Backup Options for WordPress Websites

On Wednesday we discussed the importance of backing up your website as part of a larger cybersecurity strategy.  Today we are going to look at feature considerations for you as you decide which backup plugin is right for you.

Personally, I have used both Backup WordPress and Updraft Plus, and I have been satisfied with both of them.  When you search for backup plugins, WordPress offers 1325 options.  How to choose from this huge selection?

  • Plug-in Rating – When on the WordPress plugin page, look at the star rating.  I wouldn’t bother with anything under 4 stars.  Look at the number of comments, which is the number in parenthesis after the stars.  You can click through to read the comments if you wish.  Take a look at the number of active installs.  More installations usually means more satisfied customers.  Your choice needs to be compatible with your version of WordPress.  (Do we need to tell you your version of WordPress should be the latest version?)

  • Free vs. Premium – There are usually free versions of most WordPress plugins, but the free version may be missing the functionality you need for your site.  Comparing prices for premium versions may be an important part of your decision process.
  • Secure Backup Administration – You want authentication to happen using TLS or some other encryption method to keep your user ID and password secure.  It is a good idea to require a different user and password for restoration than for backup, or for general site administration.
  • Restore Capability – You will want a backup solution that provides automatic restore capability.  If your site goes down, you will want it back as quickly as possible, without having to wade through a bunch of technical processes.
  • Backup Encryption – We are members of the “encrypt everything” camp, and this should apply to your backup files as well.  That way your files cannot be used by a cyber-thief.
  • Database Encryption Support – If you are collecting personal information from your site visitors or having them set up accounts controlled by user name and password, your WordPress database needs to be encrypted.  Make sure your backup solution will support this.
  • Encrypted File Transfer – If you are storing your backups to the cloud, make sure they are encrypted with TLS, SFTP, or SCP while in transit.
  • Migration Support  – What if you are moving your site to a new host?  Make sure your backup supports hosting site migration.
  • Multisite Support – If you are using the WordPress multisite functionality, make sure your backup solution can support it.

This should help you make a good choice from the many available options.  As I mentioned, I recently moved to Updraft Plus, and I can recommend this product for most of you.  Ask other WordPress site owners you know what they use, and ask them why they chose it.  But do something about backup for your website.  The saddest calls I get are from people who lost their site but have no backups.  There is nothing they can do but redesign the entire site from scratch.

 

 

0

About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.