Business

How To Write A WordPress Disaster Recovery Plan

WordPress Disaster Recovery Plan

Image: Yosh Ginsu

What would happen to your business if a disaster struck your website? Would you be prepared or left scrambling?

From unexpected natural disasters to cyber attacks, you never know what might happen or when. You can be prepared to take action when the worst does happen by writing a WordPress disaster recovery plan.

By having a plan ready, you won’t be caught off guard, even during the most stressful times. You’ll be able to get your site back online as quickly as possible, reducing downtime and damage to your business.

Components Of A WordPress Disaster Recovery Plan

Sadly, many businesses avoid creating a plan because they don’t think anything will happen. The 2012 GoDaddy hack is a great example of an unexpected disaster. Millions of GoDaddy’s hosted sites were shut down, which hurt many businesses that relied on them. The truth is, you never know what might happen.

Most hosting companies are not responsible for backups or restoration of your website files. They manage the filing cabinet, you are responsible for the files inside.

Before you start creating a plan, you need to know what components to include. Some crucial pieces every plan needs include:

  • Investigating the problem
  • Listing types of disaster scenarios
  • Listing resolution steps for each scenario
  • Contacting all relevant individuals
  • Estimating the amount of downtime
  • Informing customers and clients

This might seem like a daunting task, but remember this – your recovery plan allows you to keep a cool, calm head when disaster does strike. One more thing to remember is to keep your plan short and simple. It doesn’t need dozens or even hundreds of pages.

Investigation Phase

Before you can execute the steps in your WordPress disaster recovery plan, you need to investigate the problem. For instance, if your site goes down, it could be a cyber attack, a failed update or a technical problem with your web host. Obviously, each type of disaster would require a different approach. Always start by identifying the root cause of the problem.

At Hidden Depth we begin by creating a ticket on our WordPress website support system for the issue. Sometimes when hacked a client’s emails can go down too, so our support web app is how we communicate throughout the investigation.

Understanding Scenarios

WordPress disasters aren’t all the same. You’ll need a list of steps to resolve each type of disaster, such as:

  • Cyber attack – Even with a backup, you may need to repair any holes that the hacker used to get in. With nearly a million new malware threats released daily, this is one of the most common scenarios.
  • Failed WordPress, theme or plugin update – Usually, a recent backup is all that’s needed to get back online.
  • Natural disaster (fire, flood, etc.) – The resolution may require new hardware or switching to a new host.
  • Web host issue – Depending on the severity of the problem, you may need a new host.

Resolving Problems

Your WordPress disaster recovery plan needs a step-by-step guide to resolve any of the above scenarios. In most cases, a recent uncompromised backup is a great starting point. Before you simply upload a backup and get back online, you may need to take care of other issues, such as:

  • Finding an alternate theme or plugin, if they’re the cause
  • Checking the backup for any security issues, such as malicious code, outdated software, etc.
  • Resetting passwords for user accounts
  • Adding any missing components back in, such as posts added after the last backup

Contacting Relevant Individuals

Depending on the type of scenario, you’ll need to contact different individuals. For instance, if the problem is your web host, you’ll need to contact them immediately to see how long the downtime might last. If you use a WordPress maintenance service, you will want to contact them to handle checking backups and restoring your site.

Do bear in mind that a lot of hosting companies having a policy of suspending your account of deleting all files if they see that you’ve been hacked. Without a website backup solution in place this could lead to you having to start from ground zero.

If it’s a cyber attack that may have compromised user data, you’ll need to inform all users immediately. It may be a bitter pill to swallow but it is vital to inform customers and clients, use social media and email, so they know to take precautions.

Set Realistic Downtime Expectations

As much as you might want to get your WordPress site back online quickly, sometimes you’ll have to wait temporarily. For instance, it may take a day or two to fix any security flaws or to move to a new web host. A lot of hacks leave behind scripts that hide in the background and only start up again if you change login details or delete specific files. Simply uploading a recent backup and hoping for the best could just result in a bigger disaster. By setting realistic timelines in your WordPress disaster recovery plan, you’ll be able to immediately inform everyone of how long your site will be offline.

Create Your Plan Today

When your site suddenly goes down or someone reports their account has been hacked, you need to act quickly. Having a disaster recovery plan in place means you’ll always be prepared to take action and get your business back online.

Want to help prepare your WordPress site for a disaster? Start by seeing how our security and backup services give you peace of mind when the worst happens.

Share with others



About the author

Dave Meier is the Founder of Hidden Depth (creative design services for ambitious businesses) who loves creating products and services that provide simple solutions to business problems.