5463 min read

The 3-2-1 Backup Strategy: Why One Backup Is Never Enough (Part 14 of 20)

Varun Dubey

Founder, Wbcom Designs · Published Mar 10, 2026 · Updated Mar 26, 2026

Common Backup Mistakes to Avoid

Multisite Backup

WordPress Multisite (a network of sites sharing one WordPress installation) requires backing up both the shared core files and each site’s database tables. The main database contains all sites’ tables under the same prefix. UpdraftPlus supports multisite backup. BlogVault specifically touts multisite support as a differentiator. BackupBuddy supports multisite on its higher-tier plans.

Test restoring individual subsites from a multisite backup – this is more complex than a single-site restore and requires understanding the table structure. Practice this restore process in staging before you need it in a real emergency.

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WooCommerce Backup Considerations

WooCommerce stores have critical data beyond posts and pages: orders, customers, product inventory, payment transaction records, and shipping data. A WooCommerce backup strategy requires attention to a few additional points:

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Encryption

Your backup files contain your database with user emails, hashed passwords, order information, and any personal data your site collects. If these files are stored unencrypted in cloud storage, a breach of that storage account exposes your users’ data. UpdraftPlus Plus and BackupBuddy both support encrypting backup archives before uploading to cloud storage. The encryption key is stored separately from the backup files.

For GDPR compliance (discussed in Part 15 of this series), encrypting backups containing personal data is a best practice and in some cases a requirement. Enable encryption if your backup plugin supports it, especially for WooCommerce stores with customer data or membership sites with user profiles.

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

The wp db export command creates a SQL dump of your database. The wp media sync command updates file attachment metadata. For files, use standard tar or rsync commands via SSH. Combine these in a shell script and schedule via cron for reliable server-side backups independent of any WordPress plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Configure your backup plugin to send an email notification for every backup – both success and failure. Most people configure notifications for failures only, but a success notification gives you positive confirmation that the backup ran. If you stop receiving success emails, that is a signal to investigate.

Check your backup files periodically for size. A backup that is significantly smaller than usual may indicate the backup process failed partway through. A 500MB backup that suddenly shows up at 5MB is a red flag.

BlogVault and Jetpack Backup have backup verification built in – they automatically confirm backup integrity after each run. For UpdraftPlus, you need to check manually or set up Uptime Robot to verify the backup files are being updated regularly.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

If you cannot restore successfully from a backup, that backup has zero value. Most backup failures discovered during testing are caused by: incomplete backups (the plugin timed out mid-backup on a large site), corrupted backup files (compression errors), or missing credentials for the backup destination (expired OAuth tokens, changed S3 access keys).

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

Your WordPress database contains your posts, pages, comments, user accounts, plugin settings, and all transient data. It is typically the most valuable part of your site and the most frequently changing. Your files (WordPress core, plugins, themes, uploads) are slower to change and easier to recreate – you can always reinstall WordPress core and plugins from scratch.

For small sites where storage is a concern, you can back up the database daily and files weekly. This reduces backup storage significantly on sites with large media libraries. The restore process is slightly more complex (reinstall WordPress + plugins + restore database + sync files), but for sites with limited resources it is a practical approach.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

How long should you keep backups? The answer depends on how quickly you would notice a problem. A plugin that silently injects SEO spam might not be noticed for weeks. A database corruption might not show up in your tests for days. Having backup history that covers at least 30 days lets you restore to a point before a problem that was not immediately obvious.

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

For most WordPress sites, scheduled full backups are the practical choice – simplicity and reliable restore trumps storage efficiency. Incremental backups make more sense for large sites (100GB+ of uploads) where full backups take too long to complete, or for real-time backup services like Jetpack that log every change.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Backup frequency should match how often your content changes. The question to ask: “If I lost everything that happened in the last X hours, would that be acceptable?” Your answer determines your backup interval.

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Files change much less often than the database. Your theme files, plugin files, and uploads do not change unless you install updates or upload new media. Backing up files daily or weekly is usually sufficient. The database – which contains all your posts, orders, user accounts, settings, and comments – changes constantly and warrants more frequent backups.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backblaze B2 is the clear winner on price at $0.006/GB/month – roughly 80% cheaper than Amazon S3. Combined with Cloudflare’s free egress from Backblaze (they have a bandwidth alliance), download costs are essentially zero. UpdraftPlus, BackupBuddy, and most other backup plugins support B2 natively.

Google Drive and Dropbox are easier to set up and the free tiers cover small to medium sites. Google Drive’s free 15GB is enough for many blog backups (database is usually under 100MB; files are larger but compress well).

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Many managed WordPress hosts provide automatic snapshots at the server infrastructure level, separate from any plugin. These are typically faster to restore from than plugin-based backups because they operate at the disk image level rather than copying files one by one.

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Host-level backups are convenient but do not satisfy the 3-2-1 rule on their own. A backup on the same hosting account as your live site is one copy, one media type, same location. Combine host snapshots with a plugin that sends backups to an independent cloud storage account that you control.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

UpdraftPlus is the most widely used backup plugin with 3+ million active installs. The free version is genuinely complete – it backs up files and database on a schedule you configure, to any of the major cloud storage options, and restores from within the WordPress dashboard. The paid version adds incremental backups, staging, multisite support, and backup encryption.

For the 3-2-1 strategy: configure UpdraftPlus to backup to two destinations – for example, Google Drive AND an FTP server or S3 bucket. That gives you the live site (copy 1) + Google Drive (copy 2, offsite) + S3 (copy 3, different offsite location). Total cost: free, plus storage costs.

BlogVault

BlogVault is the premium choice when you want fully managed backups without configuration. It automatically backs up your site to BlogVault’s cloud, maintains 365 days of backup history, and offers an emergency restore button that works even if your WordPress admin is inaccessible (it restores directly via a server-side script). The staging feature lets you clone your site to a test environment with one click. For agencies managing client sites, BlogVault is worth the cost for the peace of mind alone.

Jetpack Backup

Jetpack’s real-time backup logs every change to your site – every post edit, every plugin update, every comment – and gives you a complete activity log. If something breaks, you can see exactly what happened and restore to a point seconds before the problem. The $9.95/month cost is competitive for real-time backup, though the storage is managed by Automattic’s cloud (you cannot bring your own S3 bucket). Good choice for high-activity sites where point-in-time restore is important.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Most website owners have a backup. Most of those backups are stored in exactly one place – usually the same server as the live site. When the server fails, the backup fails with it. When the hosting account gets hacked, both the site and the backup are compromised simultaneously. When the backup plugin has a silent bug and produces corrupted files, you do not find out until you actually need to restore – and discover you have nothing usable.

The 3-2-1 backup strategy solves all of these problems with a simple rule that IT professionals have used for decades. This guide explains the rule, walks through the tools that implement it for WordPress, and covers the restore process that most backup guides skip entirely.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Why three copies? Because any single backup can fail. Disk failures are far more common than most people expect. A backup file that was created correctly can silently become corrupted over time due to bit rot, storage system errors, or a bad backup process. Having three copies means a double failure has to occur simultaneously to leave you without any recourse.

Why two media types? Because failures often affect everything on the same storage system. A RAID array failure, a hosting account termination, or a ransomware attack can wipe out everything stored in one place at once.

Why one offsite copy? A fire, flood, or physical theft at your data center can destroy everything at one location. An offsite copy (cloud storage, a different data center, a physically separate location) is not affected by local disasters. For most website owners, “offsite” means cloud storage – Amazon S3, Google Drive, Backblaze B2, or Dropbox.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

The 3-2-1 Rule Explained

The 3-2-1 rule states:

3 copies of your data (the live site plus 2 backups)
2 different storage media types (for example: local server storage + cloud storage)
1 copy stored offsite (physically or logically separate from the others)

Backup Plugin Comparison

Plugin	Free Version	Paid Plans	Real-time Backup	Offsite Storage	One-Click Restore	Staging
UpdraftPlus	Yes (full-featured)	From $70/yr	No (scheduled)	S3, Google Drive, Dropbox, OneDrive, FTP	Yes	Paid only
BlogVault	No	From $89/yr	Yes (every 24hrs, real-time on higher plans)	BlogVault cloud (included)	Yes (emergency restore)	Yes (included)
Jetpack Backup	No	From $9.95/mo	Yes (every activity logged)	Jetpack cloud	Yes	No
BackupBuddy	No	From $99/yr	No (scheduled)	S3, Dropbox, Stash (included), Google Drive	Yes	Yes
All-in-One WP Migration	Yes (limited 512MB)	Extensions from $69	No	Extension required	Yes (import/export)	No

UpdraftPlus

BlogVault

Jetpack Backup

Host-Level Snapshots

Cloudways – Automated backups every 24 hours retained for 7 days (lower plans) to 30 days (higher plans). On-demand backups available. Backups stored in the same data center as your app.
Kinsta – Automatic daily backups with 14-30 day retention depending on plan. Hourly backup add-on ($100/mo per site). Manual backup before any major changes.
WP Engine – Daily automated backups retained for 40 days, one-click restore from any backup point.
SiteGround – Daily automated backups free, copies retained for 30 days on higher plans.

Offsite Storage Options and Pricing

Service	Free Tier	Paid Pricing	Egress Costs	Best For
Amazon S3	5GB free for 12 months	$0.023/GB/mo (standard)	$0.09/GB out	Technical users, AWS ecosystem
Google Drive	15GB free	$2.99/mo (100GB)	Free	Simple setup with UpdraftPlus
Dropbox	2GB free	$9.99/mo (2TB)	Free	Easy integration with backup plugins
Backblaze B2	10GB free	$0.006/GB/mo	$0.01/GB out (free with Cloudflare)	Best price, high-volume backups
OneDrive	5GB free	$1.99/mo (100GB)	Free	Microsoft/Office365 users

Backup Frequency: How Often Should You Back Up

Site Type	Database Backup	Files Backup	Rationale
Simple blog (few posts/week)	Daily	Weekly	Posts are infrequent; files rarely change
Active blog (daily posts)	Every 6-12 hours	Daily	Multiple posts per day means daily database loss is significant
WooCommerce store (low traffic)	Every 6 hours	Daily	Orders are critical; losing 6 hours of orders is painful
WooCommerce store (high traffic)	Hourly or real-time	Daily	High order volume means even 1 hour of data loss matters
Membership/community site	Every 6 hours	Daily	User data, messages, and activity logs are valuable

Incremental vs Full Backups

A full backup copies everything – all files, the entire database. An incremental backup copies only what has changed since the last backup. The tradeoff:

Full backups: Larger files, slower to create, take more storage, but simple to restore – just one file.
Incremental backups: Small files, fast to create, efficient storage use, but restore requires applying the base backup plus all subsequent incrementals in order.

Retention Policies

Daily backups: Keep 30 days of history minimum. 90 days for compliance-sensitive sites.
Weekly backups: Keep 12-26 weeks (3-6 months).
Monthly backups: Keep 12 months.
Before major changes: Keep indefinitely (or at least 90 days). Always take a manual backup before a WordPress major version update, a plugin update for a business-critical plugin, or any significant theme changes.

Database-Only vs Full Backups

The Restore Testing Procedure

This is the step most backup guides skip. A backup that has never been tested is worthless. The only way to know your backup works is to restore it and verify the result.

Monthly Restore Test Checklist

Set up a staging environment (most managed hosts provide one; Local by Flywheel works for local testing).
Download your most recent backup file from your offsite storage location – not from your server.
Restore it to the staging environment using the same process you would use in an emergency.
Log in to the restored site and verify: admin login works, most recent post exists, plugin settings are intact, WooCommerce products and orders present (if applicable).
Check the front end: does the site look correct? Are all images loading?
Note how long the restore took. In an emergency, this is how long your site will be down.
Document any issues encountered during the restore process.

Backup Verification and Monitoring

Disaster Scenarios and Recovery Paths

Scenario	Recovery Path	Estimated Downtime
Bad plugin update broke the site	Restore database from pre-update backup, reinstall previous plugin version	15-30 minutes
Accidental post deletion	Restore database only, identify the missing post	10-20 minutes
Malware infection	Restore from clean backup (pre-infection), then apply security hardening	30-60 minutes
Server complete failure	Set up new hosting, restore from offsite backup	1-4 hours
Hosting account terminated	Move to new host, restore from offsite backup	2-8 hours
Ransomware attack	Do not pay. Restore from offline/offsite backup that was not connected during attack	2-8 hours
Data center disaster	Restore from geographically separate offsite backup	4-12 hours

WP-CLI Backup Commands

If you have SSH access to your server, WP-CLI can run backups directly from the command line. This is useful for scripting automated backups that do not depend on a plugin.

Backup Encryption

WooCommerce Backup Considerations

Order data frequency: Database backups must be frequent enough that losing a few hours of order data is acceptable. For high-volume stores, real-time or hourly backups are required.
Inventory accuracy: After restoring from a backup, inventory counts may be out of date. Plan for how you will reconcile inventory after a restore.
Payment records: Payment transaction data from your payment gateway is stored at the gateway (Stripe, PayPal) independently of your WordPress database. A WordPress backup does not back up Stripe transaction logs. Access payment history directly from your gateway dashboard.
Subscriptions and memberships: WooCommerce Subscriptions stores renewal schedules in the database. Restoring from an old backup can cause billing issues. After restoring, review upcoming scheduled renewals before going live.

Multisite Backup

Common Backup Mistakes to Avoid

Backup stored only on the same server as the live site – Server failure loses both simultaneously
Never testing restore – Discovering backup corruption during an actual emergency
Backup credentials stored only in WordPress – If WordPress is inaccessible, you cannot reach backup settings
Forgetting to update credentials after changing cloud storage keys – Backups silently fail after an S3 key rotation
Restoring to production to “test” – Only restore tests to staging environments
Skipping backups before major updates – WordPress core updates, WooCommerce major versions, and page builder updates are common causes of site breakage
No backup of the backup destination credentials – Store your S3/Google Drive credentials in a password manager separately from WordPress

Cost Analysis by Site Size

Site Type	Database Size	Files Size	Recommended Setup	Monthly Cost
Small blog (under 50 posts)	~10MB	~500MB	UpdraftPlus free + Google Drive (free 15GB)	$0
Active blog (500+ posts)	~50MB	~2GB	UpdraftPlus free + Backblaze B2	~$0.15/mo
WooCommerce store (medium)	~100MB	~5GB	UpdraftPlus Plus + S3 + real-time DB via Jetpack	~$5-15/mo
Large community or store	~500MB	~20GB	BlogVault or Jetpack Backup (real-time)	$20-30/mo

Series Navigation

This post is part of the Website Owner’s Toolkit – a 21-part series covering everything you need to run a successful website.

Wbcom Weekly

WordPress, Laravel, AI engineering — one short email every Friday.

Hire Wbcom

Work with our team

Full-stack engineering across WordPress, Laravel, Astro, and AI.

Talk to us

Featured Product

Jetonomy Pro

From $69

Once your forum is busy, you need engagement (reactions, polls, badges) and ops (analytics, webhooks, push). Jetonomy Pro ships 14 modular e...

View details

Discover More

Browse all products