Top Six Best Practices For Data Backup

Data Backup Best Practices
Your data is of paramount importance. No matter whether you store sensitive customer data for your ecommerce business, or you simply have oodles of cat videos, no one wants to wake up one morning and discover that their data is gone. Due to the nature of ever-evolving online attacks, it’s impossible to guarantee that your data will never be hacked or corrupted. The only way to fully protect yourself is to regularly backup your data so you can fully recover in the event of a disaster. Follow these top six best practices from our Heroic Support™ team when choosing your ideal backup solution to guarantee data will be safe and fully recoverable.

  1. Use Remote Storage

    A key factor in your backup solution is remote storage. Backing up your data and storing it on the same disk as your original data can be an exercise in futility. Off-site, or at least off-server, backups will remain viable even if your main server is compromised, allowing you to fully recover your data.

  2. Take Backups Frequently and Regularly

    Prevent loss of your critical data by ensuring backups are taken frequently and on a regular schedule. Determining how often your data is updated can help you create a schedule of how frequently your backups need to be taken. Critical data that is updated constantly will need to be backed up more regularly – even hourly, whereas more static data may only need nightly or weekly backups.

  3. Consider Retention Span

    After determining the frequency you will back your data up, it’s also vital to consider how long you will retain each backup. Keeping every backup indefinitely isn’t feasible simply due to an often limited amount of space. Most backup solutions offer a series of retention schedules, such as keeping hourly and daily backups for a week, weekly backups for a month, and monthly backups for a few months or even years. This type of schedule allows for having multiple, recent backups in the instance a recovery is needed. Good business practices include retaining certain backups, such as monthly or bi-annual, for as long as possible, if not forever. In addition, we recommend researching your industry’s data retention standards and requirements. Certain industries, such as healthcare or finance, will have strict requirements for backup retention.

  4. Keep Backups Encrypted & Protected

    It’s not enough to simply backup your data in an off-site location. Encrypting your backup files is an important step in data security. Backup encryption during storage ensures that your data will be exactly what you expect in the event you need to recover it.

  5. Store Backups on RAID Arrays

    For extra redundancy, your backups should be stored on RAID arrays. Distributing your data across two or more drives in a RAID array allows for better performance, reliability and larger data sets in your backup solution. This can also help ensure your stored data will be protected from the failure of a single disk.

  6. Stack Your Backup Solutions

    Because backup solutions will differ in how they treat your data, it’s best to use multiple solutions. For example, Liquid Web’s Guardian and Storm® backup solutions take backups of your entire server and store them in a secure and remote location. Alternatively, cPanel backups (available for every cPanel user) only take copies of your cPanel account and can be stored either locally (which is not ideal) or remotely. cPanel backups can be especially useful for those users who have multiple accounts on one server but only need to restore one account. Due to the different benefits of both solutions, our Heroic Support™ team recommends backing up both full images of your server in addition to smaller snapshots of your cPanel accounts. Stacking your backup solutions in this manner will ensure you can be sure that your data will be recovered as quickly and efficiently as possible, no matter what kind of disaster hits.

There are many backup options to choose from depending on your server type and business needs, but these six best practices should help you choose the best solution for you. If you’re looking for additional assistance with setting up backups or choosing the best solution for you, our Heroic Support™ team is available 24-7-365 to answer any questions.

KB Weekly Wrap-Up 3-27-15

Knowledge Base Weekly Wrap Up 3-27-15Make sure you regularly check our Knowledge Base for help with any of your technical needs! Articles are posted daily that feature helpful how-to’s and explanations on the latest web hosting topics. This edition of our weekly wrap-up features the CVE-2015-0235 vulnerability, MariaDB, WordPress, glibc, and instructions on how to check the version of your Ubuntu and CentOS installs.

Don’t see what you need to know? Contact our Heroic Support® team and we’ll help! If you’d like to request a specific article for our Knowledge Base, let us know at support@liquidweb.com.

Top Three Things Liquid Web Loves About March Madness

NCAA March Madness 2015
It’s that time of year again: basketball season! It’s hard to escape the constant stream of chatter around the office water coolers about the upcoming March Madness tournament. At Liquid Web, we love March Madness for a few reasons, not the least of which is an appreciation for the sport itself. Further enforcing our love for March Madness, there are also numerous ways that the tournament relates back to the web hosting industry. March Madness makes us think of databases full of statistics, streams of traffic being expertly balanced, and gives us even more opportunities to collaborate with our fellow Heroes.

  1. Databases Full of Stats

    In the old days of March Madness tournaments, the sheer amount of information that needed to be sorted through to generate brackets created quite the barrier to entry. These days, highly available server clusters use giant MySQL databases to store March Madness results. This not only saves time and brain power for participants, but also opens up the brackets to be played nationwide. This technology allows anyone with the slightest inclination to form their own March Madness pool. Practically anyone can create a bracket, invite friends to join in, set their picks, and then sit back, letting the databases and servers do all the hard work. We love it when technology makes life (and basketball) easier.

  2. All About That Traffic

    During the few weeks that encapsulate March Madness, any website providing brackets or related data (particularly March Madness Live) sees an exponential increase in traffic. Visits to the March Madness site alone added up to over 220 million in 2012. Traffic has only been increasing since then, up 42% for the first three days of the tournament in 2014 compared to 2013. While increased traffic is a great problem to have, it does present a few issues for the servers that have to handle that load. This time of year, all across the nation, servers are being scaled up and load balancers are being configured to ready themselves for the upcoming traffic hit. Scalable and highly available infrastructure like that are exactly the kind of solutions our techs like to think about.

  3. Coworker Collaboration

    Of course, the best part about all this March Madness hullabaloo is the atmosphere that is fostered this time of year. Playful competition and rapport among Liquid Web techs is abundant in the break room and water cooler areas around the office. Liquid Web has always believed in creating and cultivating a friendly work environment; one that encourages employees to become friends and share knowledge. We believe techs that work together find themselves more readily equipped to help our customers. For that reason, March Madness is a celebrated time of year around our data centers.

March Madness is about more than basketball – there’s a whole treasure trove of technology and information supporting all the fun and games this time of year. At Liquid Web, we love nothing more than when popular culture merges with our favorite subject: web hosting. When you go to fill out your bracket this year, don’t forget to appreciate all the technology hiding behind your computer screen. Best of luck with your brackets!

What do YOU love about March Madness?

Choosing the Best CMS For You

One popular approach to building and managing websites among corporations and small businesses alike are content management systems (CMS), or software that provides tools for website authoring, collaboration and administration for users with little knowledge of programming languages. CMS’s can vary widely, but most provide the ability to quickly build websites, store content and other information in databases, and offer easy-to-use administration interfaces for less technical users. They provide a myriad of benefits over other methods of building websites, such as manually uploading files to a server or using a blogging platform (a simpler and more limited subset of CMS’s). CMS’s allow websites to feature dynamic content without the hassle of regularly updating files, offer customized design options, and provide a wider range of features (such as ecommerce or customer account areas).

Some of the most popular CMS options include WordPress, Joomla, and Drupal. All of these options are open source software that are free to download and use. Due to their open source nature and large user communities, each CMS will likely be continually improved over time and comes with an vast set of add-ons, plugins, and extensions. While any of these CMS’s are excellent choices, each offers something different to the prospective site builder. To help you make the choice that is best for you and your needs, we’ve detailed the primary benefits of each option below.

WordPress

WordPress.org

  • Most Popular CMS & Largest Support Community
  • Most Available Plugins & Themes
  • Easiest-to-Use Interface
  • Ideal for Any Size Website
  • Somewhat Limited Development Options
  • Free to Download

WordPress.org is the most popular CMS in the market, and as such it comes with the largest developer and user community. This community of users provides an incredible level of support and the most extensive list of available plugins and themes. WordPress began as a blogging platform, but has transitioned into popular use as an easy-to-use and simple CMS. It still maintains a simple blogging platform, WordPress.com, as a separate entity for users who don’t want to find their own web host or worry about downloading the WordPress.org software. WordPress.com is much more limited with the types of website you can build, however, which explains why WordPress.org is the more popular option for businesses. Of the three CMS’s in this blog post, WordPress.org requires the least amount of technical know-how to operate. While setting up a website through WordPress is intuitive and easy, it still provides developers with the ability to add or edit back-end code to create customized looks.

It’s worth noting that WordPress does come with limitations. If a website grows too large too quickly, it can require significant server resources to maintain. In addition, while WordPress has a powerful and easy-to-use interface, editing of its core framework often takes skilled developers, and is not generally recommended. Edits made to the WordPress core could prevent you from updating your site with the latest WordPress upgrade, making your site more vulnerable to attacks. In the end, WordPress is ideal for websites or blogs of all sizes, and the many add-ons make it easy to expand a website’s functionality as it grows – to a point. Websites that expect to quickly grow in traffic or complexity might find the WordPress framework somewhat limiting. Despite that barrier, some of WordPress’ more notable clients include large corporations like UPS, CNN, and Spotify. WordPress is free to download and offers many premium add-ons available for a fee.

Drupal

Drupal

  • Most Powerful & Flexible CMS
  • Thousands of Add-ons Available
  • Ideal for Complex Sites with Multiple Users, Community Platforms, Ecommerce, & Multiple Content Types
  • Basic Knowledge of Programming Languages Required
  • Free to Download

As one of the most technical CMS’s in the market, Drupal is a powerful tool for developing the most complex websites, such as those with multiple users, community platforms, enterprise sites, ecommerce sites, and more. This CMS is the most flexible option, however it can often require a high-level of programming knowledge to take advantage of its flexibility. Developers should have at least a basic knowledge of HTML, CSS, PHP, and Javascript/JQuery in order to build and troubleshoot any site built with Drupal. The level of expertise needed to operate Drupal does come with benefits, however. Drupal can create more advanced websites and is perfect for websites that need to be flexible enough for: expanding site features in the future (such as ecommerce or a wiki), adding customized functionality, or handling complicated forms and workflows. In particular, users of Drupal have praised its flexible management, organization, and presentation of seeming unlimited content types. Examples of organizations that use Drupal include The White House, Turner Broadcasting, and The Weather Channel. Drupal is free to download and premium features are available to be purchased, but users that lack the technical know-how to build a Drupal site might find themselves paying for technical support.

Joomla

Joomla

  • Easier-to-Use Interface than Drupal
  • Offers More Power & Flexibility than WordPress
  • Thousands of Extensions Available
  • Ideal for Sites with Ecommerce or Built in Social Networking
  • Free to Download

Often discussed as the compromise between Drupal and WordPress, Joomla is easier to operate than Drupal, but offers more flexibility in site development than WordPress. Joomla websites can be quickly setup without significant support, but some technical know-how might be helpful. Despite Joomla’s relative ease-of-use, it is used to develop complex websites, such as those with ecommerce functionality or that require built in social networking. In fact, it was designed to perform as a community platform and features strong social networking features. It is extremely customizable and comes with a large selection of templates and styles, as well as a wide range of services and options that are available as off-the-shelf functionality. Business like Ikea, Citibank, and Harvard University utilized Joomla to build various parts of their online presence. Joomla is also free to download and provides a variety of premium features available for purchase.

Ghost

BONUS: Ghost

  • Simple Blogging Platform
  • Focuses on Publishing Content
  • Clean & Easy-to-Use Interface
  • Known for Its Split-Screen Editing
  • Free to Use

Ghost is a blogging platform that was created as a fork of WordPress, but has been recreated from scratch since its original creation. As mentioned above, blogging platforms are a subset of CMS’s, but are much more limited in their available features, designs, layout, and flexibility. While Ghost is not truly a CMS, we believe it deserves to be mentioned in this article because of its growing popularity. The main purpose behind Ghost was to create a beautifully designed, free, and open source platform that’s main focus is publishing content. Ghost uses node.js, which is both easier to scale and more consistent than the PHP that WordPress uses. It provides all the most important blogging features, such as SEO optimization, social sharing, and other essential features all available with the core install instead of via external plugins. One of the most lauded features is the split-screen editing, allowing users to see their content as it would be published while they are writing. It also provides an easy way to support multi-author blogs. While Ghost is not a CMS, it’s popularity as a blogging platform makes it ideal for many users who don’t need the complications of a traditional CMS.

Building a website means taking a lot of factors into consideration, including both current and future needs. Whether or not you need a lot flexibility and technical capability, need a fast and easy-to-use website capable of handling all of your data, or simply need an quick way to push out content, there will be a platform to suit your needs. All of these platforms can be utilized on our Shared, VPS, or Dedicated hosting. Our always available Heroic Support® team can help you figure out which platform best fits your needs.

KB Weekly Wrap-Up 3-6-15

Knowledge Base Weekly Wrap-Up 3-6-15Our ever-updating Knowledge Base often features helpful how-to’s and explanations for installing, running, and updating different programs and applications on your server. Featured in this edition of our KB Weekly Wrap-Up are Apache2 Modules, MySQL, MongoDB, and glibc (GNU libc).

Don’t see what you need to know? Contact our Heroic Support® team and we’ll help! If you’d like to request a specific article for our Knowledge Base, let us know at support@liquidweb.com.

Top 4 Ecommerce Plugins For WordPress

Over the holidays we shared a few ecommerce security and performance tips for our customers, but we’ve yet to delve into the process of actually setting up an ecommerce site. Many of our customers utilize WordPress for their websites, which is also a great option for ecommerce sites. WordPress offers small and medium-sized businesses the ability to grow their web presence and sales capacity quickly via one of the many available ecommerce plugins. Before deciding to build an ecommerce site, businesses will want to remember to think about the special security requirements, specifically protecting their customer’s data with PCI Compliance.

For those customers who have decided that WordPress is the ideal home for their ecommerce site, there are plenty of plugins available that can easily add product pages, a shopping cart, and a simple checkout process. However, choosing between the numerous options can be overwhelming. The following plugins are highly recommended by our Heroic Support® team and offer many features that can help enhance your ecommerce store.

  1. WooCommerce
    WooCommerce WordPress Ecommerce Security PluginThe most popular plugin for WordPress ecommerce, WooCommerce is established, respected and reliable. The primary benefit of this plugin is the strong community of developers supporting both it and its many extensions and themes. With seamless dashboard integration with WordPress, this plugin is free, easy to use, and intuitive. Features include standard integration with PayPal, sales and reviews reports, multiple shipping options, inventory management, customer account areas, flexible couponing system, control over shipping/tax charges, and a plethora of premium add-ons available for a fee. WooCommerce is ideal for all shapes and sizes of ecommerce businesses, whether you deal in digital or physical products, have very little inventory or whole warehouses full, offer subscription products, or need to bundle your products.
  2. Shopp
    Shopp WordPress Ecommerce PluginThe Shopp ecommerce plugin often integrates with your existing WordPress themes. It offers many standard features needed for an ecommerce business, including integration with many payment gateways (such as PayPal and Google Checkout), order management, email notification, coupon codes, control over tax/shipping charges, related products, RSS feeds, and options for a grid or list view. This plugin is free to download, but additional support and features are available for purchase. Shopp is ideal for an ecommerce business that has a larger product inventory and is easily customizable for developers.
  3. Cart66
    Cart66 WordPress Ecommerce PluginCart66 stands out amongst the other available plugins because of its unique hosted checkout option. With Cart66’s hosted checkout option, your business doesn’t need to worry about hosting or protecting your customer’s data with PCI Compliance or SSL Certificates. Their checkout solution will match your theme and appear to be part of your site, but will actually be hosted on their secure cloud server. Cart66 also offers many of the standard ecommerce features, such as order management, promotions, control over tax/shipping charges, support for multiple currencies, customizable email reports, custom product management, and affiliate platform integration. Cart66 is also a great option for those looking to sell subscription-based products, and offers both free and professional versions with a number of different licensing options.
  4. Easy Digital Downloads
    Easy Digital Downloads WordPress Ecommerce LogoWhile other plugins offer the ability to sell digital downloads, Easy Digital Downloads lives up to its name and excels at it. The plugin is simple and meant for those businesses that only sell digital downloads, such as plugins, files, music, etc. The plugin also allows the sale of digital content through subscriptions. Seamlessly integrating within the WordPress dashboard makes it easy to use, and it can be customized by developers. Easy Digital Downloads is free, but extra extensions and themes are available to purchase. Other features include discount codes, user purchase history, and sales reports.

The ecommerce plugin you choose for your WordPress site should be based on your unique business needs. For additional resources, consult our other blog posts for information on the best WordPress security plugins to protect your site, as well as general WordPress security tips. While themes, plugins, and custom modifications are not covered with our fully managed Heroic Support®, our team will always provide Best Effort Support for installing and troubleshooting plugins for WordPress, 24/7/365. Our WordPress hosting solutions are available on our Shared hosting, Storm® VPS hosting, and Dedicated hosting plans.

KB Weekly Wrap-Up 2-20-15

Liquid Web Knowledge Base Weekly Wrap-UpHave you checked in lately with our Knowledge Base? We’re always adding helpful how-to’s and explanations for our customers. This week we’re featuring instructions on updating Bash, installing mlocate, MySQL/MariaDB, and Apache!

Don’t see what you need to know? Contact our Heroic Support® team and we’ll help! If you’d like to request a specific article for our Knowledge Base, let us know at support@liquidweb.com.

Top Four WordPress Security Tips You Need To Follow

Top WordPress Security Tips
When it comes to operating your business on a WordPress site, security is the most important consideration. WordPress sites are among the most targeted by attackers due to relatively common vulnerabilities that are easily secured with a small amount of effort. In a sample size of 4,322 WordPress websites hosted on Liquid Web’s network, we blocked and logged over 628,722 attacks in a 72 hour period; that’s over 48 blocked attacks per day per website. Some websites are more highly targeted and see four to five times more attacks per day than the average. Our proactive Security Team uses ModSecurity (a request filtering module for Apache) as one method of protecting our customers’ WordPress sites, but we can’t protect your server from every threat. If you’re looking to secure your WordPress site against such a deluge of attacks, here are four tips that will lead you in the right direction.

  1. Update Your Plugins & Themes

    Regularly updating all of your existing plugins and themes is the most effective method of securing your website. This is especially important given that outdated plugins and themes are a popular attack vectors for WordPress sites. While updating plugins is ultimately our customers’ responsibility, we do our best to help our customers as much as possible. For example, we have ModSecurity rules in place that prevent some outdated plugins from being exploited, providing our customers a small amount of leeway in their plugin maintenance. However, this service does not replace the need to monitor your plugins and we strongly recommend updating them whenever possible. It is possible to set at least the WordPress Core to automatically update. To learn how, check out our Knowledge Base article on enabling automatic background updates.

  2. Create Strong Passwords

    Another popular attack vector for WordPress sites is weak passwords. We have an in-depth Knowledge Base article with tips on how to create strong passwords, including which types of passwords to avoid. Attackers often use brute-force attacks that attempt to guess passwords, an effort that is only made easier by simple, dictionary word passwords. Our customers ultimately have the final authority on what passwords they choose, but in an effort to help secure their servers as much as possible we do utilize ModSecurity on most of our servers to block brute-force attacks.

  3. Maintain Regular Backups

    It is impossible to guarantee your server will never be successfully hacked, which is why it is vitally important to take regular backups of your site and data. You can recover from nearly any attack if you have a solid backup solution in place. Our Heroic Support® team can help you configure cPanel backups or our Guardian backup solution on your dedicated or Storm® server. For customers with Storm® servers, Storm® backups can be easily enabled from within your account. Up-to-date, secure, and offsite backups are critical to protect your site data in the event of an unavoidable attack.

  4. Utilize Security Plugins

    Once you have taken the proper precautions by updating your site, strengthening your passwords, and backing up your files, it’s time to think about a security plugin. The Liquid Web Security Team recommends a few WordPress plugins that are highly ranked and widely used across the industry. Learn more about our team’s WordPress security plugin recommendations.

The four tips above will go a long way toward protecting your WordPress site from would-be hackers. While themes, plugins, and custom modifications are not covered with our fully managed Heroic Support®, our team will provide Best Effort Support for those and other third-party plugins and issues. As always, our Heroic Support® is here to help, 24/7/365.

Top Three Security Plugins For Your WordPress Site

Top WordPress Security Plugins
One of the most common tasks our Heroic Support® technicians do for our customers is help ensure their WordPress website is properly secured. There are many WordPress security plugins that can help with this task, but the options can be overwhelming. When it comes to finding the ideal security plugin for your WordPress site, we strongly recommend finding one that suits your needs and maintaining it properly. To help you narrow down your options, the following security plugins have been recommended by the Liquid Web Security Team. These plugins are ranked highly, used widely across the industry, and will help secure your site against potential attacks.

  1. WordFence

    WordFence will perform a deep scan on all of your source code files, themes, and plugins to verify their integrity and security. In addition, this plugin offers firewalls, virus scanning, a new caching engine, post & comment scanning, and file scanning. A unique feature of this plugin is the real-time map on the WordFence homepage that tracks attacks on WordPress sites. This map is used as a crowd-sourced approach to blocking attacks. If one site using the plugin is attacked, the attacker is then blocked by all other sites using the plugin, allowing your site to be even more protected.

  2. Takeaways:

    • Free
    • Caching Engine Speeds Up Site
    • Crowd-Sourced Blocking
    • File Verification Against WordPress.org Repository
  3. iThemes Security

    Formerly known as Better WP Security, this plugin prevents a number of different common attacks through strengthened user credentials, site & database monitoring, locking out users with multiple invalid login attempts, changing the admin login path and username, and limiting the number of times users can access the site (brute force protection). Not to mention, this plugin backs up database files prior to securing your site. It’s easy-to-use, quick start installation makes this plugin ideal for site security.

  4. Takeaways:

    • Easy to Use
    • In-Depth Tutorials
    • Obscures Vulnerable Default Configurations
    • Free and Pro Versions
  5. BulletProof Security

    Well known for its ability to secure and monitor logins, as well as prevent SQL injection attacks, BulletProof Security uses .htaccess files to secure the entire WordPress installation. In addition, it protects against RFI, CSRF, XSS, and Base64 attacks. This plugin also features verbose logging capabilities, which are handy for troubleshooting by your or Liquid Web’s admins. The available maintenance mode, backup and restoration of .htaccess files, login security, firewalls, and strengthened access privileges all make this plugin a great option to secure your site.

  6. Takeaways:

    • Performance Optimization
    • Logging
    • Easy Security via .htaccess Files
    • Free and Pro Versions
The importance of maintaining a secure website cannot be overstated. WordPress sites are often a target for attackers and therefore extra caution should be taken with your security. While plugins and other WordPress features are not covered under our fully managed Heroic Support®, our team will provide Best Effort support to help you in any way possible.

“Six More Weeks of Winter” Liquid Web Giveaway

Happy Groundhog Day!

We don’t know about the weather where you are, but we are smack dab in the middle of winter at our Lansing, Michigan headquarters. Groundhog Day is always the time of year that us Michiganders start to think longingly of spring. However, this morning the famous, weather-predicting groundhog “Punxsutawney Phil” saw his shadow and promises six more weeks of winter. We may be wishing for spring, but it looks like we should be preparing for a couple more months of winter!

With that in mind, we’d like to give away a HUGE prize pack to help our customers get through the rest of this winter. Our Liquid Web Winter Gear Prize Pack includes our Glacier Jacket, a Liquid Web Beanie, Smartphone Gloves, and a Travel Mug to hold a warm beverage of your choice.
Liquid Web Winter Gear Prize Pack Giveaway
The Winter Prize Pack will be awarded in the form of LW Bucks, the point system used in our Brand Store. We’ll add LW bucks equivalent to the value of the prize pack in your LW Brand Store account. Don’t have an account? Signing up is free and easy!

To enter the giveaway, fill out the form below! The contest will run until Friday, February 6th. We will announce the winner that Friday at Noon.

a Rafflecopter giveaway