How I Sleep Like a Baby (While “My Team” Watches My WordPress Site)

How to sleep like a baby with Wordpress security and backups

Wordpress & CMS

How to sleep like a baby with WordPress security and backupsYes, I’ve had my site hacked before.

Actually, it happened the weekend before a Monday event for which I expected over 600 people to be showing up at my site.

It started with a strange email from my host (bluehost), which I received via my iPhone.

Apparently my site had been compromised and they would be shutting it down indefinitely until it was fixed.

No more ability to register new attendees. No site. No event on Monday.

Needless to say, that was a stressful weekend.

I found a security firm that specialized in malware removal and their representative spent an entire weekend removing all of the illicit code. Luckily the site was salvaged, the event went on as planned, and I had 650 attendees go through the program.

So since that time, I’ve gotten a lot more careful.

I delete themes that I’m not using from my control panel. I delete old plugins. I keep my WordPress version up to date.

But that’s not enough.

Here are the things that I do to sleep soundly at night, knowing that my site is being watched or that if something happens, it will be quickly addressed.

1) Regularly Back-up Your Site

Are you backing up your site regularly to protect your valuable content? I use the paid WordPress plugin called Backup Buddy to do regular back-ups (I have a multiple site license). It includes a virus scan program for extra peace of mind. I also schedule regular back-ups that automatically get uploaded to my Dropbox.

2) Get Reliable WordPress Hosting with 24/7 Phone Support

I use Bluehost to host my sites. They’re one of the top-rated WordPress hosts and they have great 24/7 phone technical support. Whenever I have an issue, I just pick up the phone and they’re always there to help me resolve it. If you need to move your site, you can pick up the phone to get help.

3) Monitor Your Site for Hacking 24/7

Hackers are attacking sites of all sizes. By using Sucuri’s security monitoring service (which is very reasonable, especially for multiple sites), I have more peace of mind. Since issues seem to always happen when I’m not in the office, I have alerts that go to my email, to my cell phone and they even have an option to send you a Direct Message in Twitter.

If your site becomes compromised, simply submit a ticket and they’ll clean it up right away.

4) Have a Trustworthy Security Expert On Call

If you’re already monitoring your site with Sucuri, then you’re all set (see above). If not, WP Security Lock does an awesome job of solving difficult security breaches on WordPress sites. I really like their service where they’ll clean and move your site to a new host. If you’ve been hacked and you know it’s time to change hosts, this is a great way to get a fresh (and safe) start at a new host.

5) Fix nagging WordPress issues…inexpensively

Sometimes it’s not a major security problem. Sometimes a plugin will stop working or with an update to WordPress, your formatting will break. In these cases you don’t want to have to go digging into the code yourself and you don’t want to pay an expensive consultant to fix it. WPFixit is a great a la carte service that costs $39 per fix. And if they can’t fix it, they’ll refund your money. That’s quite a guarantee!

What are your favorite WordPress Security Services?

Your site is an important asset for your business. All of the time and money that you spend on development, design and content creation should not be put at risk.

Are you protecting your asset? What are your favorite tools or services? Let me know in the comments below.

Tom Treanor is the founder of the Right Mix Marketing blog. He’s the author of the Search Engine Boot Camp, the co-author of Online Business Productivity, and regularly speaks at industry and corporate events. His writing has been featured on the Content Marketing Institute, Social Media Examiner, Copyblogger and other leading industry blogs.


    1. Hi Sapna,
      Glad to have you visiting my blog here. Yes, Backup Buddy is very helpful, especially if your blog is a big part of your business. Thanks for your comment!

  1. Thanks Regina, great reminder a tips. I have learned the value of having my WP backups to be emailed to me, since I had had web hosts suddenly disappear and the crash of a brand new HD. I set up a separate gmail account just for backups now.

    1. Hi Cathy – great to hear from you. Yes, I’ve had my share of disasters too, so I can’t agree more. A regular, automated backup is a lifesaver. Thanks for your comment!

  2. Oh wow, this is good to know. Having a resource available 24/7 to fix any immediate issues with WordPress is a great idea and $40 is super cheap for fixing any major issues that might happen.

    You might also want to look into Bullet Proof Security. There are some things that can be done with your .htaccess file to secure your website and keep intruders out.
    Steve recently posted..Successful Online Content MarketingMy Profile

  3. Hi Tom . This share is indeed a reminder for everyone around . Regular monitoring and a trustworthy security expert are handy measures . Liked your share .

    1. Ron – Bluehost has an addon for a different security company but I’m not sure if that includes fixing the issues – it may just be monitoring. As for notifications from Bluehost, it’s usually a delayed contact from support that there’s a virus. What I get from Sucuri is an update as soon as something seems wrong (e.g. site is down) and they’ll clean it up as part of the price (and that’s priceless) – – I had to spend hundreds cleaning up a site in the past when I didn’t have a plan.

Comments are closed.