stop malware

Backup your website

I have a client whose website I made and for whose website I provide hosting.  I also offer a backup service where his website is backed up every day, every week and every month with 3 of each of those backups retained off site on Amazon S3.  So he has a backup going back 3 months plus.

I also make periodic site file and database backups of my hosting clients.

Why?

Here is a story of one client who needed those backups.

Problems start

On June 26 my client’s website showed a 500 error on a few of their pages.  When I went to look into the problem I eventually found that there were a number of files mixed in with their site files that were clearly from someone who had hacked in.  See below for a screenshot of what they looked like.

Attempted fix

I changed their hosting control panel password and restored their website from a backup from a few days earlier.

One of the most common ways hackers get into sites is simply logging in with a password, albeit one that was stolen.  It turns out this client had discovered a breach on their computers at their office some time earlier, which may have led to compromised passwords.  No one knows for sure how someone hacked into their website.

This fixed their website and so they were back in business.

Another warning

malware google emailOn July 7 I received an email from Google stating that:

We recently discovered that some of your pages can cause users to be infected with malicious software. We have begun showing a warning page to users who visit these pages by clicking a search result on Google.com.

and so on. See the screenshot for the full content of the email, (minus what I marked out to maintain privacy for my client).  Essentially they sent it to 8 email addresses @ my client’s domain name, figuring that someone would have one of them at least and receive their notice:

  • abuse@
  • admin@
  • administrator@
  • contact@
  • info@
  • postmaster@
  • support@
  • webmaster@

To confirm what was in the email, I went to google.com and searched for the page they indicated and when I clicked on that page from the google search results I was presented with a warning that stated:

Malicious code google warningWarning – visiting this web site may harm your computer!

Not what you want for your website.

This time took a fair bit more work.  First needing to review google’s documentation about what specifically they found and how to restore their ranking in the google search results once the problem was fixed.

Logging into Google Webmaster Tools for this client’s website allowed me to view more details about what was discovered on the website and on which pages.

Then I searched their site files again and found more files that were clearly from a hacker.

malicous code files

File names like s.txt, s.txt.1, and V9si40f are not part of my clients install, and you can see by the contents that they are not friendly.

So this time I spent more time looking through backups before re-installing.  I actually had to go back about 5 months to find a backup that appeared clear and safe to restore from.

And again we changed their hosting control panel password, along with all of the user passwords to the website and also all of their email address passwords since they had found that their computers had been hacked into previously.

Then I had to restore the new content to their site and update the site and the plugins on it because the 5 month old backup was, well, 5 months old.

What if I did not have a backup that far back if at all?

Fixing the website in that case would have been a much more complicated, much more time consuming and much more expensive undertaking.  With the backup I was able restore their site in less than an hour, (although it took a few more hours to do the research on what Google found, what needed to be done to fix the problem and how to restore my clients presence on google).

Luckily following the links in the original email from Google provided the needed steps to request a review of the site again by Google to have the site presence restored.

Do you have a backup plan?

I mostly work with WordPress.  There are a number of backup plugins you can use.  I have not reviewed them or tested them out.  I use a premium plugin called BackupBuddy to backup my client sites and have an account with Amazon S3 where I have those backups sent to.  Whatever you do, make backups.

Do you make backups?  Do you have any stories about getting hacked or about backing up your website to share?  Was this helpful to you?  Share below.

8 Responses to Backup your website

  1. Casey Friday August 23, 2015 at 2:30 pm #

    I currently use AutoMySQLBackup for all of my sites’ databases, and I manually do a wp-content backup once a week. Those are sync’d to my local computer with ownCloud.

    I’m still looking for the right mix of automation with cron jobs backing up wp-content folders, while not taking up all the space on my server.

    • David Tierney August 23, 2015 at 5:30 pm #

      Thanks for sharing that Casey! For me, I can also use that for some sites I have on other platforms that do not have the convenient backup solutions via WordPress plugins.

      • Casey Friday August 24, 2015 at 7:41 am #

        I tried a couple of the WordPress plugins for backup a while ago, but the PHP processes they spawned would slow my sites down to a crawl, so I decided to do only native processes on the Ubuntu server, rather than using PHP to back up. It definitely makes it a bit more complex, but it keeps the sites running smoothly with only heavy traffic to give them a workout. 🙂

      • David Tierney August 24, 2015 at 9:20 am #

        I run BackupBuddy via a schedule at night time when I am asleep and almost no one is on my site. I honestly had not checked how it affected my speed but just ran speed tests while backing up and the speed was about what I usually get in speed results.

  2. Sean August 22, 2015 at 10:03 am #

    Yep, I back up my site with Updraft Plus, as well as my Mac with Time Machine. If anything, those backups have saved my data from myself and the stupid things I sometimes do.

    • David Tierney August 22, 2015 at 10:22 am #

      Thanks for sharing Sean. I have not heard of Updraft Plus and will check it out. I also backup my Mac with Time Machine locally and with Backblaze remotely. One thing I like about backing up my Mac remotely with Backblaze is that when I am away from home I can pull any file from my Mac, that has been there more than a day, by logging into Backblaze via their app on my iPad. I have lots stored on Dropbox for sharing but not everything and that gives me access to everything easily and quickly.

      • Sean August 22, 2015 at 10:34 am #

        There are so many options to back up websites and computers and still I read horror stories of how people loose years of work because they cheaped out on a $100 2TB hard drive or $10/month for that 1TB of extra storage on Dropbox.

        I am currently driving a Landrover around Southern Africa with my wife where high speed internet connections are not readily available in a lot of the isolated places we go. So we have 2 external HD’s which we try our best to hide apart from our computers in the vehicle. I have also set Updraft Plus (free version) to automatically back up our website to Dropbox every day, even if we are not able to log into it. We may go days or a week or more without internet.

      • David Tierney August 22, 2015 at 9:34 pm #

        Wow, you are surely testing uncommon situations in need a good backup strategy. Watch out for the lions. 🙂

Leave a Comment. Join the Conversation!
Did that help? Do you have questions?

Pin It on Pinterest

Share This

Share This

Share this post with your friends!