Why Do You Need to Backup Your WordPress Site ?
Around 19,500,000 sites use WordPress currently[source], which means WordPress owns 60-70% of the entire CMS market share[source]. Showing it’s extreme versatility and usability but also in more grave terms, making sites hosted using WordPress a very common target for attackers.
The three most common ways in which a malicious actor may attack your site are:
- Through exploitation of the WordPress Core, 37% of attacks occur through this vector.
- Through vulnerable WordPress Themes, 11% of all attacks.
- Or, through vulnerable WordPress Plugins, 52% of all attacks.
This means, if you use WordPress to create your site, using themes for better visuals, and plugins for extra functionality. There is a very high chance that you may be vulnerable to an attack by external actors.
Such attacks have become very common in the past few years. Specifically targeting sites using Zero-day exploits in plugins[source], and multiple brand new attack vectors.
If you are the target of one of these targeted attacks, it is almost impossible for even the most secure firewall, or the most advanced threat detection tool to stop such an attack. As in these cases an attacker probes a website trying to find a vulnerability or an opening which can be leveraged.
In such cases the most secure and safest ways to protect your site, is by creating and maintaining several backups of your entire operation.
How the Backup Plugin Protects Your WordPress Site ?
After gaining access to a vulnerable website, we have observed that many attackers, modify the contents of the vulnerable site. Creating new pages which contain phishing links, or hosting malicious files on the website, many attackers will completely change the entire website and now use it as a control center to launch more attacks.
Manually handling this entire cleanup is a very time intensive and expensive task. With most recovery operation taking at least 2-3 days to completely clean a website. Instead if you have created a backup using our plugin or otherwise, you have an instant reset button to restore your website to a previous iteration. Discarding the changes made by the attacker completely. After this earlier version of your website is restored, you can run our Malware Scanner and/or Web Application Firewall plugins to keep your site secure or to find the vulnerability that the attacker used to gain access.
What does the WordPress Backup Plugin Do ?
Providing you an easy and hassle free way to create a database backup, a file backup or create a backup for any new content that you may publish. Giving you the ability to backup your entire WordPress site or whatever specific files you require to remote storage locations or to any Cloud Storage Services that you may already use; Including but not limited to:
- Google Drive
- Amazon S3 Servers
Also to remove the annoyance of manually backing up everyday or when there’s an update to your site, the plugin allows you to set a time for automatic backups or even to backup your files when any customizable condition is met.
The backups created are kept completely encrypted, so that even if someone else gains access to the backups, they won’t be able to gain any confidential or sensitive information about our website.
You can always try out our plugin at no cost, through here. Or, If you are still nervous about your website security or on how the plugin would work for you specifically, you can always contact us through https://security.miniorange.com/contact/ , and we would be happy to help you out.