Yesterday, Automattic, the company that brought you WordPress and hosts 10+ million blogs at, announced a new product called VaultPress, that will backup your WP install to the cloud.

On their blog, they described VaultPress this way:

The vision of VaultPress is to ensure that blogs and sites under its care are always completely secure, regardless of what happens. Today, this means every bit of content will be safe, from plugins and themes to the smallest comment or post revision, with WordPress-aware, real-time, multi-cloud backups. This is some of the most advanced technology I’ve seen interact with WordPress.

TechCrunch estimates that it will cost $15-25 per month to backup your tables and assets with VaultPress. They’re just opening up the private beta of this service, so expect to hear more from users over the next couple of months. You can sign up for the beta here.

At quick glance, it’s good that WordPress is making it easier to backup installations and I hope the system is easy to setup and maintain. That’s been one of WP’s biggest strengths – it’s ease of use and hopefully that will continue on with VaultPress.

If you don’t want to use VaultPress, there are other ways to backup your WordPress data and assets. Here are a few ideas you can start using today. I use all of them, because I’m paranoid about losing content. This is a good trait to have, especially if you’re using WordPress as a CMS.


Themes can be re-installed or restored from a backup, but the key piece of data you can’t lose when it comes to WordPress is the MySQL database that runs the whole show. The WP DB Backup plugin will backup your database on a schedule (hourly, daily, weekly, monthly) and the backup file (a gzipped file) can be saved to the server in a location you determine, downloaded on demand or emailed to you. You can specify which tables in the database you want included, which is nice.

I prefer emailing a backup to Gmail (where size isn’t a problem) and archive a few there just in case. The email looks like this and can be easily filtered and labeled.

Backup email

Automatic WordPress Backup

The Automatic WordPress Backup will grab your entire WP directory, assets, themes and your database and put it in one file and automatically upload that file to your Amazon S3 account. Like the DB plugin, you can specify how often you want your files backed up and what to include (configs, database, themes, plugins and user uploaded content.) This is a nice “set it and forget it” type backup plan. I know that the backups run weekly and go to S3, where I don’t have to worry about it until I need it.

What I like about this is that it will present you, inside the plugin, a quick download link to your backup files. This saves you the step of getting into S3 to grab the file you need.

This is a very cost efficient model, since storage at S3 costs $0.10USD for each gigabyte you store, and WP backups are usually under 5MB, so you’re paying maybe a few cents a month for piece of mind. Well worth it, I think.

The plugin config screen:

What it looks like in S3:

Backup to S3 from the Command Line

This one is not for the faint of heart, or those not comfortable with working in a Linux/Unix command line environment. This script by Eric Nagel grabs your databases (not just WordPress, any of them you want), your web directories and whatever else you want, zips them up (separately) and sends them to S3. You can specify how many previous days of backups you want to keep and the script will delete backups older than x number of days (I usually set this to 5.) If you need to backup files larger than 2GB (a PHP limitation), check out this blog post.

I like this method because once set up and set to run via Cron, you can very easily do nightly backups of your entire web root as well as your databases. While your IT department or hosting company is doing full and incremental backups, getting, say, one database table or file is a pain for you (as well as the IT staff). This method makes that much easier.

This type of backup is absolutely critical in case the entire machine catches fire. This S3 method just backs up the web area, making your life a tad bit easier when it comes time to recover something. Since you can specify more directories and datbases than just WordPress, this method may end up costing you a bit more, but that security is well worth the small cost from Amazon.

Repeat after me: it’s always good to have more than one backup of your data. Always.

This past week was the second birthday of this blog, and so far, the terrible twos haven’t been so bad.

It’s been a ton of fun to write and connect with people all over the world. In the time I’ve had this blog, I’ve spoken at 13 events, conferences or webinars in both the United States and the United Kingdom, I’ve taken a new job at a new university, I’ve become the biggest WordPress cheerleader imaginable, I’ve served a technology fellow at NITLE and so much more. 2010 is shaping up to be just as much hard work and most importantly, fun.

Here are some interesting statistics from two years of blogging:

Posts: 210
Comments: 381
Visitors: 67,433 visitors from 162 countries
Page views: 96,155 page views
Most popular post: How to add a custom tab to your Facebook page
Countries with the most visitors: US, United Kingdom, Canada, Australia, India
Country with the fewest visitors: Tied between Angola and Vatican City

So, what will the next two years hold for this blog? I’m going to continue to write interesting content relating to web development in higher education, cloud computing, and the future of IT in higher education, with a bit of code and fun stuff like QR codes thrown in there for fun. I’m throwing around the idea of doing some bespoke WordPress/cloud consulting. I’m looking forward to more travel to work with more great people.

Want to keep up with what I’m up to? I’m on Twitter, Facebook, LinkedIn or you can always use this form to email me.

All in all, life’s pretty awesome.

I heart WordPress. I was a long-time Movable Type user and advocate. When I started this blog in early 2008, I used it as an opportunity to learn and experiment with WordPress, and I’ve become as big a WP advocate as there is.

One of things that is very critical when it comes to WordPress is making sure your install is up-to-date. Security holes are quickly patched and old installations make easy targets for hackers and script kiddies worldwide.

There’s a pretty large-scale WordPress infestation going around right now. I’ve had to help a few bloggers I know with getting their installs cleaned out and up-to-date, in one case they had never updated beyond version 2.33 (2.8.4 is the most up-to-date).

If you are running a version earlier then 2.8.4, please update as soon as possible. WordPress has recently added in an auto-update functionality, but I still prefer the thoroughness of the WordPress Automatic Upgrade plugin. If you are running anything earlier than WordPress 2.7, that plugin will make your life much easier and you will be updated in just a few minutes automatically.

However, you may not know if your site has been hacked. If you are seeing URL’s like this one, you have been:$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/.

This blog post has detailed instructions on how to clean out the hack (including getting rid of admin users the bad code creates).