SFTP instead of a plugin? Yep - here's why
Connecting your Main Site
- First, log into the CodeGuard dashboard and add a website using the SFTP credentials associated with it. Start with your main site.
- Next, type in your site URL.
- Then, you will be given the opportunity to select files to back up, and should select the directory that is unique to the site currently being activated. Click "Capture Code".
- While your files are being backed up, go ahead and add the database. You can either connect directly to your MySQL database or tunnel over SSH.
Connecting Subdomains and Subdirectories
- Log into the CodeGuard dashboard and click "Add New Website".
- Use the same SFTP credentials as your main site.
- Next, type in your site URL. We only check your URL against Google Safe Browsing API, so it doesn’t matter if different URLs are associated with the same main SFTP account.
- Then, you will be given the opportunity to select files to back up, and should select the directory that is unique to the site currently being activated.
- Your database and themes are already backed up under your main site.
Rinse. Repeat. Relief.
How a Website Backup Works
After providing us with your SFTP credentials, you are presented with a series of folders you can choose to backup. If you only wish to backup WordPress specific files, select the WordPress folder located under public_html. Uploads directory, wp-content, and wp-admin are also good places to start. After submitting your selections, you will arrive at a real-time progress tracker detailing the status of your backup. During this time, CodeGuard is provisioning a server, grabbing your files using Amazon EC2, creating a git repo for the data, and sending it to Amazon S3 for storage. After the initial backup has finished, daily backups will automatically begin unless you adjust your settings. Future backups are differential - CodeGuard looks at meta data to identify and store only what has changed, thereby decreasing the load on your server and reducing the storage size of each backup.
How a Database Backup Works
In order to to complete a full WordPress Multisite backup, you will need to add your database. You have the choice of tunneling over SSH or connecting directly using your MySQL credentials. If you choose to connect directly, you need to whitelist CodeGuard’s IP addresses with your hosting provider so we can remotely connect to your database. (If you use cPanel, it’s as simple as logging in, clicking on “Remote MySQL”, and placing the CodeGuard IPs in the allowed hosts section.) Because database backups can be reduced to a small size, we grab the entire database for comparison with the most recent data and replace the older version in the user dashboard if changes are found. You will receive an email once the initial backup has completed, and subsequent daily backups will continue automatically unless you change your settings to reflect otherwise.
How a Website Backup Works
Because CodeGuard only stores what has changed, we can pin down the modifications made to your website since its last backup. CodeGuard utilizes ChangeAlerts - an email in digest format - to tell you what changes were made and when.
Monitoring is performed on a site-by-site basis, so multisite users have some flexibility in the way they receive ChangeAlerts. If you want one email to detail your entire network, enable notifications for your main site and disable notifications for your subdomain and subdirectory sites. If you would prefer a separate digest for each site, disable your main site's notification setting and make sure each individual site's notifications are on. Or, you can have both!
CodeGuard does not provide ChangeAlerts for databases at this time.
How a Website Backup Works
CodeGuard uses an incremental backup system, so we only store what has changed but can reconstruct any version. This, along with file compression, allows us to store every backup taken during a user’s lifetime.
A user can restore to any of their backups in one of three ways:
- Downloading a zip to perform a manual restore.
- Selecting certain files to restore.
- Requesting an automatic full restore.
All three restore options allow for independent restores of an individual site on the network. The user can also roll back their entire network by restoring the main site.
Psst! There's more!
Setup requiring no download or install | Monitoring for file changes | Network-wide restore | Client logins | Whitelabeled portal | Independent site restores | |
CodeGuard | ||||||
VaultPress | ||||||
BackupBuddy | ||||||
BackWPup |
Plugins are vulnerable
In fact, a recent study revealed that almost 20% of the Top 50 WordPress Plugins and over 8 million plugin downloads are vulnerable to basic but crippling hacks like SQL injections and cross-site scripting. If the plugin wasn’t created by WordPress.org, the likelihood that basic security measures have been assessed and enforced is very slim.
SFTP lets you "set it and forget it"
Some backup plugins are limited because they rely on WordPress' pseudo-cron system which doesn’t kick off the actual cron job until someone visits your website. Using SFTP to setup your account with CodeGuard ensures that your backups are automatically initiated every 24 hours, regardless of whether or not you’ve had visitors.
Plugins make the user do more work
Connecting over SFTP allows CodeGuard users to benefit from daily pushes of code without downloading a single update. Had we chosen to maintain a plugin option, our emphasis on immediate improvements would need to change or users would face constant friction from incompatible and out-of-date plugins. Frankly, we see relying on SFTP as a win-win: users benefit from continuous updates without having to manage them.
Domain migration - it’s not automated just yet, but you can download your individual site’s zip file and manually upload it onto a new domain
Client Roles - associate your client logins with a Role to customize how much freedom they have within the web application
Adjustable settings - adjust the frequency of backups and notifications and the style of ChangeAlert emails
Increased support - in addition to access to support documents and email capabilities, Professional users have phone support, too
Enhanced security - two factor authentication (Authy) and IP logging