How to back up a WordPress site?

Date modified: 25/07/2024

Contents:

What is a backup?

In information technology, a backup or data backup is a copy of computer data taken and stored elsewhere. You can use this to restore the original after a data loss event. A WordPress backup is a data backup copy of all files and databases, and it is essential to have a complete backup that includes WordPress core files, plugin and theme files and folders, and the database.

Various methods exist for backing up WordPress files, such as FTP clients, plugins like BlogVault, and manual backups with cPanel or web hosts.

WordPress websites collect data daily, which you rely on when conducting business and engaging with customers. You must consistently make copies of your website in case things go wrong. Regular backups are vital insurance against a data-loss catastrophe.

The most common risks of website data loss are:

• Broken authentication & broken access control
• Website breakdown and downtime due to software failure
• Infection or malware
• Hosting server crash due to defect or natural disaster
• Website hacks, injection flaws (PHP injections), Cross-Site Scripting (XSS), brute-force attacks, DDoS, and other external threats
• Insider threat (malicious or by mistake)
• Unsuccessful updates
• Website migration (as a risk factor)

For example, protecting crucial assets such as e-commerce websites is critical from a business perspective. Making regularly scheduled backups of your website is one of the tasks associated with website maintenance.

What are the types of backups?

• Incremental backup creates a copy of only the data and files that have changed since the previous backup. Because incremental backups usually require less disk space, they can save your disk space.
• Differential Backup captures the changes since the last full backup. 

Differential backups comprise data files that have changed since the most recently completed full backup, and incremental backups comprise data files that have changed since the most recently completed incremental backup.

• A full backup is a complete copy of your WordPress site, including the database, core files, themes, plugins, posts, pages, and all media.
• Real-time Backups for WooCommerce (CDP or Near-CDP backups)
• Encrypted backups are backup files encrypted with a special code. This code ensures that only the intended recipient can access the backup and view its contents. The backup encryption process creates a unique public/private key pair for encrypting and decrypting backup files. The backup file is then encrypted with this key and stored securely on cloud services.

How often you should back up your website depends on how often you make changes to it. A small business collecting user data through an e-commerce site with tens or hundreds of daily transactions would benefit from daily backups. For big websites, e.g., popular magazines, news, and other frequently published portals, daily backups will be a must.

If you update the site once or twice a week, then your backup frequency will be as often as your website changes. Backups that keep your website’s daily, weekly, and monthly versions guarantee you can restore it without any data loss. 

Can backups be automated?

You can set up automatic scheduled backups. Cron tasks and scripts can automate your backup procedure from the server side. They consume your server resources. You should check with your hosting provider to see how often you can schedule cron tasks.

Some of the WordPress plugins also have inbuilt automation capabilities. Automation is a great timesaver, but it is good practice to check it periodically to ensure everything is working correctly.

Why are WordPress backups important?

Importance of Backing Up Your WordPress Website. In today’s digital world, having a website is crucial for any business or individual looking to establish an online presence. WordPress has become one of the most popular platforms for creating and managing sites due to its user-friendly interface, customizable features, and wide range of plugins.

However, with great power comes great responsibility. As a website owner, you must ensure that your website is always secure and protected. One essential aspect of this is regularly backing up your WordPress site.

Backing up your website means creating a duplicate copy of all the files and data on your site. This includes your themes, plugins, images, posts, pages, and databases. Having a backup ensures that in case of any unforeseen circumstances, such as a cyber attack

Data Protection.

Prevents data loss due to accidental deletion, server crashes, or hacking. Accidental deletions by site administrators or contributors can lead to significant data loss if no backup exists.

Server crashes, which can occur due to hardware failures or hosting issues, might corrupt or erase site data. Additionally, hacking incidents can compromise your site, resulting in data loss or damage, making backups essential for recovery.

Security.

Ensures that you can quickly restore your site after a security breach. In the event of a security breach, having a recent backup allows you to restore your site to its pre-attack state swiftly. This minimizes downtime and reduces the impact on your users and search engine rankings. Regular backups enable you to identify and rectify security vulnerabilities without losing critical data. However, backing up very large WordPress websites can be challenging, making it crucial to use reliable methods to backup WordPress files, such as FTP clients, backup plugins, or manual backups with cPanel.

Updates and Changes.

Provides a safety net when updating WordPress core, themes, or plugins, which might occasionally cause conflicts or errors. Updating WordPress components is crucial for security and functionality, but updates can sometimes lead to compatibility issues or site malfunctions.

A backup ensures you can revert to a stable version of your site if an update causes problems. This allows for safe experimentation with new features and updates without risking site stability.

Migration and Cloning.

Facilitates site migration or cloning for development purposes or moving to a new hosting provider. Backups are essential when migrating your site to a new host or server, ensuring all data is transferred correctly.

They also allow you to clone your site for development or staging purposes, providing a secure environment to test changes before implementing them on your live site. This ensures a seamless transition and continuous site availability.

Other reasons to back up your WordPress site

Prevent the loss of income.

These days, a downed website can mean a significant loss of income, loss of customers and transaction data, or even a drop in search rankings. Some studies have shown the cost of a website’s downtime and vary from $4000 to $ 10,000 in lost revenue per minute. For small e-commerce websites, the cost can easily be $3000 – $5000 per day.

With these numbers, a 3-5 day website breakdown can lead to a loss of up to $25,000 in revenue. These calculations assume that the website will eventually be restored, and downtime only results in a short business interruption.

The worst-case scenario, however, is less pleasant. This is when all data is lost, which can be disastrous for a business. While rebuilding a website with products and other assets is possible, it is much harder to reconstruct all customers, transactions and other instances.

Prevent the loss of SEO rankings.

Another threat is the loss of search rankings. When your website is down, de-indexing starts and users attempting to reach the website generate 404 errors. If somebody hacks your website, you lose control, and it can be used as a spam server to send infected or spammy messages.

After a hack/spam attack, bots add your website/domain name to blacklists. The recovery from this process is long, and the results are uncertain. When your website can be put on a blacklist, search engines will expel your site from its ranking, and it can lose almost 95% of its organic traffic. This will again impact revenue.

Restoring your website to a previous, uncorrupted version is easy with a proper backup. As a result, businesses won’t have to suffer if you suddenly lose your website. Even if your website is hacked, you can easily set up new hosting, restore your website (cleaned from malware or viruses and secured), and redirect the domain to a new server.

Saving time by spending time.

Developing a solid backup plan requires time and money, but the cost is far less than the long work of recreating data that hasn’t been backed up. 

According to a 2016 study by Symantec, the average cost of data loss was $7.01 million per company. In addition, the time needed to recover lost data has averaged 23 days.

The takeaway is that you should never underestimate the importance of making backups, even if it requires time and money.

What is a WordPress backup?

A WordPress website backup is a comprehensive copy of all a WordPress site’s essential components and data. This backup ensures that the website can be restored to its previous state in case of data loss, security breaches, or other emergencies.

WordPress website backup is an essential part of website maintenance and security. Backing up your WordPress website allows you to protect your data, migrate your site to a new host or platform, and quickly restore lost or damaged data without losing any content. Creating regular backups is essential for website owners who want to ensure their data is secure.

A typical WordPress website backup includes:

Database Backup:

• MySQL Database: It contains all the website’s content, user information, posts, pages, comments, and configuration settings.

File Backup:

• Core WordPress Files include the core WordPress site installation files essential for running the site.
• Themes – all the themes installed on the site, including active and inactive ones.
• Plugins – all the plugins installed on the site and their settings.
• Uploads – media files, such as images, videos, and others uploaded to the site.
• Custom Files – any additional custom files or code added to the site.

Regularly backing up WordPress files is crucial to ensure all components are secure and can be restored in case of data loss.

What do website backups do?

A website backup creates a complete copy of your WordPress files and WordPress database.

You can restore your website to the point/date the last backup was made. However, you will lose any changes from that point to the present. Only Real-time Backups, CDP (Continuous Data Protection), or near-CDP backups allow you to have a continuous backup of data flow.

Frequent backups are critical in a website risk management process. The frequency of your backups should be based on how often your website changes, from daily backups for the daily changing websites to monthly backups for the business page, which is only an electronic business card. A good practice is to make a website backup after every significant change to your site. You must also create a backup before a website or plugin update (or upgrade), except if it has been deployed and tested on a staging server. 

Best Practices for WordPress Backups

• Regular Backups: Schedule regular backups depending on the frequency of updates to your site.
• Off-site Storage: Store backups in multiple locations, such as cloud storage (Google Cloud, Dropbox) and local storage (external hard drives).
• Verify Backups: Regularly test your backups to ensure they are complete and can be restored without issues.
• Automate: Use tools and plugins to minimize the risk of human error and ensure consistent backup routines.

My hosting already does backups. Why do I need to do it? 

Many WordPress hosts provide site backup as part of their service and often have an automatic backup schedule (e.g., cPanel backup, web host backup, etc.). They offer managed WordPress hosting with

However, relying on an organisation with no vested interest in your company or business is not recommended. Even the biggest hosting providers can have catastrophic failures, losing all their data, sometimes irrecoverably due to a natural disaster or fire.

Read the story about the OVH server room fire

Hosting companies have limited resources for storing backups. They may only keep one or two versions of your website for days, weeks, or months.

Reasons you shouldn’t use hosting for your backups include:

• There is no guarantee that you will restore your website (check your hosting T&C)
• Most hosting providers deny any responsibility for backups of your website
• The process and quality of backups are out of your control
• You can’t set up an individual frequency of backups
• You don’t have a backup on demand (e.g. after a significant change on the website)
• Hosting-level backups (agreement) are costly 
• Hosting backups usually have limited functionality
• The host is doing backups using your storage space, which means you have a live website and backup files in the same place.
• You are losing independence; you already depend enough on your hosting provider as it is.

Examining your hosting platform’s terms and conditions more closely is a good idea. Backups are usually a complimentary service on shared hosting.

How to make backups?

There are several ways to ensure high-quality and up-to-date WordPress backups. Evaluate the methods below to determine which is right for your business.

Hosting Provider

Most shared hosting providers create backups of your website as part of their service. As discussed, that strategy comes with risks. You can always download the zip files to your computer to reduce the risk of hazards. You can consider using web host backups only when it is an additional service and personalised to your needs.

Manual Backups

You can perform a manual backup using different tools. It can be:

• FTP client and phpMyAdmin
• Hosting management panel (cPanel, DirectAdmin, Plesk, vDesk, Ensim, Ferozo)

You must understand how WordPress’s manual backup process works to perform WordPress backups successfully. 

How to do a manual backup?

Manual backup of your WordPress site is a simple process, and it can take a few minutes to a few hours, depending on the website’s size and internet connection. You need to prepare:

• access to your hosting account
• access to the website FTP (File Transfer Protocol)
• free space on your computer or external drive

To back up your site manually, you will need to use an FTP client to connect to your web host and download the contents of the directory containing all your WordPress files.

First, you will need to locate the root directory of your website in the file manager of your web hosting service. Then, you must back up all folders and files manually from the root directory. Backing up all files is the best way to do it because you don’t know what files were changed.

The second very important part of this process is backing up the WordPress database. You can do it from the hosting management panel or FTP, using phpMyAdmin or another tool.

Once you manually back up your WordPress site files and database, store a copy on an external drive or cloud service.

Backup plugins

There are many backup plugins you can use. WordPress backup plugins can help you handle your website’s automatic backups. These usually work on the site level. If you are an advanced user, you can perform a backup at the server level using Cron tasks and scripts. It is a better solution that doesn’t burden your website performance, but you must have sufficient server resources.

Backup plugins can save you much more time than manual backups. All plugin installation and settings are available from the WordPress admin panel.

Examples of popular WordPress backup plugins:

BackWPup

BackWPup is a WordPress plugin that backs up your entire site and stores it on an external service. It offers a range of features, including full website backups, scheduled backups, and cloud storage integration. This way, you can easily restore any website version with just one click!

The backup plugin BackWPup can save your complete installation, including /wp-content/, and push it to an external Backup Service, like Dropbox, S3, FTP, and many more. With a single backup.zip file, you can easily restore an installation. You can also set regular automatic backups to the chosen destination.

A simple-to-use WordPress backup plugin can help ensure your site is always secure and available when needed. This backup plugin has more than 700,000 active installations.

Some of the features of the BackWPup plugin include

• backup of database and files
• backup of your entire WordPress installation
• backup to Dropbox, S3, Google Drive, and more
• email notification of backup results
• backup schedule
• restore a backup from the BackWPup Dashboard

UpdraftPlus WordPress backup plugin

UpdraftPlus is the world’s most popular WordPress backup plugin, with over 3 million active installs. It simplifies backups and restoration of your WordPress site with just one click!

UpdraftPlus allows you to schedule backups easily and makes restoring your site easy. It has over one million active installs and simplifies the process of backing up WordPress posts, pages and assets, and entire websites with its intuitive user interface for beginners and experts alike!pages and assets, and entire websites with its intuitive user interface for beginners and experts alike!

The best way to protect your data is by backing it up and getting access through an account with one or more cloud providers. UpdraftPlus WordPress backup plugin has many options, including Dropbox, Google Drive, Amazon S3 (or compatible), UpdraftVault Rackspace Cloud FTP DreamObjects OpenStack Swift, Microsoft OneDrive SFTP SCP WebDAV Azure BC2 etc. The paid version also allows you to back up to Microsoft OneDrive, Microsoft Azure, Google Cloud Storage, Backblaze B2, SFTP, SCP, and WebDAV.

BackupBuddy

BackupBuddy is a paid backup plugin from iThemes. It is designed to simplify backups and restoration of WordPress sites. BackupBuddy includes easy migration tools to move WordPress sites to new domains or hosts.

Jetpack Backup

Jetpack is a plugin from WordPress.com that includes backup functionality. This feature is available to paid subscribers only. Jetpack VaultPress Backup is a plugin that gives you cloud-based backups for your WordPress website and one-click restores without needing to install the full Jetpack plugin.

BackUpWordPress

BackUpWordPress will back up your entire WordPress site, including your database and files, on a schedule that suits you. It’s a free and easy way to back up your website without hassle. It’s also under new ownership so that we will provide support for all of you Backup WordPress lovers!

Percona XtraBackup

Percona XtraBackup is an open-source backup utility for MySQL databases that performs non-blocking backups while the system runs.

BlogVault

BlogVault is a backup plugin for your entire WordPress site, including your database and backup files. It offers both real-time and scheduled backups.

Other backup plugins

There’s a long list of plugins; you can check it on the WordPress.org website.

What to do after backup a WordPress site?

After creating a backup, you need to download files from your hosting server and save them in an off-site data repository. Some WordPress backup plugins can integrate with cloud storage for off-site backups. Free plugins and paid pro versions are available.

For external tools, follow the user manual. Some services have paid pro versions.

Use a WordPress-managed service

Backups can often be a low priority when you’re busy running a company, and it’s easy to forget to do them regularly. Large backup repositories can also become hard to manage when you constantly rotate old backups to make space for new files.

Managed WordPress hosting can automate the entire site backup process, so you can always access a working WordPress installation if a disaster strikes. Another advantage of a WordPress maintenance service is that your files are stored off-site, which means they are safe if your host’s backups get destroyed or corrupted.

How good is your backup?

A backup is only as good as its ability to be restored. If you can’t restore it, it’s not a good backup.

Your backup strategy is critical to your ability to recover from data loss. A good backup plan will ensure you can get your data back in case of system failure or corruption.

There are many ways to back up your data; your best method will depend on your needs. However, all effective backup plans have one thing in common: they allow you to recover your data in the event of a loss.

If you don’t have a backup plan, now is the time to create one. Protect yourself from data loss by ensuring that you can always recover your most important information.

When was the last time you tested your recovery? 

If you can’t remember, it’s been too long. Regularly test your ability to recover data to ensure your backup plan is effective. This will help you avoid surprises and ensure you can always get your information back.

There are many ways to back up your data; your best method will depend on your needs. However, all effective backup plans have one thing in common: they allow you to recover your data in the event of a loss.

Where and how to store WordPress backups?

A backup file (or files) must be saved in independent and different locations from your hosting account to be unaffected by your WordPress website. Plugins that store backups on the client’s web server reduce storage space and expose backups to external threats.

The best practice for securing backups is to keep them in at least three different and independent locations. You can consider the following locations:

• Hard disks
• Solid State Drives (SSDs)
• Optical storage 
• Remote backup service – cloud storage services

The more locations you have for storing your backups off-site, the more your website will be

Website backup management.

Plan your backup strategy and detailed backup. Develop a written backup plan that tells you the following:

• What should you back up?
• What type of backups do you do: manual backups or automatic backups?
• Where will you store backups?
• What is the backup frequency (daily backups, weekly backups, monthly backups, etc…)?
• Who’s in charge of performing backups?
• Who is in charge of monitoring and testing backups?

Compliance security of backup data.

Data compliance ensures that sensitive data is organised and managed in a way that allows organisations to meet enterprise business rules and legal and governmental regulations. Check your local country or state rules regarding data compliance.

Backup checks and testing.

Manual WordPress backup testing needs a staging environment. This is to create a fully functioning duplicate of your site that can be tested extensively to ensure everything works well. 

Companies that use a staging environment can also use it to test backups.

It’s also essential to perform malware checks on your backups to ensure that files are free from infection. 

Key takeaways for website owners

Performing regular WordPress backups is crucial to website security and critical to your business. A WordPress site is a complex environment, and website backups and restores are complicated procedures for an inexperienced user. 

If you don’t have the technical expertise to perform these tasks, we recommend seeking professional help.

Managed WordPress backup providers offer regular backups and can restore your website if it’s hacked or crashes. Selecting a quality WordPress hosting is essential to securing your website.

We mentioned before that “Saving time by spending time” and developing a solid backup plan require time and money. This cost is far less than the long work of recreating data after a website disaster. 

If you’re an inexperienced user and don’t have a team of dedicated specialists, we strongly advise engaging our WordPress website care plans to perform this crucial task for your business.ss.

FAQ about WordPress backups