You have your shiny new WordPress website up and running, you’ve setup a cool theme and you’ve got some content in there. It looks like an actual living, breathing website! Now is the time to put a plan in place to protect your investment.
You’ve done everything yourself and haven’t spent a cent, but you’ve still spent a lot of time getting to this point so no matter which way you look it you need to have a plan in place to take care of your site.
There has been much talk lately about WordPress security and it seems like every day there’s some new malware or virus out to destroy your website. Most of their time they are computer automated attempts by faceless hackers to try and find the weak points of websites to exploit in the hope they will get lucky.
With a little bit of extra effort you can put steps in place to make it more difficult for these cretins so they will give up trying and move on.
There’s a lot to cover so I’ll break it down into a couple of posts. The overall steps will be:
- Backing up your website
- Keeping your site up to date
- Security precautions and monitoring
- Boosting performance
First things first – Backups!
The first step to take is making sure your website is regularly backed up. Most hosting companies include an automated weekly backup which is great, but I recommend doing your own backups and storing them on a separate server.
As with everything WordPress there are a lot of free and paid options out there. I have tried a lot of different plugins for backing up WordPress and the one I’ve found to be the easiest to use and works the best is Updraft Plus. Their free version should be enough to get started and there is paid version inclduing a few more features, but the free version should be more than enough to take care of your backups.
Updraft Plus enables you to backup to a cloud based remote storage service of your choice such as Dropbox, Google Drive, Amazon and more which makes it an easy way to put a solid backup plan in place.
If for some reason your hosting server goes down and their default backups become unavailable, you will still have access to the remote backups you made which can be transferred to another host if needed. In well over ten years I’ve never had to do that so fingers crossed!
Go into the settings and enter your details to connect it your preferred remote storage location and then set up a backup schedule. I recommend at least weekly backups for most sites, but the more backups you have available the better. I would carry out daily backups at a minimum for e-commerce stores.
You can also set it to only keep a certain number of backups. This way you’re only going to take up a limited amount of space on your remote storage. The chances of a site needing to be restored from a backup and you not noticing for two to four weeks are slim, so this is a good amount of buffer.
You should also be manually monitoring your website regularly so you notice anything strange happening and can catch it before too much time has passed.
Third party services
Another service I have used is ManageWP. It’s designed to manage multiple WordPress sites and comes with a monthly cost for daily backups.
It’s a totally separate system running independently of WordPress which adds another layer of safety.
In addition to backups ManageWP can also handle all of your WordPress updates, security scans and monitoring and includes a performance report. For a single site it might be overkill as it will be another thing to manage, but if you are planning on running multiple sites in future it’s a good option to check out.
Next Steps
Jump into your wordpress admin area and install the Updraft Plus backup plugin or head over to ManageWP and signup for an account.
In the next post I will cover updating WordPress and plugins.