GitLab deleted the wrong database, but when ineffective backup solutions got added to the mix, the site’s system admins had to battle the perfect storm to get the site online. The takeaway from this situation? Choose your backup solutions carefully.
GitLab, the online tech hub, is facing issues as a result of an accidental database deletion that happened in the wee hours of last night. A tired, frustrated system administrator thought that deleting a database would solve the lag-related issues that had cropped up… only to discover too late that he’d executed the command for the wrong database.
What Went Wrong with GitLabs’ Backups
While the horror of the incident might have been mitigated by the fact that GitLab had not one but five backup methods in place, the problem was that all of them were discovered to be ineffective. Here’s a quick run-through of the different backup methods GitLab had, and what went wrong with each of them:
The LVM snapshot backup wasn’t up-to-date– the last snapshot was manually created by the system admin 6 hours before the database deletion.
The backup furnished on a staging environment was not functional– it automatically had the webhooks removed, and the replication process from this source wasn’t trustworthy since it was prone to errors.
Their automatic backup solution was storing backups in an unknown location, and to top it, it seemed that older backups had been cleaned out.
Backups stored on Azure were incomplete: they only had data from the NFS server but not from the DB server
Another solution that was supposed to upload backups to Amazon S3 wasn’t working; so there were no backups in the bucket
As a result of these issues, the system admins are struggling to get the 6-hour old backup online. The progress of the data restoration has been closely followed by well-wishers, and many have appreciated the website’s transparency, especially under such duress.
How to Identify a Good Backup Solution
It’s certainly freaky that all the five backup solutions that GitLab had were ineffective, but this incident demonstrates that a number of things can go wrong with backups. The real aim for any backup solution, is to be able to restore data with ease… but simple oversights could render backup solutions useless. A backup software should be effective to handle all types of issues and provide enough security. This is why you should watch out for the following traits in any backup solution:
Backup solutions should match your need In the case of GitLabs, automatic backups were made once in every 24 hours. Considering the amount of data being added every minute, however, real-time backups would have been perfect for them. While not being the best in terms of data-conservation, the last manual backup was performed by the system admin 6 hours before the crash, and so was the most viable option. Choosing the right backup solution for your need requires the consideration of the frequency of data-addition, the levels of user activity, and the server load.
Backup solutions should allow easy, quick restoration The problem with GitLab’s backups stored on its staging environment, was that the replication process was difficult to manage. When you’re already burdened with the responsibility of getting your site back up, you shouldn’t be worrying about the restoration process.
The backup solution should be completely independent of your site… in a known location In the GitLab situation, the problem was not knowing the backup destination. This isn’t a problem with WordPress backup solutions,since they usually store backups on your site’s server… or on a personal storage account (such as Dropbox, Drive or Amazon S3). However, this means most of the time, they either require you to access your crashed site for backups… or they store the API key to these accounts on your site (which poses its own problems). Both these options present Catch-22 situations of ‘site is down so need backups, can’t access backups because site is down’. It’s important for you to know all there is to know about your backup destinations.
The backup solution should backup your entire site Backups that only contain part of your site (such as GitLabs’ Azure backups) aren’t really reliable when your site goes down. In the case of WordPress backups, some solutions might backup your site except for custom tables (such as those installed by WooCommerce), so you need to be wary of such situations.
You should be able to easily test your backups The real problem with all the backup solutions GitLabs had, was that they hadn’t previously tested them… and hence had to give them a hard second look after encountering restoration-related problems. The real concern is that their backups weren’t discovered to be inefficient until they actually needed them. This is why testing backups should be a part of your backup strategy.
We’re all human at the end of the day, and the job of a systems admin, especially when overloaded with spam, can never be taken lightly. This is why backups exist– to have an easy ‘undo’ in case there ever is an error, and your site goes down, or data is lost. We can only hope that things go well for the GitLab team, as they rush to get their data back.
WordPress comprises two parts- files and database. WordPress core, plugins, themes, and uploads are saved as files. On the other hand, posts, comments, settings and users are stored as database. This article is a guide of how to manually backup WordPress database using phpMyAdmin. To know how to backup WordPress files check our article on how to manually backup WordPress files.
Why backup your WordPress Database?
WordPress database stores your posts, pages, users and other information. In short, all the content you put up on the site. Without backing up the database you’ll lose all the content and users’ information of your site. When it is time to restore all you’ll have is WordPress files with plugins and themes but no content.
How to Backup your WordPress Database?
Most web hosts have phpMyAdmin installed in their cPanel, so manually backing up your WordPress database is a simple 5-step process to download and backup the database on your entire site. In case you want to download specific files only, then you might have to go through a couple of more steps.
Steps to make WordPress database backup
Access phpMyAdmin through your cPanel dashboard. At this point, you’ll need to have your FTP details, username and password for the SQL database. Input the the username and password which was used to save your SQL database.
Clicking on WordPress (or whatever is the name of the database you wish to backup) in the left hand column on your screen must reveal the tables.
Click on Export among the tabs on the top of your screen. This must reveal two simple options- Quick & Custom.
Choosing the Quick option would mean making the default choice to backup your entire database.
If this is not what you want to do and you want to backup specific tables, then you pick the Custom option. Here is where the options kick in. Having completed Step 2 you must now see a list of tables. You can select the specific ones you want to download and backup.
Choosing the file format of the database backup. You can do this, regardless of which option you pick in Step 3. Data is available in different file formats. You can choose the default option- SQL or pick any of the other formats in which to save your WordPress database. Click on GO and you are done.
The download itself may take a few minutes depending on the size of your site. Remember, WordPress database backup covers only covers comments and users and so on. It is not a full backup of your WordPress site.
Reaching for your spare tire, only to find out that it is not working; or worse, that it is missing altogether is unacceptable. WordPress backups are a little more complicated than changing car tires and just like your car tires, there is a lot riding on them too. Your lifetime’s work or the hard-earned reputation of your business is at stake.
The number of WordPress (WP) backup plugins that are available in the market today must make it seem that problems regarding backups are a thing of the past. But, as we said, backups are complicated. A lot can go wrong when you are using stand-alone plugins (meaning ones that operate on the Software-as-a-Product model).
Many articles refer to how the SaaS model economically benefits the end user, however, there are many use-case benefits too. In this article we’ll look at some common issues with stand-alone WP backup plugins, and how a managed WP backup service is a better option.
Why Your WordPress Backups Will Fail With the SaaP Model
Installing the plugin is the beginning. Once installed, a stand-alone WordPress backup plugin must be configured. Very often people underestimate how backup plugins may become relatively labor-intensive and accrue more expenditure over time. These may come in different forms including add-ons and premium account features that may be essential to your business.
Some problems you may run into when you’re using a stand-alone WP backup plugin include:
Getting Started: Once a plugin is installed, a remote backup destination must be selected. You can select services like your Google Drive account, Dropbox, or Amazon S3 servers. After this, you must input the login credentials of those accounts.
Add-ons: To get the desired setup for your backups, your plugin may require that you buy an add-on. Add-ons can soon build up to become a considerable list. While calculating the cost of a plugin, add-ons must be accounted for, in order to get a fair estimate.
Saving backups in more than one destination may need an add-on, and extra charges may be applied.
Other features like encrypted backups of your website’s database may not be available unless you pay more for add-ons or upgrade to premium accounts. This means your backups are not really secure even after investing all this time, energy and money.
Tracking: Ensuring that backups are happening is important so that you know exactly what resources you have to draw upon in your hour of need.
If you’re storing backups on your Amazon S3 account, it needs to be configured to send you notifications when backups occur or when changes are made to files (these are called ‘event’ notifications).
Otherwise, you may have to pay more to your plugin company for email notifications. An alternative option is to login to WP website dashboard each time.
Key to Your Backups: While backing up your website to your Dropbox account or your own Amazon S3 account, most plugins store a copy of the API key/S3 access key on your WordPress site. The key is how the WordPress backup plugin on your site accesses the backup destination. This may not be in keeping with best practices of performing WordPress backups. In such cases, a hacker who has access to your site, may also have access to your backups via the security key.
Know-how: Managing your own Amazon S3 account requires you to know how the account stores your information (buckets, objects) and other points like access control, and versioning so that you can make sure that your data is secure.
When You Need to Restore: Apart from all these points, when you need to use your backups to restore your site, you’ll need to unzip the folders and manually restore the files correctly. This may not be the best option for everyone.
Storage Options: The plugin company may provide storage space. This option, like in the case of Amazon S3 servers, is an extra charge over the plugin that you must bear. It is a recurring cost to you, which must be paid periodically (monthly/quarterly).
Like we mentioned backups are complicated. If for any reason backups stop happening or problem occurs, then it is important that you’re notified immediately. For example, an error in the plugin has stopped it from backing up your site without notifying you. Otherwise if you have exceeded the storage limit of your backup destination then backups may stop occurring. Regardless of the scenario immediate notifications are very important.
The burden of solving all of these issues; on top of running your business/blog, fall on you, when you purchase a software product.
Regardless of the cause, the net result is that you’re stranded on the freeway, with no (usable) spare and your tire is a software product. This means, it’s likely that you may not have anyone to call for ‘tech support’. This is not a scenario you want to be caught in when you look for your backups.
Now consider that an expert is looking after your tires, maintaining the air pressure, checking the rims and upgrading the tire as the weather and the terrain changes; along with making sure that it is in the boot of your car. This would simplify and enhance your business, wouldn’t it?
How to Ensure That Your WordPress Backup Always Works
And, how can the SaaS model solve the issues mentioned above, for you?
When you get a subscription to a software, you are getting a service. A team of experts are managing and maintaining the software and the hardware. They are responsible for granting you access.
Let us clarify, SaaS doesn’t mean that there is no need to download and install a plugin. As in the case of BlogVault, the plugin can be very light as all the complexity sits on the provider’s server, where the heavy-lifting is done. For the user this means:
Zero-configuration: Install the plugin and it begins its work. You are ready to use BlogVault from the moment your subscription is active. The backup process starts automatically when you first login.
(This is the main reason this list is relatively short. Remember the long list of configuration issues with standalone backup plugins? Web-hosted software means, all of that responsibility for the managing the plugin and off-site storage is off your hands. Everything is covered for in the subscription.)
Lesser load on the site, better performance– Site performance and page load times are crucial to delivering good user experience cannot be overstated, as even marginal differences show measurable changes in results.
Rapid Updates: Updates happen mostly on the service provider’s server, reducing the frequency of updates required on your site.
Backups are safe even when your site is compromised: Backups; because they are completely independent of your website, are accessible even when your website is down. You don’t need to get your site running to access your backups.
Incremental Backups: This means large sites are also completely backed up without hassle. Backing up only the changes means faster and more efficient backups.
Expert Tech Support: A team of experts maintain the software and the hardware. You can not only count on tech support, but know that the team can be highly responsive as they are maintaining the backups themselves. This can help at times of Test Restore, Auto Restore and Migrations. For more on these features you can check out BlogVault.
Now you know the differences between SaaP and SaaS models in the context of WordPress Backup. Make an informed choice that gives you the most scope for developing your business, without adding to your task list or financial burden.
Testing WordPress backups is simply a necessary part of a good backup solution. However, testing multiple backup versions can be a technical and cumbersome. (Find out) How to best test WordPress backups?
The Problem: How Do You Know If Your Backups Work?
One of the most important tenets of a backup solution is the ability to test the backups. Backups serve one main purpose– restores. When your site goes down, the worst that can happen is that, at the time of restoring your site you find out that the backup is not proper.
The one way to avoid that problem is to regularly test your backups and to definitely test your backups before you restore them. The one reason why many may not venture to do it is simply because testing backups is not always easy.
Backups Can Go Wrong: Testing Backups is Important
Testing backups, however, is a very important part of having a robust backup solution. This is because, a number of things can and do go wrong with backups; and the consequence is that you cannot restore your site quickly and efficiently. What is the point of having a defunct spare tire when the tire on your car gets punctured?
Running out of storage space, leaving out necessary or important files are only some of the things which can affect your backups and eventually your site. When you use a backup solution; like a WordPress backup plugin, or the backups provided by your hosting service, you never really know if the backup contains all the files or even if the backups have happened correctly. You may say that you are getting notifications but that does is not the same as verifying that backups are occurring properly. Even when you download a backup it is generally in a .zip folder. How can you be sure that the .zip folder will function correctly once the backup is restored?
Restore Only After Testing WordPress Backups
Trust is a big aspect of online business. A survey says that 88% of respondents don’t trust sites that crash often; and only 12% of respondent will wait an additional 5 secs for your site to load. This means your restore must be quick and you should also be sure that your site will function correctly.
A WordPress site functions on a mixture of plugins and themes; together they form a precariously balanced ecosystem– your WordPress site. Many times, when something on your WordPress site is not functioning correctly it may not be a direct result of an update or a newly installed plugin. If it is so, then it is easy to pinpoint the problem. However, it is rarely that simple. Sometimes, the problem surfaces after a few days or even after a couple of weeks. Chances are that you have done a few changes to your site in that time.
Let us say that you have
Updated some plugins
Installed a new theme
Installed 2 new plugins
These changes are all spread over different versions over the last month. The challenge is to pinpoint the change which caused the issue. You can’t set up a separate environment to test all of the versions. It is simply not feasible. On the other hand if you restore without testing the probable backup versions you will end with the same problems as before.
The Challenge: Testing Backups is Technical & Laborious
To test backups you need an environment to which you can upload the backup and test it. This means you will need to:
Create a testing environment
Set up a new URL
Restore the backup to that environment
All of this is laborious and technical work. Engaging in this activity along with your everyday business is cumbersome. Even if you go through all the trouble and test your latest backup version. If that is not working as properly then you have to go down the list testing each version. This means you may not test your backups; or at least not test all the backup versions of your website. It is important to test all the backup versions because you never know which one you’ll need at the time of restoring your site. The more difficult a task gets the less we seem to engage in doing it.
Even if you’re willing to take on the task, there is one more point to consider. Once the testing is done you’ll need to find a way to get rid of this environment. Otherwise maintaining it will become another chore on your task list. This is not ideal.
The One-Click Solution
A backup solution must make it easy for you to test your backups instead of creating additional hassles. A solution which allows you to test backups must make it feasible to test multiple versions; and this is the marker of a good testing environment.
BlogVault offers the Test Restore functionality, an option to test any and all of your backups versions with a single click. An exact, fully functioning copy of the site is generated from the chosen backup version, and loaded to BlogVault’s test servers.
BlogVault maintains at least 30 versions of your WordPress site’s backup. You can choose any of those versions to ‘Test Restore’. Once the backup version is chosen it is loaded to Blogvault’s test servers.
In this environment you can not only test how your backup will work once it is restored but also test what happens if you make changes. After the backup is uploaded to BlogVault’s test servers, you’ll also receive the SFTP credentials to the ‘test site’. This way you can also test any updates or changes you want to make to that particular backup version. It is completely independent of your live site, and fully functioning. In other words, ideal testing conditions for your backups.
BlogVault’s Test Restore functionality is a pain-free solution.
Streamline Testing with Backup Descriptions
If you are using the BlogVault service then you can track the changes easily. Each backup version has a description. This allows you to know not only the date and time of the backup, but also what has changed in the site since the last backup. These changes may include
Number of files
Number of tables
Updates to plugins, themes, WP Core
New plugins or themes installed, etc.
You can possibly narrow down the backup versions to be tested. Once the shortlist is ready, you can then test them all; as mentioned, with a single click.
Updating WordPress is something that every site owner has to do, at least for WordPress’ security updates. Automating updates seems like the easy way out, but how do you know if your WordPress site is compatible with, and needs any other updates?
Every new WordPress site owner faces a conundrum when it comes to updating their WordPress site. Even if you only have to click on ‘update’ to update the sites, there are so many updates happening so frequently that simply updating might seem like a gargantuan task. This is why automating the process might seem like an easier route to take.
What Does it Mean to ‘automate’ WordPress Updates?
Ever since version 3.7, WordPress has allowed security and translation updates to happen in the background of every default installation, but this doesn’t include major and add-on updates… Which means a huge chunk of updates are still not performed. This is why choosing to perform automated updates on your WordPress site is a tempting choice. Moreover, it’s an option that can be carried out in a number of ways. It means every update on your site would happen automatically. You wouldn’t be shown notifications, wouldn’t need to click on ‘update’ everywhere, and you can stay at peace.
Making this decision isn’t as easy as it sounds though, simple because of the consequences it might have on your site. This is why we’re going to break it down for you.
The Pros of Automating WordPress Updates
It reduces your workload
Automating updates for both WordPress Core and add-ons on your WordPress site isn’t recommended, since any of these updates could contain changes that might cause your site to crash. But even just automating WordPress’ major core updates would reduce the amount of work for you as a WordPress site owner, since you would only have to worry about the add-ons.
It makes your WordPress site better in every way
WordPress updates allow the addition of new features and security patches for known vulnerabilities, thus making WordPress sites more functional, and secure. Automating your site to update, therefore, would help your site be more functional for your site’s visitors and users, as well as more secure for everyone.
The Cons of Automating WordPress Updates
There are a number of downsides to automating updates on your WordPress site, but the extent to which this might affect your site negatively, depends on what you choose to update, and how you choose to do it.
Your WordPress site could crash
Depending on the functions, and the scale of the changes in the updates made (whether to WordPress Core or to add-ons), your WordPress site could crash.
If you automate WordPress Core updates, there is a possibility of the old add-ons on your site not being compatible with the Core changes. As a result, your site could crash.
Automating add-ons is not recommended. This is because there are thousands of different plugins and themes, and although they’re coded to be compatible with WordPress, they’re not all coded with each other in mind. This means your site could crash with the update of any one plugin or theme.
The aftermath of WordPress crashing takes time to fix
If you choose to configure your WordPress site to automatically update via code, and not a plugin or a service, you’ll have to make changes to your site’s wp-config file. This can be daunting, and can take time for a novice.
Moreover, no matter why your WordPress site crashes, you will have to restore it to a recent backup, and figure out which update caused your site to crash… which again will take time.
Automated updates with Managed WordPress Services have consequences too
Using managed WordPress services (those that update your WordPress site for you as a part of maintenance or hosting services) might seem like an easy option, but it also has a number of consequences.
If you have chosen to enable automatic updates with a managed WordPress service, they will email you with the update schedule. In this case, you will have to check all the elements on your site for compatibility before approving the update.
If an element on your WordPress site is not compatible with an update, you will have to ask your WordPress manager to postpone the update until you fix the issue.
It is added trouble for you as a WordPress site owner, if you can not fix the issue causing incompatibilities by the time managed WordPress services force updates on your site. This would mean that your site would break, and you would have to restore it to a previous backup that is recent enough. If you own an e-commerce WordPress site, this isn’t an option, because of the constant input of data on your site.
Deciding to automate the updates to be made to your WordPress site isn’t an easy decision, especially if you don’t know your WordPress site inside-out. However, it’s something that every WordPress site owner has to do, a least for WordPress’ security updates. Learning whether your WordPress site needs any other updates to be updated is a time-taking experiment, but it’s one that will pay off in the end. The only way to make sure that your site is safe, is to rely on an intelligent, secure backup solution to create backups before you perform any update or make any changes to your WordPress site.
Over the past few months, we’ve been working on a number of changes at BlogVault. Not only do we have an improved UI, we’ve also got a bunch of new features that are bound to make managing your WordPress site a lot easier, and secure.
BlogVault has got a new dashboard that is better in every way, from allowing users to access our features for intuitively, to providing more than just backups.
Let’s take a look at a few of the changes, shall we?
Your BlogVault dashboard now has two major areas:
Each area has specific functions, and together provide:
Ease of Use
BlogVault’s new site listing feature helps you see all the sites you’ve added to your BlogVault dashboard. From this part of the dashboard, you can filter sites based on their status:
‘Active’ sites are those that have the BlogVault plugin installed on them, and use the plugin regularly.
‘No Plugin’ sites are those added to your dashboard but haven’t got the BlogVault plugin installed. (This could also be because of a problem during installation.)
Sites that are ‘Unreachable’ are those that have the plugin installed, but our servers are unable to reach, due to a connectivity error, or probably due to firewall or network settings.
‘Hacked’ sites are those that the BlogVault plugin has detected malicious files on.
We built in this categorization of sites to help you see exactly what’s going on with your sites at a glance. Moreover, the Site Listing page also allows you to find a particular site, based on tags that they might have (more on this later).
Easier Account Control
With our revamp, we’ve also changed your account and billing settings so they’re easier for you to manage.
Everything related to your BlogVault account is easily accessible, and easily changeable too from the ‘My Account’ drop-down. You can change anything about your account, from your email address to the BlogVault subscription plan you’re on.
Optimized for Teams
This brings us to our other new addition: the option to add team members to your BlogVault account. Our new Account settings allows you to manage a team that can handle every aspect of backup, management and security of the sites linked to the BlogVault account.
New, Improved Features
BlogVault now comes as a comprehensive package that allows our customers to backup, manage and secure their websites in every way. All you have to do, is to click on any one active site from your Site Listing page.
As you can see, we offer you WordPress backups, but also management and security settings that help you manage and secure your WordPress site. While the old UI allowed you to see all the features on the right in a sidebar, we’ve revamped BlogVault to let you to see it all under each option (Backup/Management/Security).
Our backup features have always been functional enough to rely on completely, but with our new UI, they’re more accessible, and easier to use.
The History tab has been given a full revamp, and allows you to see the last 30 backups made of your site more clearly. You can see exactly what happened with each backup, and add notes more easily as well.
Again, as you can see, you can select any backup version you have and choose to migrate, test restore, or automatically restore from it. You can also upload any version to Dropbox, or add a notes to help you differentiate versions.
Download Backup / Upload Backup
Both ‘Download Backup’ and ‘Upload to Dropbox’ options are very different functions, but have a single form, that requires the following:
The backup version you would like to download (or upload from)
Your site’s database credentials
Your hosting server’s credentials (which come under Advanced Options, along with the next option)
A choice of whether you’d like to store either tables and files, only tables, or only files from your WordPress site
There is also a section that requires your HTTP Authentication credentials, which are your WordPress site’s credentials.
The ‘Migrate’ option allows you to easily move all your site’s content and functionality to a different domain name or a different hosting service. All you require for this option, are the FTP credentials of the new site/domain/hosting service you’d like to move to.
Perfect for when your site suddenly goes down, the ‘Auto Restore’ backup option has the same form to fill up, except that it requires the FTP credentials of the site you’d like to restore (which is your current site).
As you can see from the previous screenshot, we’ve also got a handy FAQ section on the right for all migration and auto restore- related FTP questions, so you have all the answers at your fingertips.
This option creates a test-environment (a replica), based on the latest backup version of your site, complete with the links, videos, images, and everything else on your site. You can click on these links, and they’ll work like they would on your site. Once BlogVault is done creating this test-version of your site, we mail you the link you can access it on, along with its FTP details, so you can experiment and see if you want to make any changes to your site.
If you’d like to make a Test-Restore of a different backup version of your site, you’ll have to go to the History tab, select the desired backup version, and then restore from it.
BlogVault automatically backups your WordPress site every 24 hours, but if the backup schedule is just too far away (such as when you want to make an instrumental change but want to make a backup just before), this option comes in handy.
The Backup Now option also shows up on the Management and Security functionalities (just look for the following icon):
This allows you to backup your site before making any changes to it.
From allowing you to manage your WordPress site’s users to helping you update the plugins and themes on your site, the Management feature allows you to manage your WordPress site to be secure against threats.
You can manage all the plugins and themes installed on your WordPress site from this option. This means you can see the version you have of each, as well as whether to update specific add-ons, or all of them.
With the ‘Manage Users’ option, you can remotely delete, or change the role or password of those who have access to the site, without having to log in to your WordPress site’s dashboard.
We also have a Security feature that allows you to harden your site and clean your site of malware. The Security feature helps you harden your WordPress site, as well as to clean malware and hacked files with a single click. Moreover, since our scanner is built to be accurate and intelligent, it detects the most complex hacks, without raising false alarms, or alerting you of ‘possible hacks’.
The BlogVault dashboard now features hardening settings under the ‘Secure Site’ feature. These are settings recommended by WordPress, that help make your site more secure against hacks. We’ve categorised these settings into two sections: Basic, and Advanced.
Here is a look at some of the basic security fixes:
The advanced security fixes require some caution though– even if they can’t break your site, you won’t be able to install new plugins or themes on your site if you have them enabled.
The convenient thing about these settings though, is that to enable (or disable) these settings, you have to only select the ones you’d like to enforce or remove, enter your WordPress site’s FTP credentials, and select the folder that your WordPress site is installed from.
This option only appears when you have a hack on your WordPress site. It identifies the hacked file for you and pinpoints it, so you can look specifically at that one file, if you want to. If you’d rather just clean out the hack with a single click, you can do so by clicking on the ‘Auto Clean’ button.
Another feature that only appears when you have a hack, the Auto Clean function helps you remove malicious code on your site with a single click. Since we’ve built our cleaner to even identify complex hacks, you can choose to remove them immediately, without technical assistance.
Once you click on the Auto Clean function, you are taken to the form asking for your WordPress site’s FTP details.
Once you enter your WordPress site’s FTP details, your site will be cleaned.
One of the most revolutionary additions to our dashboard, the ‘Scan Now’ feature allows you to scan your site for hacks at any given point of time. Our malware scanner looks for hacks based on the actions the code performs, rather than signatures, or keywords. So no more backdoors, or recurring hacks. Before scanning your site, we run a backup so you always have the latest version of your site to fall back on.
We’ve tried to make the new dashboard as functional as possible. One of the steps we’ve taken in this direction, is the addition of ‘Quick Links’ that help you download backups, migrate backups to a new location, or restore it with a click. This section also has ‘Resources’, which help give you a quick snapshot of everything you need to know about your WordPress site. Perfect for emergencies, the icons for these functions, and the information related to your site, are right under your site’s thumbnail, on the Site Details page.
Since these features are in-built into BlogVault’s dashboard, we backup your site automatically before making any changes to your WordPress site. This makes it a comprehensive solution to help you manage your site in the most secure way possible. BlogVault has always been focused on giving our customers the best experience, in the most reliable, sensible way, and we hope you’ll find our new makeover to be as practical as we intended it to be.
WordPress site owners are constantly asked to update their sites. But keeping track of updates is incredibly difficult, because of the frequency and number of updates to be made. This is why automating updates might a useful practice.
If there’s one piece of advice in the world of WordPress for site owners, it’s this: update, update, update. Updating WordPress is easy in theory, especially since all site-owners receive notifications about core and plugin updates. When it has to be put into practice, though, updating WordPress is its own beast. Not only might updates break WordPress sites; they might also cause incompatibilities, and be impossible to undo as well. This is why it’s important to always have a reliable backup solution for WordPress sites.
Updating WordPress is an important task though, because of new features that might impact user experience, but also security updates that help against major vulnerabilities. However, with WordPress receiving updates very frequently on the Core as well as the add-on front, it is difficult to keep up with all the changes, and apply them. This is why automating updates on WordPress sites might be a workable solution for you as a WordPress site owner.
Types of WordPress Updates
While updates for WordPress add-ons have both developmental as well as security updates, updates for WordPress core perform different functions. Based on these functions, WordPress Core updates can be categorized into:
Release updates, which contain both Major and Minor releases.
Major updates contain developmental changes including the addition of new features, or changes to core technologies on WordPress. Every major release is named after a major jazz musician.
Minor updates contain security patches and fixes. As a result, they are highly recommended, and are automated by default on every installation of WordPress. Every WordPress site is recommended to run these updates since they contain important security updates that keep WordPress sites safe.
Developmental updates, which are only for the changes that might be unstable– these updates are what future developments are built on. Also known as ‘bleeding edge’ updates, they are only meant for sites running the developmental version of WordPress.
Translation updates (which are language packs), and come in handy if your WordPress site has multilingual support.
Depending on your comfort-level with code, and the time you’re willing to spend maintaining your site, you could automate your WordPress site’s updates manually, with the help of a plugin, or via managed WordPress services. Every method has its pros and cons, so it’s best to choose one with careful thought.
Automating WordPress Updates the Manual Way
This method will require you to make changes to your WordPress installation’s core files.
How to automate updates to WordPress Core the Manual Way
Updating WordPress Core includes making changes to the wp-config.php file.
WordPress contains a parameter called define( ‘WP_AUTO_UPDATE_CORE’) in the wp-config file. The value you assign this function determines WordPress release update is automated.
To Automate All WordPress Core Updates
Assign the value ‘true’ to the above function, as demonstrated:
define( ‘WP_AUTO_UPDATE_CORE’, true );
This will enable the automation of all release updates, developmental updates, and translation updates on your WordPress site.
To Only Automate WordPress Core Minor Release Updates
As mentioned, WordPress automatically makes Minor release and translation updates to your site. However, if you disabled all automatic updates by assigning the above function the value ‘false, you would have disabled Minor updates too. Just assign the value minor to the same function above, instead of true. This will disable all updates other than Minor updates, which keep your WordPress site secure.
Here’s how you do it:
define( ‘WP_AUTO_UPDATE_CORE’, minor );
How to Automate Updates to WordPress Add-ons the Manual Way
Automatically updating add-ons isn’t recommended by WordPress, since the developers’ updates might work for that plugin/theme, but might be incompatible with other add-ons or elements on your WordPress site. However, if your WordPress site is simple and has very few plugins/themes that are compatible with each other, it might not be as big a problem.
In order to manually configure your installation of WordPress to update plugins & themes, you have to make modifications to a filter called auto_update_$type, found in the wp-admin folder. The value assigned to $type determines which WordPress add-on is updated automatically.
To automatically update all plugins on your WordPress site, the filter must read:
The code isn’t complex, so it’s beginner friendly.
Manual automation is free.
WordPress site owners won’t have to install an extra plugin just to keep their site up to date.
Cons of Manual Automation of Updates
The changes have to be made to the WordPress wp-config.php files and the wp-admin folder. This might make some WordPress users uncomfortable, especially since changes to the WordPress core files are not recommended.
Making the changes to code might require some time, especially for WordPress novices.
If your site crashes with any update, you will have to check your site’s status after disabling each update manually.
Automating Your WordPress Site with Plugins
This method comes in handy for WordPress site-owners who do not want to tinker with code themselves, and don’t mind installing an extra plugin on their site. A couple of examples of plugins that help automate updates, are Advanced Automatic Updates, and WP Updates Settings.
How to Use the Advanced Automatic Updates Plugin
Step 1: Install and activate the plugin.
Step 2: Locate the plugin under your WordPress site’s Settings tab, and click on it.
Step 3: Check the kind of updates you would like to automate on your WordPress site.
If you would like notifications about these updates to be sent to an email address other than the one of the site owner, you can enter it here:
As you can see, you can also disable email notifications about the same, and request for debug information (in case you’re running development updates).
How to Use the WP Updates Plugin
Step 1: Install and activate the plugin.
Step 2: Just like for the Automatic Updates plugin, locate the Updates tab under your Settings tab, and click on it.
Step 2: Choose the kind of WordPress Core release updates you would like to automate on your WordPress site.
Step 3: Choose whether you would like to automatically update add-ons on your WordPress site.
Step 4: If you’d like translation and developmental updates, click on the appropriate check-boxes.
Pros of Automating Your WordPress Updates With a Plugin
These plugins do the work for you: you don’t have to manually tinker with any code; they’ll do it for you.
Most plugins that automate WordPress sites allow you to enable or disable different updates with a single click.
Cons of Automating Your WordPress Updates With a Plugin
This will require you to install an extra plugin just for updating your WordPress site.
Some plugins only update WordPress core, while others will allow you to update add-ons as well.
You, as a WordPress site owner, will still need to weed out problems if your site crashes with updates.
Using Managed Services to Automate Your WordPress Site
There are two types of managed services you could use to automate updates on your WordPress site: managed WordPress hosting, and WordPress support and maintenance services.
Managed WordPress Hosting
These services help manage your WordPress site’s hosting issues, as well as a few issues related to your WordPress site as well. A couple of examples of managed WordPress hosting services/ managed WordPress hosting providers are Flywheel, and WP Engine. These services automate the update of your entire WordPress site, but after the following steps meant to benefit you no matter the state of compatibility of your WordPress site:
The hosting provider checks their systems for compatibility with WP updates (whether this includes both core and add-on updates depends on the web host).
They then mail you beforehand with the dates for your WordPress site’s update.
Every managed hosting service performs a backup of your WordPress site before the update. Only after this do they perform the update.
Once they perform the update, they check for issues.
If your WordPress site is not compatible with the update, the managed hosting provider restores your site with the backup that they made.
The service then mails you about the status of the update (successful/unsuccessful, and reasons if unsuccessful).
If you’ve tested your site and found it incompatible, you can ask certain web hosting services to postpone updates till you fix the issue at hand.
Plugin and theme updates are not done automatically by managed WordPress hosting services, simply because different plugins have settings that might conflict with each other and break your site.
If you’d still like to automate the updates of add-ons, you can get in touch with your WordPress host about the same.
Since each managed hosting service has different terms and conditions, and pricing plans, it is recommended that you read their documentation carefully, and then get in touch via email or from their in-website chat support.
Pros of Using a Managed Web Hosting Service With Automatic WordPress Updates
You, as a WordPress site owner, don’t have to fiddle with the WordPress core files.
Your WordPress hosting service tests and runs WordPress updates for you.
Cons of Using a Managed Web Hosting Service With Automatic WordPress Updates
Managed WordPress hosting comes at a price.
These services don’t take care of all the issues that might come up during updating your WordPress site. If your site has certain customizations that makes it incompatible with WordPress updates, these services might mail you asking for you to seek a professional developer’s assistance. This means even if you’re paying a premium price for managed hosting, you might also have to hire a WordPress developer separately.
WordPress Support and Maintenance Services
WordPress support and maintenance services (such as WP Curve, WP Maintainer, and Valet), are perfect for super-busy site owners who can afford to have a full-time service just for maintaining their WordPress sites. In terms of updates and maintenance, these services usually perform the following functions:
Core and add-on updates.
Support/repairs in case of incompatibility.
Audit of the security and maintenance of your site so the chances of it breaking upon update are reduced.
Regular backups to rely on in case of incompatibility with any update.
Similar to managed WordPress hosting services, it is recommended that you go through the list of their offerings, (and their pricing plans) carefully. All you have to do after that, is contact them over email, or from their respective websites.
Pros of Depending on WordPress Support and Maintenance Services
Since you are paying these services specifically to maintain your WordPress site, you can expect them to solve any problems you might have while updating your WordPress site.
You need not hire a developer to this end.
Cons of Depending on WordPress Support and Maintenance Services
These services come at a premium price, and usually require you to pay more in order to fix issues that might come up during updates. Each service has its own pricing plan.
A number of maintenance and support services do not provide free support, so if you run into issues with your site, it might be expensive to get them sorted out.
Automating your WordPress site might seem like an easy fix that will help your WordPress site stay up to date with security patches and new features, but it also comes with many caveats. Not only might updates your site break, but they might also be difficult to undo. This is why it is imperative for every WordPress site owner to maintain a recent, secure backup of their WordPress sites that can be relied on.