Welcome to Day 5 of Reboot Your Blog!
Just about 18 months ago, we moved from the middle-of-nowhere in the California foothills (Georgetown, to be exact) back to the San Francisco Bay Area. Up there, we’d regularly get storms that knocked down trees and power lines and because we lived in a town of only 900 people, we were usually the last place PG&E came to fix.
It wasn’t unusual after a typical winter storm to have us lose electricity (and therefore water too, as water came from a well driven by an electric pump) for 48 hours at a time, and one (horrible!) storm left us without power and water for 6 1/2 days.
We wouldn’t be in bad shape though – we had a small generator that would power a room or two in the house so I could get online or the kids could watch TV for a little while. We had a woodstove to heat the house so we were toasty warm despite the temperature being well below freezing outside. My truck had 4 wheel drive and we were easily able to plow out of the 2-3 feet of snow in our driveway to head into town (which usually didn’t have power either!).
But it took us about 2 years to get to that point.
During the first big storm when we we lost power for the first time, we realized we didn’t have water only after letting a sink run and run until the spigot coughed dust. That’s when we (city slickers) realized that without electricity, we had no well pump. Without a well pump, we had no water. And without water, you can’t flush the toilets…
We made lots of mistakes as we learned to live in that remote environment. But evenutally, we learned how to prepare for the storms ahead of time.
And I got to thinking about how much this storm and power outage dovetails with today’s Reboot Your Blog post – it’s all about being prepared.
DAY 05 OBJECTIVE
Prepare your sites for disaster!
DAY 05 ASSIGNMENT
Anything can happen. Murphy’s law says that if you’re well prepared, nothing will happen. If you’re not prepared, every calamity imaginable will strike!
Today we’ll safeguard our sites for whatever fiasco the interwebs throws at us.
Backup Your Sites
Your web host might be performing some sort of regular backups of your sites.
Hostgator’s shared hosting performs an automatic backup every Sunday night, and they archive those backups for at least a week. If your site goes down in flames on the 6th day, you’ll lose 6 days of work. That might not be a big deal if you only made one post during that time, but why chance it?
I use Rackspace’s Cloud Sites hosting, and I don’t depend on them a lick for my own backups (although they may provide them).
Fortunately, like most things, if you’re running WordPress then automatic backups are pretty simple.
Use the WP DBManager plugin to automatically backup your core WordPress database information (like your posts!) and email them to you each night. (Have these emails sent to an address that is NOT on the same server as your site – perhaps a Gmail account). Take a peek at my settings for these automatic, emailed backups:
The thing that’s nice about WP DBManager is that it’ll also allow you to automatically repair or optimize your database, just like you can automatically run backups. Plus, you can run SQL queries and empty/drop tables from it’s interface, instead of having to log in to PHPMyAdmin.
Most shared hosting and VPS’s are pre-configured with the most common and effective security options. If you have any doubts or concerns, your should get in touch with your hosting provider.
Some VPS’s and dedicated servers are given to you pretty much out-of-the-box. If you find out from your host that this is the case with your server, and that additional security measures should be configured by you, it may be in your best interest to hire a security expert at Odesk to “harden” your server. With a managed hosting solution, like the Cloud Sites product I use, you don’t have to worry about this stuff.
With WordPress, there are some modifications in the way of plugins that you can use to ensure your WordPress installation itself, not just your server, is safe.
[box type="alert" border="full"]Wordpress is a common target of hackers because it’s so widely used. It’s in your best interest to take a couple of extra steps to ensure your installation is safe.[/box]
Firstly, you’ll want to have the most current version of WordPress, with each new version there are numerous security and bugfixes and maintaining the most recent version will protect you in that way. (We discussed this at length during Day 4 of your Reboot Your Blog).
The Akismit plugin can help protect your blog from comment spam – use it if you’re having a problem in that department. If your niche isn’t personal or embarrassing and your audience is technically savvy or comfortable, you might be able to use Facebook comments, like I am here. This eliminates the need for moderation almost completely – no one wants to leave douchey comments linking back to their Facebook page! The plugin I’m using is Facebook Comments For WordPress.
Also you’ll want to install Secure WordPress and WP Security Scan. Secure WordPress removes some vulnerabilities from your installation automatically, while WP Security Scan checks your site for security holes and makes suggestions for how to fix them. Both are invaluable.
Other scripts you may be running on your server (like vBulletin) could have additional updates or plugins to enhance out-of-the-box security. Ensure you’re running the latest versions of any additional scripts your running on your server as well as any well revered security enhancements that may be available for them.
Not quite an “utter interwebs disaster,” but a whole buncha traffic all at once can bring your site to it’s knees if it’s too much for your server to handle. You’ll see these problems sometimes when sites hit the #1 position on places like Reddit or during product launches. When Daring Fireball links to a site and it crashes, it’s said that the site is “Fireballed”. There’s simply too much traffic hitting the site all at once, and it fails.
Site speed – or how long it takes your pages to load – is also a ranking factor. This means that a slow site isn’t just a bummer for your visitors, it’ll get in the way of your rankings now too!
No matter what your site is running (PHP, plain old HTML, or a script like WordPress), ensure that any videos you display for your users are NOT served from your own site. Instead, use a third party video hosting service, like YouTube, or a third party storage service, like Amazon S3, to store and stream your videos. You’ll cut down on the bandwith your users consume, prevent server overload, and 99% of the time a video from one of these services will load faster than one loaded from your own server.
If your site is very heavy on images (like a photo gallery) you can use a service like Flickr to host and display your images.
Images used for your site design (like headers) can be stored at Amazon S3 and loaded much faster.
Wordpress users can also install WP Super Cache or w3 Total Cache (my preference). Caching plugins generate static html files from your dynamic WordPress blog. The end result is that your site will load faster and not suffer from server meltdown should a large number of visitors hit it all at once.
Now is also the time to check your sites for broken links. Check your main navigation bars, sidebars, footer links, etc. to ensure all your links are still active and directing to the proper place.
Wordpress Broken Link Checker will do this for you automatically, scanning your WordPress posts, pages, blogroll and images and notifying you of any broken links.
By the end of today, you will have:
- Configured and began an automatic backup plan with WP DBManager
- Planned for comment spam and how you’ll moderate it (Akismit) or avoid it (Facebook comments)
- Installed Secure WordPress and WP Security Scan to check for security flaws in your sites
- Began using a caching plugin to speed up your sites
- Activated the Broken Link Checker plugin and fixed or unlinked any broken links in your site
Today’s measure will increase the overall security of your server and sites, and should there be a failure somewhere along the line, you’ll have backups to fall back on.
Join us tomorrow for another Reboot Your Blog post, and let me know how you’re doing so far in the comments!