Establishing a Disaster Recovery Plan for Your Site

Can your WordPress Site continue to function even in the case of losing its data? If the answer is no, then  establishing a disaster recovery plan is an inevitable need for your WordPress site.


There can be many reasons for a site to lose all of its data. It can be a machine error or a human mistake. If currently, you don't have an established data recovery plan for your WordPress site then chances are, down the line, your data is in danger.

On the other hand, if you do have a disaster recovery plan enabled for your site, then you are following good practices to keep your site secured at all times and meet all sort of technical contingencies. Even though many companies nowadays do not have such recovery plans to keep their sites secure, there are many tools available that can help you in availing this fantastic feature for your WordPress site's safety.

Indeed, how soon and how well your site recovers from a disaster depends on how well you have planned to meet that disaster.

So how can you create a good disaster recovery plan?

Creating a disaster recovery plan is relatively easy and quick. And once your site gets hit by any of such disaster, this plan will save you so much angst and time that you will wonder why you even thought about living without one!

But before we dig further into the details of developing a disaster recovery plan, first we must understand:

What do we mean by a disaster recovery plan?


A good disaster recovery plan is essential for two primary reasons. First it helps you in recovering your site from a range of disasters, and second, it helps you in mitigating the risk of facing such disasters.

The best plan is the one which holds a delicate balance of details and simplicity. After all, such methods are used in reasonably stressful conditions, and they have to be clear as well as to the point.


An excellent and basic disaster recovery plan includes:

  • A checklist of investigation - to determine if we are facing a disaster
  • A list of disastrous scenarios
  • A list of actions (recovery) to be taken in each situation, along with the information that who will be responsible for carrying out the activity
  • Steps and actions to be taken to mitigate the disaster risk
  • Steps and actions to be taken to minimize the time of recovery
  • The list of contact information of all those who will be held responsible for taking measures in the situation of facing a disaster

But the question is:

Why do we need to have a disaster recovery plan in place?


Multiple things can happen simultaneously and give rise to a disaster. Let's say if your site is hacked; chances are you will face a hardware failure as well. In a worst-case scenario, your hosting plan can go offline as well.

Can you handle the stress of this disaster? Or if it is a client's site, you get the added joy of dealing with a disgruntled client, too.


That is why having a disaster recovery plan ensures that you have already taken all the required measures in a non-disastrous and calm environment, and from now on, even if a disaster strikes, you got the plan to work around the situation. This eventually means no panic and no what-ifs. With a disaster recovery plan in place, you can calmly follow simple steps and recover from the damage soon.

What are the factors which constitute a good disaster recovery plan?

Here is a list of things that make up a good recovery plan:

Investigation Checklist


The first step of a disaster recovery plan is first to determine if you are experiencing a disaster in actual.

Once you make an investigation checklist, it allows you to quickly and quickly determine if you are having a disaster and if yes, what kind of failure it is.


Typically, you reach for the checklist once your client, you, or your uptime tracking service becomes aware that your WordPress site is not responding, and now you need to confirm if there is any genuine issue which needs to be fixed.

However, you must consider and remember two necessary things:

  • The checklist is there to tell you if you have a consistent issue which needs to get mitigated.
  • There are so many components which are involved in creating a request for a page, including the delivery of a page to the browser, and on a lot of them, you have no control.

Hence, once the checklist is completed, you will be cleared about the faced scenario and the course of action required to fix it.

Scenarios


When we say script, we mean the numerous types of "disasters" that can occur. Once you determine the scene, it becomes easier to work out the severity, steps, and actions required to tackle the situation and who is accountable for these actions.

Common Scenarios include:

  • The hosting plan goes downThis can happen for many reasons, but if your site's downtime extends up to days than hours then you might need to switch your site and get it back up and running at some other new location.
  • Your site gets hacked This is one of the most common disasters and the one who usually needs a full restore to fix.
  • An update to plugins/theme/core ‘breaks' the site –This happens quite commonly, especially when an update is installed hastily. This may also require the update to get ‘backed out' and this is done through the restoration of the files to pre-update status.

Contact List

A contact list can come handy in case of a disaster. It allows you to find the contact details of the right person at the right time.

A contact list is a go-to place for the email, name, mobile number and address of any person who is responsible for taking action, or who must be informed about the incidence.

What factors need to be considered when you create a recovery plan?


How you respond to each scenario depends on a variety of factors which will be different for every site even within a portfolio.

Acceptable Downtime Limits


This is one of the most critical factors to determine. The majority of site owners might answer that there is no ‘acceptable' downtime. But you must be brutally realistic since you need to learn the duration for which your website will be down - before you get hold of an alternative hosting arrangement – even temporarily.

Since an e-commerce site will have quite a different downtime limit in comparison to an informational website, you must determine how critical or crucial the place is to the organization.

Since an e-commerce site will have quite a different downtime limit in comparison to an informational website, you must determine how critical or crucial the place is to the organization.

Similarly, one crucial thing that you must keep in mind while figuring out the acceptable limit is that shifting a site to an alternate hosting arrangement requires an update of DNS and these measures can take almost 24 hours actually to propagate. So even if a place can be rebuilt in a new environment just in one hour, it doesn't mean that it will be available immediately.

Since managing expectations is also a part of disaster recovery planning, so make sure you end up keeping these expectations quite realistic.

Checkpoint Frequency


If the response to a scenario needs a full restoration, you must evaluate how you will set up the backup regime and to be specific, the frequency of the checkpoints.

A checkpoint is that moment when your site's snapshot is taken. When we say restoring to the inspection, it means to recreate the site up to the same level as it was at the moment of that taken snapshot and losing the data which was created between the failure moment and the checkpoint.

For instance, if your site's daily back up regime is at 8:00 am, and you restore your place at 5:00 pm, then it means that your checkpoint is 9 hours old.

But is it a problem? And what is so crucial about losing the data of a day's worth?

For a few sites, the chances are that the impact is minimal. But regarding commercial websites, the effect can be huge, and for this reason, the checkpoint must be taken far more frequently.

For this, you may use WPEngine - a hosting company - which offers Restore Checkpoints. Similarly, Automattic's service which provides a real-time backup called VaultPress.

Backup Regime of Current Host


Virtually, all hosting platforms provide a backup regime but not all the owners of WordPress sites know the details. The owners assume that these backups are taken and that they will easily cross the restored bridge once they come to it.

But being a site's owner, if you do not know the workings of it, then how can you assume that in the case of facing a disaster it will fix your issue?

That is why, ensure that you are full across the backup regime of your current host and what contribution can it make, if any, in your disaster recovery plan.

Specifically, watch out for:

  • How frequently does your current host backup the database or your files?
  • Where are these backups being stored? While offsite can be a safe option, it usually increases the time of restoration.
  • What is the process of starting a restore?
  • What is the duration of a typical restoration process?
  • What is the cost of restoration?

DIY Backups


We know that you would prefer to restore and have control over the backup regime instead of just relying on your current hosting arrangement; hence, you must take advantage of the many solutions available to all the owners of WordPress sites.

When you select a service or a product, then you wish to go with the same criteria as of when you assess the backup regime of your host.

  • Can it support your need for checkpoint frequency
  • Where are these backups being stored? You should go with offsite, which may include cloud, as there is no point in saving them on the same web server - the one hosting your WordPress site. 
  • What is the process of restoration completion?
  • What is the duration of restoration?
  • What is the cost of restoration?

The Ultimate Backup Solution – VaultPress


Amongst all the available backup solutions, VaultPress seems to be the most promising and impressive option, particularly the Premium and Basic plans where the real-time backup is offered.

In these plans, VaultPress guarantees to back up every media file, comment, post, dashboard setting and revision as they occur. We know it sounds nothing less than a checkpoint frequency dream.

The plans cost $40/month for Premium and $15/month for a Basic subscription. This nonetheless offers real peace of mind, i.e., face value at an exceptional price.

Keep it Simple and Short


If the plan creation seems like a daunting task, then you cannot get it done. Here you are not analyzing a 200-page document which would cover details of every minute, but you want to create something which is short, concise and to the point.

Hence, you got to be creative in the process!

Use flowchart for investigation checklist. Put the actors, scenarios, and actions in a table format. The reason for keeping the information simple and short is that this information will be accessed at the time of stress; hence, it must be comprehensible and straightforward to follow through.

When it comes to this, keeping less is a lot more.

Minimizing the time of recovery


As you follow your recovery plan and establish the need of improvement – may it be a full restoration in its actual location or a complete recreation at a new place – all you need to make sure is to keep the restoration time minimal.

Keep a Backup against Every Major Update


This is a prudent measure but in the case of updating a theme or plugin, make sure you keep an adequate backup for the database and current files. So, if anything goes unplanned, you may back out the changes quickly, i.e., restoring the original data.

Track Your Site's Uptime


To start fixing a problem sooner, you must become aware of its occurrence at the earliest. While there are myriad of tools to monitor uptime, it is a good idea to start with a Monitor service that comes with the most advanced features. Since there are many options available out there, look for the one that best meets your site requirements. Excellent service will check your site after every few minutes and will notify you by email, instantly.

Using a CDN

In the case, you need to restore a site entirely then typically the upload directory is the most prominent component for restoration, especially if you have a vast quantity of videos, images, or PDF files on your WordPress site.

However, to remove this particular requirement altogether, you may consider transferring all the files to CDN – Content Distribution Network such as MaxCDN, Amazon S3 or xxx. Even though, you will need to pay a cost to avail this facility, your time of recovery will be considerably reduced. Moreover, as a bonus, your visitor can enjoy a speed boost with regards to downloading while you take some load off the web server.

Have a Defined Restore Process

While this may sound obvious but you must understand in advance all the exact steps that are linked to your restoration process. Will you be rebuilding the site locally or will you be building in situ and then moving to the production host?

What is the format of your database format? What is the order of restoring the several components? How will you test if the restoration is successful or not?

Hence, write down the process of restoration step-by-step and then thoroughly test them.

Perform a Dry Run

Either on a test site or locally, run through the complete restore process. Find all the potential issues and gaps, in the testing phase, instead of operating for the first time when there is an actual need to complete the process.

Once the process is complete, review each step and address the problems. Also, do consider the time taken and if required, tweak the process accordingly. A critical WordPress update is always the best opportunity to test the recovery process.

Keep on testing the recovery process frequently and from time to time. You may also run the test on a daily basis because the more you run the process, the more efficient and quicker you can perform when faced with a real-life disaster.

Prevention is always better than cure


The most important factor of a disaster recovery plan is to keep trying and reducing the disaster risk as much as you can.

Choosing the Right Host

Your chosen host should be well-aligned and appropriate with your acceptable limits of downtime.

For instance, if you or your client need minimal downtime for an e-commerce site, then choosing a bargain-basement shared hosting plan is not enough to facilitate uptime requirements, also considering the required response speed in the case of meeting a disaster.

Typically, the more reliable service you need, the more the solution will cost.

Keeping the Site Secured


If the hacking of your site is the worst disaster scenario that would require a recovery of a full website, then it makes sense to consider all the measures to prevent this act of hacking in the very first place. Hence put aside some time and seek professional assistance to ensure that all appropriate security measures have been put in place for the security of your site.

Switching off Auto-Update

Ever since WordPress introduced minor release – auto-updating- in its version 3.7, we have seen a lot of debate about whether the feature is useful or not.

You can say that a minor update to WordPress that will break a theme or plugin is relatively a small risk, it is still there. And you might want to eradicate this risk and update it manually after testing for any impact.

And this goes for all the plugins which come with the feature of auto-update.

Where should you store a disaster recovery plan?

Well, there is no point to get a disaster recovery plan unless you can access it whenever a disaster strikes. Your best bet is to store a program at a location which is easily accessible by anyone who would need it and for this, the most excellent option is to locate it on some third-party service such as Google Drive or DropBox.

Generally, the idea of using Google Docs is preferred. This is because it is not only a straightforward means of keeping information available but you can also edit it and make it a simple ‘living document.'

The disaster might never strike

In fact, not only a disaster might never strike, we don't want it to occur. The irony attached to a disaster recovery plan is that it is that one plan that we never want to execute.

The fact is there are still a lot of components on which we have no control. And in this case, the owner of a revenue-generating and substantial site can only keep the fingers crossed, wishing that the disaster never happens. This is because, in such scenarios, having a disaster recovery plan may also fail to prevent the loss.

With the increasing number of cyber crimes all over the world and almost 75% of WordPress sites being under attacked the majority of times, having a disaster recovery plan is the most viable and safest option to avail.Moreover, being prepared might not wholly prevent the happening of the disaster, but it will help you in getting your site up and running, with complete database backup and that too, as quickly as possible.
September 12, 2018

Click Here to Leave a Comment Below

Leave a Reply: