Having a website for every SMB has become very common and a necessity. Having a site started, is not enough. It has to be constantly updated to ensure that it is running securely. SEO is not a necessity for all sites. Hosting website is also exciting for many enthusiast to share or blog. Security is often overlooked until it is too late. Security is reactive not proactive.

Google blacklists 10,000 websites everyday. It is mainly due to hacks, malware, and other general site weaknesses. Blacklisted sites can get the IP address(on which it is hosted on) to get blacklisted too. All other websites hosted on the same server, will get affected. This causes mails to be rejected(bounced or worst dropped) and affects site reputation. Customer blames hosting provider and hosting provider blame customers for vulnerable site. Customer has no clue whatsoever, what the hosting provider is talking about!?$

Matter gets worse, there is no previous pristine state backup!

Hosting provider has 2 weeks of backup(or no backup at all), and the site has been infected for longer than 2 weeks. The oldest restore possible is with infected files. So, now customer will have to reach out to a vendor who can clean up their website, which comes at a steep price. Customer tries to figure out another cheap vendor, and the clock is ticking. Time flies and Hosting provider has to take call now, cause the infected site is damaging IP reputation and affecting other sites. Hosting provider has to suspend the site. Irate customer, calls support and throw some angry words at support personnel. Hosting support replies with a simple standard answer of Hosting Policy. Support employee is frustrated, but has no choice. Hosting provider has no choice but to loose a customer to save other customers sites.

The customer now has to clean site and move to another hosting provider, which adds to the agony. Customer looses online presence, looses time and money, before getting his site online and whitelisted. Customer decides to take his frustration out, starts blogging about his harrowing experience, taking it out on the Hosting provider, who just did what they could.

Let's rewind a bit

Lets rewind this scenario, in a different way.

Hosting provider has a backup software, which maintains all changes of all sites in a revisioning system. The backup software is light weight, and does not take high server computing resources. The backup runs daily and backups only changes, saving a lot of disk reads. No more daily blind data dump, killing server resources, and slowing down server, and slow loading websites. The backup software notifies the customer on every site file change.

Customer site hosted with the Hosting provider, is running an old version CMS. One fine day, the site has been compromised due to a vulnerability on old version CMS, and is infected with a backdoor php script. The backup software notifies the customer on a new file. The customer identifies that this change was not done by his team or site developer. Customer quickly restores the site back to its pristine revision/snapshot. Customer identifies that the site is running old version, and updates the site, which is the root cause. Disaster averted!

Customer was able to fix the issue, without going through all the hassles, post site blacklisting. Happy customer! Support team did not have to go through all the hassle dealing with irate customer. Happy employees means happy customers! Hosting provider was able to avert a customer loss and save reputation.

What if the backup software has an auto revert feature that will automatically revert the file changes? What if the customer can't quickly revert the infected file.

To make things better, what if the backup software can automatically update the CMS to latest version?

Some key features to look into site backup software:-

  • Light weight on hosting server. In a very competitive hosting industry, it is very difficult to do more than just rendering sites, as far as server resources are concerned. Cant stress server resource!
  • It should backup all sites on server
  • It should be super fast, so as to quickly release FTP connections
  • Configurable maximum FTP concurrent connections. Backup software should have an option for hosting server administrators to configure maximum number of connections allowed during high traffic time. Serving sites is more important, and backup can be delayed for that duration
  • Notify site owner on file changes
  • Maintain all revisions/snapshots since first backup
  • Option to restore site to any previous snapshot
  • Option to restore web files and databases separately. If only files were affected, no need to loose blog entries stored in database. Just a file restore is enough
  • Run security scans on the offline backup data, to catch malwares and notify user
  • Run vulnerability scan on files, and detect which files can be infected
  • Auto revert file changes, for idle sites(which are the ones mostly targeted)
  • Automatically patch sites to the latest secure versions
  • Option for customer to keep a copy of data under their control (BackBlaze/S3 compliant)
  • Keep another copy of data in remote Geo location
  • Ensure safe transit of FTP(clear text) data

BountySite backs up sites, starting from 1$ per year. There is no reason why you should not have backup. BountySite has been designed for Hosting Providers to keep their hosting infrastructure safer, and is built to backup millions of websites.

Cheers!