How to Beat the Hackers - Simple Steps to Protect and Restore Your Site

Profile picture of the author sbucciarel by sbucciarel Posted: 11/28/2011
There's a lot of "my sites were hacked" lately. There's a very simple way to instantly restore your sites without buying any plugins or progams.

This is for cpanel hosting.

Backup Your Site Files
Go to your cpanel.
Click on File Manager.
Choose your domain
Click "Select All" files
Choose Compress
Check zip for file format and name your file
Click go

That's it - your files are now backed up and all you do to restore them is go to file manager, click on the zip file you created and choose Extract. It will overwrite all the files there, restoring them to their normal state.



Backup Your Database

If your site has a database, as Wordpress sites do, the final step is to backup your database.

Go to cpanel
Click on phpMyAdmin
Click on the database you want to back up
Click on Export
Click go
Save it to a folder for your site on your hard drive
That's it!



To restore your database, go to phpMyAdmin in your cpanel.
Click on your database
Select all the tables and Choose "Drop" from the dropdown box.
Then click on "Import"
Import the database that you saved to your hard drive
That's it.



That's all there is to it and it only takes about 5 minutes or less.
#beat #hackers #protect #restore #simple #site #steps

  • Profile picture of the author Bentley74
    Bentley74
    Great advice, Suzanne!
    I'm embarrassed to admit that I didn't even know about the File manager "all files" compression/backup approach. Cool! (and easy)

    For that matter, I've never even backed up a database the way you described (usually just use some form of DB backup plugin).

    Thanks for sharing!
  • Profile picture of the author Andyhenry
    Andyhenry
    Yep - this is easy to do.

    I've been telling people this for ages. It comes up when people ask about backing up and cloning blogs, and although it's really quick and simple - people seem to still prefer to pay for a tool to do it instead.

    Hopefully a few people will read the OP and actually give it a try just so they know how easy it is.

    Andy
  • Profile picture of the author smartyjohn
    smartyjohn
    I didn't think that there is any option to select all and Compress it in cPanel I will surely try it tonight as I do back-up my file manually. thanks for the help.
  • Profile picture of the author WikiWarrior
    WikiWarrior
    Thanks Suzanne, I didn't realise it was that easy. One of those things I keep putting off but seeing it laid out like that there's really no excuse for not getting it done.
  • Profile picture of the author AnniePot
    AnniePot
    I've been using WordPress Backup to Dropbox for quite a while, and I've set it to backup daily. This way, I know everything in my blog (not just the database, as with many other backups), is being backed up daily, not just when I think to do it...
  • Profile picture of the author sbucciarel
    sbucciarel
    Originally Posted by Jim Willis View Post
    I never knew you could just zip all the files and reup them. Is it easy to get it all to work on another server?
    Absolutely. If it's a Wordpress site, you have the Wordpress file as well as the theme files and images, etc. all zipped up. Just upload it to any host, unzip or "Extract" the file, create your database and import the database you saved, edit the wp-config file with the new database info and finally, go into the new database in wp-options and change the url to the new url. You now have an identical site on a different url. You'll have to go into your Wordpress control panel and go to Settings > General > and place your new url in the second box in there.

    Running the plugin Search and Replace will change all the old urls in the posts and images to the new urls.

    All those steps are in a document I created to help people transfer a site from one host to another. It's at domainingdiva.com/transfer.pdf
  • Profile picture of the author luckystepho
    luckystepho
    Thanks Suzanne, I'm another one that had been putting off thinking about it and hadn't realised it was that easy. This information could potentially save hours and hours of time not to mention lost revenue!
  • Profile picture of the author Shaun OReilly
    Shaun OReilly
    Another thing you can do to make your WordPress installation
    more secure, it to change the table prefix for your WordPress
    database.

    By default, the table prefix is 'wp_'

    It is recommended that you change the 'wp' to something else.

    Export your current WordPress database and then open it up
    in Notepad and then do a Find and Replace (Ctrl +H) to change
    all of the prefixes from 'wp_' to 'xxx_' (replace xxx with whatever
    letters you choose).

    Then drop the database and import the new database with the
    new table prefix.

    You'll need to update the table prefix in your wp-config.php file
    too. Just do a search for the line in the code that has...

    Code:
      = 'wp_';
    Then change it to whatever letters you've chosen.

    Dedicated to mutual success,

    Shaun
  • Profile picture of the author sbucciarel
    sbucciarel
    Originally Posted by Shaun OReilly View Post
    Another thing you can do to make your WordPress installation
    more secure, it to change the table prefix for your WordPress
    database.

    By default, the table prefix is 'wp_'

    It is recommended that you change the 'wp' to something else.

    Export your current WordPress database and then open it up
    in Notepad and then do a Find and Replace (Ctrl +H) to change
    all of the prefixes from 'wp_' to 'xxx_' (replace xxx with whatever
    letters you choose).

    Then drop the database and import the new database with the
    new table prefix.

    You'll need to update the table prefix in your wp-config.php file
    too. Just do a search for the line in the code that has...

    Code:
      = 'wp_';
    Then change it to whatever letters you've chosen.

    Dedicated to mutual success,

    Shaun

    Great tip and easy to do when you do it in notepad.
  • Profile picture of the author ericbryant
    ericbryant
    Have you heard about wptwin from Jason Fladlein? It is well, unreal. Instant backups and transfers.
  • Profile picture of the author bhola badshah
    bhola badshah
    you can also download the backups from cpanel under backup section if you have daily backups provided by your hosting company.
  • Profile picture of the author waynewalters
    waynewalters
    That is great info, Suzanne. Thanks for sharing.

    Is there any merit to not using Fantastico or Quick Install when adding Wordpress to your site for security purposes? I recently saw a video series on a more secure way to install Wordpress. I'm not tech savvy enough to know what the security risks are when using Fantastico versus the long way of installing Wordpress.
  • Profile picture of the author timpears
    timpears
    My problem with messing with data bases is, how do you figure out which data base goes with which domain?
  • Profile picture of the author yong1515yong
    yong1515yong
    After being hacked, what I can do was to asked my host provider to do a frequent backup before.

    Thank you for sharing, I learn a lot!
  • Profile picture of the author sbucciarel
    sbucciarel
    Originally Posted by ericbryant View Post
    Have you heard about wptwin from Jason Fladlein? It is well, unreal. Instant backups and transfers.
    Yeah actually, I bought it when it was first released. Tried it on one site, it failed and never touched it again. It literally takes me two minutes to backup and transfer a site without software.
  • Profile picture of the author Big Al
    Big Al
    Suzanne... thank you.

    11 sites hacked the other day... here was I thinking Google didn't like me and it turns out there was some redirect so it took people elsewhere. I use an alternative hosting company so I need to check if I can do this using their system -- or change host.

    Is that hostgator?
  • Profile picture of the author sbucciarel
    sbucciarel
    Originally Posted by Big Al View Post
    Suzanne... thank you.

    11 sites hacked the other day... here was I thinking Google didn't like me and it turns out there was some redirect so it took people elsewhere. I use an alternative hosting company so I need to check if I can do this using their system -- or change host.

    Is that hostgator?
    I use both Hostgator and Hostmonster. Any host with cpanel should work.
  • Profile picture of the author Chris Lengley
    Chris Lengley
    Wow man .. Great tips... Thank you...
  • Profile picture of the author TammieJJ
    TammieJJ
    That's one of the best free tips on WF in a long time! Thank you for sharing it with us.
  • Profile picture of the author Jay Moreno
    Jay Moreno
    As an alternative take a look at xcloner I used to use it for joomla buts it's available for WP and standalone sites now, it auto backs up your sites including databases, you can set it up a cron job too to do daily backups it also has a restore tool as well without getting super technical.

    And it's free... If might take one or two times to get the hang of it but it's well worth pursuing the learning curve. Installs as a WP plugin too.

    It's also extremely handy if you want to clone or move sites to a different domain.

    Thing is if your site got hacked and you restore everything be sure to try and find out how they hacked your site, and remove the original exploit. If not you maybe just restoring an open vulnerability and leaving the door wide open for it to happen again.

    HTH

    Jay

Related discussions