Last year, a multitude of WordPress websites running both free and premium themes found themselves hacked or vulnerable to hacking because of a weakness in a script called Timthumb which automatically generates image thumbnails. The excellent Timthumb Vulnerability Scanner for WordPress made it possible to scan for vulnerable instances of the script and update them with a single click. However, anyone who — like me — updated Timthumb once, called it good and disabled the plugin was in for a nasty surprise a few months later, as it turned out that the updated version of Timthumb was vulnerable as well. Although my WordPress theme provider — Elegant Themes — stopped using Timthumb as soon as the vulnerability was discovered, I simply updated Timthumb and held off on updating Elegant themes until later. Bad idea; one of my websites was compromised and a hacker used the vulnerability to plant a back door on my server. Thankfully, no damage was caused. I’ll be discussing the cleanup process in another post. However, all of this pain could have been avoided if I had been using Code Garage.
I found out about Code Garage’s Locker service through the Timthumb Vulnerability Scanner, which Code Garage developed. For a long time, I had a sense of security stemming from the false belief that, because my operations are relatively small, hackers would most likely be more interested in going after the big guys. In fact, I should have realized that people who hack websites are just like people who hack into computers; they don’t target individuals, they simply run scripts that scan thousands of potential targets for vulnerabilities automatically. Clearly, I’m no security expert, and even if I were, I want to focus on what I do best: developing websites and writing great content. I investigated Code Garage’s Locker service because I was impressed with the vulnerability scanner and wanted to find a WordPress backup service with similar simplicity and ease of use. I also didn’t want to spend a lot of money. The Locker service starts at just $10 per month, and I was inspired to write this Code Garage review because to date, I’ve been very happy with the investment.
Code Garage has five plans for the Locker service depending on the number of WordPress websites you need to protect:
Enterprise plans are also available if you need to protect more than 50 websites, but the basic feature set of Code Garage remains the same regardless of the number of websites protected.
Code Garage makes daily backups of all your protected websites and maintains them for a rolling 30-day period. So, for example, if you have a disaster and need to restore your website, you can restore from yesterday’s backup or any other backup created in the last month. The backups don’t just include the text content stored in your website’s database; they also include your images and other files. It’s a complete backup solution, and if you aren’t sure how to restore from a backup on your own, Code Garage’s staff will walk you through the recovery process.
Code Garage scans your website four times a day for warning signs that it may have been hacked, such as unexpected changes to the content or new outbound links to websites known to host malware. If a change raises a warning sign and it turns out that the security of your website has been compromised, Code Garage will assist you with scanning your website’s code and removing the vulnerability.
Your Web host may promise uptime of more than 99%, but do they deliver? Twelve times per hour, Code Garage pings your website to confirm it is available. If no response is received, Code Garage notifies you to make you aware that it might be time to look for a new hosting provider. Although the WordPress backup and recovery features of Code Garage are well worth the $10 starting price on their own, you shouldn’t scoff at the security and availability monitoring features; if I had subscribed to Code Garage before the WordPress Timthumb issue occurred, I would have known about it before it had become a problem.
The money earned from your website is the result of months or years of work researching, designing, writing, testing, networking and link building. If running a website isn’t your full-time job yet, it probably still consumes the equivalent number of hours. I spend all of my time growing my websites and starting new ones, and at the time that I fell victim to the Timthumb vulnerability, my most recent backup was several months old. It pains me to think of the amount of work I would have lost. If you’re like me, I urge you to give Code Garage a try. You can cancel anytime within the first seven days, there are no contracts and your backups remain available until the end of the subscription period if you decide to cancel.