Top

How to protect your business website: part 3

Web security part 3

Your website represents an investment that typically measures in the thousands of dollars. It likely acts as one of your primary marketing vehicles. When people are directed to your brand, the website is the very first place they go to check out your company or product. They look to it for credibility, for information, and for a way to reach you.

What if something were to bring down your site and you suddenly found yourself with no web presence at all?

Surprisingly, many otherwise savvy business people ignore the need for computer backup. Financial records, documents and more are kept on the office computer and laptops with no thought that this data is constantly at risk. When disaster strikes, they lose everything, with a cost vastly exceeding the low cost of backup solutions.

Sadly, there are even more businesses that have no plan for backing up their websites. Even though the cost of maintaining backups is minimal, it’s an area all too often ignored.

What if something were to bring down your site and you suddenly found yourself with no web presence at all?

Many business people think that their web hosting company will backup their data. While most reputable web hosts will, indeed, keep backups, you should never rely on these alone.

For one thing, the backups maintained by the hosting company typically consist of the most recent data only. If your site is compromised — perhaps a hacker installed malware or removed critical data or a server update broke some area of the site, you might not realize for days. That means your latest backup will include the problem data. It won’t do you any good at that point.

I’ve seen numerous cases where web hosting companies changed ownership or even went bankrupt. In these cases, there may not even be a backup. In one horrifying incident, my client’s once-reputable hosting company was sold to a group of inept young people who badly mismanaged it. One day they simply lost the entire directory that his site was hosted on. The directory was wiped clean, with no backup whatsoever. What would you do if this happened to your site? Sure, you could probably sue, but that’s not going to bring back your site and the process could take years.

Another problem with the hosting company’s backup is that it won’t necessarily include all the elements that make up your site. For example, if your site is built on WordPress, you may have a home page “slider” billboard area. The settings for these are not part of your standard database backup. Neither are they part of your file backup. They require a separate backup file. The same goes for special form software, theme settings and various other special software that stores settings in unique data tables not included in a standard backup file.

Two types of backups

Modern websites consist of two components: physical files such as images and function, template or style sheet documents, and a database file. Older websites might not involve a database. They use physical documents called HTML files to store the content as well as the design elements of the site. With these older approaches, it was easier to backup a site because you just needed the physical files and when you restored them your site was completely restored. No longer.

Today you need to back up the physical files and you need to back up the database. Unless you restore both components — and often a few others — your site won’t work properly or look the way you expect. Database files are complex and consist of numerous tables of associated data. These tables may not all be backed up, which would cause some information to be missed during the restoration process.

For security reasons, database files require passwords, so restoring them isn’t a simple thing. Without the password you won’t be able to restore it at all! While it is usually possible to get the password from the server, there are times when the server simply isn’t available anymore.

Even though the cost of maintaining backups is minimal, it’s an area all too often ignored.

When your site was created, a full backup is usually generated. But these backups only reflect the website’s condition on the date the site was created. Websites are living documents. New posts are added regularly. Content is changed. Images are updated. The software running the site is updated. Comments might be added. All these things mean the website is in a constant state of flux. You need to backup the entire website on a regular basis.

Ideal backup schedules

How often you backup depends on how often your site changes. If you post new content weekly, you need to backup weekly. If you post new content every day, you need to backup every day or you’ll lose any updates made since the last backup.

Remember that a full backup of the entire website can be a very large file: often 100-200Mb in size. For that reason it isn’t practical to create a full backup too often. A good plan for a site that’s updated weekly is to create a weekly database backup, then a full backup once or twice a month. Of course, if you make significant changes such as file modifications you should make a full backup immediately after. You should also make a full backup before updating WordPress or plugins so you can go back to a properly working version of your site should anything break — I’ve seen cases where a simple change caused a fatal error that brought down the entire website!

Keep two or three months worth of these files so that you can go back in case a problem is identified that preceded one of these backup versions. If your site consists of daily changes, create a schedule that saves a daily database backup. These database backup files are generally quite small and manageable.

Backups should be scheduled to happen automatically because it becomes very challenging to manually backup on a regular basis.

Offsite storage

Another thing to think about is where your backup files are stored. Unless you’ve made special arrangements, backups are stored by default on the same server as the website. This isn’t going to be helpful if your server goes down!

The best approach is to save the backup files to an offsite location — another server located in a different state or region that will be unaffected by any problems with the server hosting your current site. It goes without saying that the offsite server shouldn’t be owned by the same company as your live server.

The restoration process

Restoring your site from a backup file can be surprisingly challenging. Get an expert to avoid serious problems. I’ve used a variety of services for website backups. While many of them provided a very easy system for creating the backups, restoring your site can be a nightmare with the wrong vendor. I spent years searching for the ideal backup software and finally found it.

BackupBuddyThe backup system I use for my WordPress sites is BackupBuddy with Stash offsite storage. It’s a premium plugin but I install it at no charge for all my clients and they get lifetime updates too.

This incredible plugin addresses every issue mentioned in this article. Restoring a site takes only a few keystrokes, a quick download, and a fast and easy restoration process. Yes, it’s an expensive system, but it’s free for my clients, and bundled as one component in my low-cost maintenance and security package called Adwiz ReBoot. The Stash offsite storage is also a premium service, and included as part of my ReBoot maintenance program, so you never have to worry about your backup getting lost because of problems with the hosting company.

Adwiz ReBoot

RebootI apply all these strategies and more to a maintenance service called Adwiz ReBoot. For a small monthly fee, companies get the benefit of security on their site and many additional features. You’ve invested thousands of dollars to build a professional website. What’s the cost if you lose your online reputation and have to start over? Isn’t it worth a small monthly fee? Businesses need to take maintenance and security seriously as part of our modern business reality. Check Adwiz ReBoot for yourself.

What about you?

Do you have any experiences to share in regards to this or any of the three security issues I’ve been discussing in this series? Horror stories or victories over what could have been a disaster? Products you love? Things I’ve missed talking about? I’d love to hear about it! Share using the comments area below.

Like this? Please share!Facebooktwittergoogle_pluspinterestlinkedinmailFacebooktwittergoogle_pluspinterestlinkedinmail

George Pytlik

George Pytlik has been involved in the advertising industry for over 30 years and designed his first website when the Internet was one year old. He was an internationally recognized speaker on advertising and branding and served on a number of communication committees at various times throughout his career, as well as writing a regular column for Marketing magazine.

No Comments

Post a Comment