time with McAfee, the last time I was hacked, McAfee saw it. Having the plugin installed alerts McAfee right away instead of them having to randomly access your site.