Call (619) 479-6637

Why Should I Maintain My Own WordPress Website’s Backups?

Thank you for asking. My name is Jim Walker. I’ve been managing website hosting and security for thousands of our businesses here at TVC.Net since 1997.

Some years back, I launched our HackRepair.com service, a reactive website security service for WordPress. I quickly found that nearly all of our new customers either did not have a web designer to help with ongoing security and maintenance or simply never considered the ongoing security requirements of WordPress. So HackGuard.com, our proactive security service, was born.

Through our HackGuard.com service, I learned some truths about hosting companies and their backup systems, especially in how backups are limited at various hosting companies.

I would go so far as to say that of nearly all of the websites I’ve worked on over the past decade, only a small fraction provided reliable backup options. In fact, most of the well-known web hosting companies do not back up their client’s accounts (at all), even though their hosting plans clearly state that “backups are included.”

The truth is that many web hosts deactivate backups entirely once a certain number of files have been created within the hosting account. This is often referred to as “inodes.” And once the customer exceeds the host’s inode limits, backups are suspended. Many web hosts skirt the ethics of this “promise” by offering paid backup options—which they often promote within the client’s hosting control panel. Sadly, because most clients rarely log in to their control panel, they never see that backups have been suspended due to exceeding the hosts’ inode limit. For this reason, many businesses are left with the mistaken belief that their accounts are being regularly backed up when in actuality, they are not.

This was one of the reasons I developed our HackGuard.com service. So many clients whose websites had been hacked were missing someone with expertise in maintaining WordPress websites as well as a working backup system. So developing a reliable service that covered maintenance, backups, and website security was a no-brainer.

When I started my HackGuard.com service, I tried a variety of backup options. Of the dozens of WordPress plugins tried over the course of a few years, I found only two met my service requirements, UpdraftPlus and WP Time Capsule. At the time, my service requirements included: displayed minimal self-advertising and promotion, provided responsive customer service, supported a variety of cloud backup options, and provided a high level of reliability.

Having managed websites for over twenty years, I can say without a doubt that the biggest lesson I’ve learned in my time managing websites is a simple one: backup redundancy and security go hand in hand.

It’s for this reason that I believe every website should have at least two backup solutions in place: one system saving daily, weekly, and monthly backups offsite, and at least one yearly backup saved either offsite or on the client’s personal computer.

I could get into discussing the pros and cons of my most used backup plugins, but the details are beside the point. You can learn more about the pros and cons of each with a quick Google search. In short, it doesn’t matter which backup system you have in place. Having multiple backup systems regularly backing your website up to an offsite “cloud” backup service is key #1.

Of the cloud services I’ve tried for website backups over the years, both Amazon S3 and Google Drive have been very reliable. The biggest downside of Amazon S3 is cost. Once backups on Amazon S3 reach a terabyte, service fees may begin to exceed $100 a month, especially if you are doing frequent recovery of files. Alternate lower-cost cloud service options, like Wasabi, are available as well, which according to their website, is 80% less costly than AWS. As of this writing, I haven’t tested Wasabi enough to give a review on their service.

Now, having covered the importance of backups, I would be remiss if I didn’t mention how backups may affect the performance of your website. On an overloaded or poorly tuned web server, backups may impact how a website loads during the moving of data from the web server to the cloud service. On the other hand, having maintained the backups of hundreds of websites on dozens of different web hosting companies’ servers over the past several years, I’ve found that the more experienced web hosts with well-tuned web servers have zero issues with clients running multiple backup systems simultaneously.

Sadly, many well-known hosting companies throttle their shared servers by severely limiting CPU cycles, number of processes allowed, and/or, memory. If you’ve worked on a website and seen a 503 error page appear, then you’ve likely experienced this first hand.

This may have the undesirable effect of backups taking exceedingly longer to complete, which may then perceptively slow web page loading, as well as increase the likelihood of backup failure.

This often-reported backup plugin “problem” is nearly always related to how well a given hosting service has tuned its web servers. I know I’m repeating myself here, but I would like to reiterate once again that an overly restrictive hosting service may limit the ability of your backups to fully complete in a timely manner, resulting in backups failing unexpectedly. If a hosting company recommends against using backup plugins like UpdraftPlus, there is a high likelihood that you are using one of “those” overly restrictive hosting companies. Is this a red flag when choosing a quality hosting service company for your business? I think so.

Which leads me to a discussion on the next uber-important aspect of backup management: backup recovery. Once you’ve established a working offsite backup systems, repeatedly and periodically testing the recovery process is key #2.

With UpdraftPlus, a files-based backup solution, recovery is as simple as deciding what you wish to recover—be it a plugin, theme, or the entire account—and then clicking the “Next” button a few times until the process is completed. With WP Time Capsule, an incremental backup solution, you have the benefit of choosing restore points, and within those restore points, the specific files or database dates to restore. Irrespective of how the backup plugins work, periodically testing and becoming comfortable with the recovery process is as important a step as establishing the backup options for your website in the first place.

That said, website hosting or backup failures are inevitable. That’s why it’s imperative to have multiple backup options saving off-server. The cost to archive your website to a cloud service is minuscule compared to the physical and emotional cost of having to rebuild a website from an Internet archive or multi-year-old backup. Been there, done that, and it’s no fun at all!

In the worst case, when the web host’s server literally crashes and the data is lost, your cloud backup service decision may spell the difference between the same day recovery of your website’s files and database and a total and irretrievable loss of your content. Backing up your website to a cloud service is just smart business.

And while most of this discussion has been about the value of establishing an offsite backup system, you may ask, “What about my web host’s backups?” Great question, and not meaning to be flippant here, but as that guy in that movie, Donnie Brasco, said, “Forget about it.” Sure, your hosting company may offer backups as part of their service, though I would argue that for the fifteen or so minutes it takes to set up a backup system for your website to “the cloud,” why take the chance? Whether your web host has a backup available when you really need it is also beside the point. Take control of your destiny. Just make a backup.

Disclaimer:
This post was written by Jim Walker for informational purposes only, was not solicited, nor paid for respectively.