In case you missed it, 2goodthings.com got hacked on Saturday. Luckily, I was able to restore from the history that my host archives, which took just a few minutes. If that had gotten hacked or corrupted as well, though, I’d have had to restore from my own back ups or pay a hefty fee to have my host do it for me.
Even though I was lucky enough to have a very easy recovery, seeing that black background with a grinning skull above a mysterious box that started generating text about “root access” replace my home page was pretty freaky. They definitely got my attention. As my Dad likes to say “Just because you’re paranoid doesn’t mean they’re not following you.” From now on, I am going to be über vigilant about protecting my stuff.
So, learn from my experience. If you don’t already have a comprehensive back up plan in place – not just for your computers, smart phones and smart pads, but for all those vital communications vehicles that other people host for you - do yourself a favor and make that a priority. Here are a few tips I’ve picked up along the way that may help:
- Contact your host and find out what their policies are. Do they maintain emergency back ups of your data? If so, how long will it take them to pull and restore it if needed? What will they charge for that service? The answers to these questions will help you determine how critical it is to maintain your own back ups.
- If you’re backing up the data yourself, follow the 3-2-1 system whenever possible. That’s 3 copies on 2 different types of media (e.g. DVD or Blu-ray and hard drive) with 1 stored off-site. You’ll find lots of good information about general back up principles on the Digital Photography Best Practices and Workflows site: dpBestflow.org. Though targeted at photographers, the information you’ll find here will work for anyone needing to back up their data.
- If you’re running WordPress, the database that houses your posts is stored separately from all the files that manage the administration of your site (theme, dashboard, style sheets, etc.). Make sure you’re backing up both. You’ll find a useful article about this in the Spring 2011 issue of the American Society of Media Photographers (ASMP) Bulletin. (Note:you may have to complete the free registration to read the full article.)
- To reduce the chances of getting hacked, make sure you (and your host) run all security updates and patches as soon as they’re available. WordPress users in particular should always run the newest version as they almost always include security updates.
I would love to hear of any other recommendations or resources for keeping sites and blogs secure so please share your experiences!