How to Back Up Your Database and Files Separately

When managing websites or applications, your data is typically split into two critical components:

1. Files – such as themes, plugins, media uploads, and configurations.
2. Databases – which store structured information like user accounts, orders, posts, and settings.

For effective disaster recovery, it’s essential to back up these two components separately. This approach ensures faster restores, targeted recovery, and better protection against corruption.

Why Separate Backups?

• Efficiency: Databases change frequently, while file structures remain more stable.
• Flexibility: Restore just the database after a bad update, or only the files after corruption.
• Security: Databases often contain sensitive data that may require stricter encryption and compliance handling.

Step 1: Back Up Your Database

The method depends on your database type (MySQL, PostgreSQL, etc.), but the principle is the same:

• MySQL/MariaDB:

  mysqldump -u username -p database_name > backup.sql
  

• PostgreSQL:

  pg_dump -U username database_name > backup.sql
  

✔ Store the .sql file securely and compress it to save space.

Pro Tip: Automate with cron jobs or scheduling tools to take daily/weekly snapshots.

Step 2: Back Up Your Files

Files include website code, images, plugins, and configurations.

• Linux command-line:

  tar -czvf site_files_backup.tar.gz /var/www/html
  

• Or use rsync for incremental backups:

  rsync -avz /var/www/html /backups/html
  

✔ For shared hosting, many control panels (like cPanel or Plesk) provide built-in file backup options.

Step 3: Store Backups Securely

Follow the 3-2-1 Rule:

• 3 copies of your data
• 2 storage types (local + cloud)
• 1 offsite backup

Options include:

• Cloud storage (AWS S3, Google Cloud, Backblaze)
• Encrypted external drives
• Remote servers with secure SSH transfer

Step 4: Test Your Restores

A backup is only useful if it works. Regularly restore both files and databases in a test environment to ensure:

• Data integrity
• Restore speed
• Compatibility with your applications

Final Thoughts

By backing up your database and files separately, you gain more control, flexibility, and resilience in your disaster recovery strategy. At Vicservers, we help hosting businesses implement secure and automated backup solutions that safeguard both your critical files and databases.

Protect your business with smarter backups today. Learn more at vicservers.com.

 

Setting Up Automated Backups Using Cron Jobs

Data is the heart of any online project. Whether you’re running a small blog, an e-commerce store, or a corporate website, losing your files or database can be catastrophic. That’s why backups are non-negotiable.

On a Linux VPS, one of the most reliable ways to automate backups is by using cron jobs — a time-based job scheduler built into Unix-like systems. In this guide, we’ll walk you through setting up automated backups with cron jobs to keep your data safe and easily recoverable.

Why Automated Backups Matter

Manual backups are fine for occasional use, but they’re not practical for production environments. Automated backups:

• ✅ Ensure consistency (you won’t forget to back up).
• ✅ Save time by running in the background.
• ✅ Provide peace of mind in case of hacks, accidental deletions, or crashes.
• ✅ Help with quick disaster recovery.

Step 1: Understanding Cron Jobs

Cron jobs are scheduled commands that run automatically at specified times or intervals.

The cron syntax looks like this:

* * * * * command-to-run
│ │ │ │ │
│ │ │ │ └── Day of the week (0 - 7)
│ │ │ └──── Month (1 - 12)
│ │ └────── Day of the month (1 - 31)
│ └──────── Hour (0 - 23)
└────────── Minute (0 - 59)

Example:

0 2 * * * /home/user/scripts/backup.sh

This means: Run backup.sh every day at 2:00 AM.

Step 2: Creating a Backup Script

Before scheduling, you’ll need a script to perform the backup.

Example: File Backup Script

Create a script called backup.sh:

#!/bin/bash

# Variables
BACKUP_DIR="/home/user/backups"
SOURCE_DIR="/var/www/html"
DATE=$(date +%F-%H-%M-%S)
FILENAME="backup-$DATE.tar.gz"

# Create backup directory if not exists
mkdir -p $BACKUP_DIR

# Create compressed backup
tar -czf $BACKUP_DIR/$FILENAME $SOURCE_DIR

Make it executable:

chmod +x backup.sh

This script compresses your website files into a .tar.gz archive and stores them in /home/user/backups.

Step 3: Database Backup (Optional)

If you’re running MySQL or MariaDB, you should also back up your database.

Add this to your script:

DB_USER="root"
DB_PASS="yourpassword"
DB_NAME="yourdatabase"

mysqldump -u $DB_USER -p$DB_PASS $DB_NAME > $BACKUP_DIR/db-$DATE.sql

This creates a SQL dump of your database alongside your file backup.

Step 4: Scheduling with Cron

Edit your user’s crontab:

crontab -e

Add a schedule, for example:

0 2 * * * /home/user/backup.sh

This will run the backup every day at 2 AM.

Step 5: Rotating Backups

To prevent your server from filling up, add a cleanup rule to delete old backups (e.g., keep only the last 7 days):

find $BACKUP_DIR -type f -mtime +7 -delete

This removes backups older than 7 days.

Step 6: Verifying and Restoring

Always test your backups to ensure they work.

To restore files:

tar -xzf backup-2023-12-01-02-00-00.tar.gz -C /var/www/html

To restore a database:

mysql -u root -p yourdatabase < db-2023-12-01-02-00-00.sql

Best Practices for Backup Security

• 🔒 Store backups on remote storage (e.g., another server, AWS S3, or Google Drive).
• 🔑 Encrypt sensitive backups before storing them.
• 📅 Use different frequencies (daily, weekly, monthly).
• ✅ Regularly test restores to avoid surprises.

Conclusion

Automated backups using cron jobs are a simple yet powerful way to safeguard your website or application. With just a few scripts and scheduled tasks, you can protect your project from unexpected data loss.

At Vicservers, we understand the importance of uptime and data protection. That’s why we provide secure VPS hosting with full control over your environment, making it easy to implement automated backups tailored to your needs.

Don’t wait for disaster to strike — set up your automated backups today with Vicservers!

 

Best Practices for Hardening a Linux Server

When it comes to server security, prevention is always better than cure. Whether you’re hosting a personal blog, a client website, or a critical business application, protecting your Linux server from unauthorized access and potential exploits is essential. Hardening your server is the process of reducing its attack surface to minimize vulnerabilities — and it’s a must for any responsible administrator.

In this blog post, we’ll walk through practical, tested Linux server hardening best practices to help you lock down your environment and stay ahead of cyber threats.

Why Linux Server Security Matters

Linux is widely known for its stability and security, but no system is secure by default. Out-of-the-box Linux configurations often leave ports open, use weak settings, or allow unnecessary services. This can open the door to:

• Unauthorized access
• Privilege escalation
• Data breaches
• Ransomware or malware infections
• DDoS attacks

With Vicservers, you get secure-by-default hosting infrastructure, but as a server owner or administrator, hardening your Linux system is your responsibility.

1. Keep Your System Updated

Always start with the basics:

sudo apt update && sudo apt upgrade -y  # Ubuntu/Debian
sudo yum update -y                     # CentOS/RHEL

Enable automatic security updates:

sudo apt install unattended-upgrades

🔁 Regular patching prevents known exploits from being used against your server.

2. Disable the Root Login

Root login is a major target for brute-force attacks. Disable it and create a limited user with sudo privileges instead:

sudo adduser yourusername
sudo usermod -aG sudo yourusername

Edit SSH config:

sudo nano /etc/ssh/sshd_config

Find and change:

PermitRootLogin no

Then restart SSH:

sudo systemctl restart ssh

3. Use SSH Key Authentication

Password authentication is weaker than key-based login. Here’s how to set up SSH keys:

On your local machine:

ssh-keygen -t rsa -b 4096
ssh-copy-id yourusername@yourserver_ip

On the server, disable password logins:

sudo nano /etc/ssh/sshd_config

PasswordAuthentication no

Restart SSH.

4. Set Up a Firewall (UFW)

The Uncomplicated Firewall (UFW) is easy to use and powerful:

sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow OpenSSH
sudo ufw enable

Add more services as needed:

sudo ufw allow http
sudo ufw allow https

✅ Only open ports you absolutely need.

5. Remove Unused Services and Packages

Every installed package is a potential risk. Identify and remove what you don’t use:

sudo netstat -tulpn  # Check listening ports
sudo systemctl list-units --type=service

Remove unnecessary services:

sudo apt purge apache2
sudo apt autoremove

6. Install and Configure Fail2Ban

Fail2Ban helps prevent brute-force attacks by blocking suspicious IPs:

sudo apt install fail2ban

Create a custom jail config:

sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Then edit /etc/fail2ban/jail.local and configure:

[sshd]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 5

Restart the service:

sudo systemctl restart fail2ban

7. Disable Unused Network Protocols

Turn off IPv6 if you don’t use it:

sudo nano /etc/sysctl.conf

Add:

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1

Then apply:

sudo sysctl -p

 8. Configure AppArmor or SELinux

Both are mandatory access control systems that prevent unauthorized access to files and processes.

• AppArmor is easier and used in Ubuntu.
• SELinux is more complex but powerful (used in CentOS/RHEL).

Install AppArmor:

sudo apt install apparmor apparmor-profiles
sudo systemctl enable apparmor

9. Limit User Privileges

Never give full root access unless absolutely necessary. Use sudo and create roles using /etc/sudoers.

sudo visudo

Add rules like:

webadmin ALL=(ALL) /usr/bin/systemctl restart apache2

10. Automate Backups

Security also means recoverability. Automate your backups using:

rsync -av --delete /var/www/ user@backupserver:/backups/site/

Or use VicServers’ off-site backup services for peace of mind.

11. Monitor Logs and Access

Set up logwatch or logrotate to keep an eye on logs:

sudo apt install logwatch
sudo logwatch --detail High --mailto [email protected] --service sshd --range today

Check login attempts:

sudo cat /var/log/auth.log | grep "Failed password"

12. Use Strong Password Policies

Install libpam-pwquality for enforcing password strength:

sudo apt install libpam-pwquality

Edit /etc/pam.d/common-password:

password requisite pam_pwquality.so retry=3 minlen=12 ucredit=-1 lcredit=-1 dcredit=-1

13. Enable Port Knocking (Optional)

This adds an extra layer by hiding the SSH port. It only opens when a specific “knock” sequence is sent.

Install knockd:

sudo apt install knockd

Configure port sequences like:

[options]
    UseSyslog

[openSSH]
    sequence = 7000,8000,9000
    seq_timeout = 15
    command = /sbin/iptables -A INPUT -s %IP% -p tcp --dport 22 -j ACCEPT

14. Use Monitoring Tools

Use htop, top, or glances to monitor server performance.

Install Glances:

sudo apt install glances

Also, tools like Netdata or Zabbix offer web dashboards for proactive monitoring.

✅ Quick Checklist for Hardening a Linux Server

Task	Status
Keep system up to date	✅
Disable root login	✅
Set up SSH keys	✅
Configure UFW firewall	✅
Remove unused services	✅
Install Fail2Ban	✅
Disable IPv6	✅
Use AppArmor or SELinux	✅
Enforce password policies	✅
Set up backups	✅
Monitor logs	✅
Use secure DNS (optional)	✅

Final Thoughts

Server hardening isn’t a one-time task. It’s an ongoing commitment to security, performance, and reliability. By following these best practices, you significantly reduce your risk exposure and ensure your systems are ready for real-world threats.

At VicServers, we prioritize security at every layer — from hardened infrastructure to 24/7 monitoring and support. Whether you’re managing a VPS, Dedicated Server, or Shared Hosting plan, our platform gives you the tools and guidance to succeed.

Ready to Take Your Hosting Further?

✅ Secure Linux VPS hosting
✅ Automated backups
✅ 24/7 support
✅ DDoS protection and firewalls

👉 Get Started at Vicservers

Have questions or need help hardening your server? Reach out to our support team anytime.

Published by VicServers – Empowering Secure Hosting Across Africa

How to Speed Up Your Website Using GZIP and Caching

Website speed isn’t just a matter of convenience anymore — it’s a ranking factor, a conversion booster, and a customer expectation. A slow-loading site can kill your traffic, hurt your SEO, and cost you money. That’s why enabling GZIP compression and caching are two of the smartest (and easiest) ways to speed up your website today.

In this post, we’ll walk you through how to use GZIP and caching effectively to boost your site’s performance, improve user experience, and reduce bandwidth usage — all in line with Vicservers’ commitment to lightning-fast, secure hosting.

 Why Speed Matters

Before diving into GZIP and caching, here’s why website speed is critical:

• 📉 53% of users abandon a site that takes more than 3 seconds to load (Google)
• 📈 Faster sites rank higher on Google
• 💸 Slow websites lose sales and credibility

With these stakes in mind, let’s jump into two powerful speed-boosting tools: GZIP compression and browser/server caching.

---

What Is GZIP Compression?

GZIP is a file format and a software application used for file compression and decompression. When GZIP is enabled on your server, it compresses your web files (like HTML, CSS, JavaScript) before sending them to users’ browsers.

✅ Benefits of GZIP:

• Shrinks file sizes by up to 70%
• Reduces page load times
• Saves bandwidth
• Improves SEO scores

How GZIP Works

Imagine you’re sending a long document to a friend. You wouldn’t send 50 pages individually — you’d zip it and send one compressed file. GZIP works the same way: your server compresses files before transmission, and the browser decompresses them on arrival.

How to Enable GZIP on Your Server

If You’re Using Apache:

1. Open your .htaccess file (in your website root folder)
2. Add the following:

<IfModule mod_deflate.c>
  AddOutputFilterByType DEFLATE text/plain
  AddOutputFilterByType DEFLATE text/html
  AddOutputFilterByType DEFLATE text/xml
  AddOutputFilterByType DEFLATE text/css
  AddOutputFilterByType DEFLATE application/javascript
  AddOutputFilterByType DEFLATE application/json
</IfModule>

✅ Make sure mod_deflate is enabled in Apache.

---

If You’re Using NGINX:

Open your NGINX config (usually in /etc/nginx/nginx.conf) and add:

gzip on;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml;
gzip_min_length 256;
gzip_vary on;

Don’t forget to restart your server after changes:

sudo systemctl restart nginx

---

If You’re on VicServers (with cPanel):

1. Log in to cPanel
2. Go to Optimize Website
3. Select “Compress All Content”
4. Click Update Settings

That’s it! VicServers makes it beginner-friendly.

---

✅ Test If GZIP Is Working

Use tools like:

• https://www.giftofspeed.com/gzip-test/
• Chrome DevTools → Network tab → Check content encoding

If you see content-encoding: gzip, it’s working!

What Is Caching?

Caching stores copies of files so future requests load faster. Think of it as your browser or server “remembering” what’s been seen before so it doesn’t reload everything from scratch.

🔄 Types of Caching:

1. Browser Caching – Stores files in the user’s browser
2. Server-Side Caching – Stores pages on the server for quicker rendering
3. CDN Caching – Stores files on edge servers closer to users

How to Enable Browser Caching (Apache)

Add this to your .htaccess file:

<IfModule mod_expires.c>
  ExpiresActive On
  ExpiresByType image/jpg "access plus 1 year"
  ExpiresByType text/css "access plus 1 week"
  ExpiresByType application/javascript "access plus 1 month"
  ExpiresDefault "access plus 2 days"
</IfModule>

This tells browsers how long they should keep a file cached before rechecking with the server.

How to Enable Caching in NGINX

In your nginx.conf:

location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
    expires 7d;
    add_header Cache-Control "public";
}

Don’t forget to reload NGINX:

sudo systemctl reload nginx

---

🔌 WordPress Users: Use Plugins

If you’re on WordPress, you can use caching plugins like:

• W3 Total Cache
• WP Super Cache
• LiteSpeed Cache (Recommended on VicServers)

These plugins offer one-click caching, GZIP, minification, and CDN support.

 How to Check If Caching Works

Use:

• GTmetrix.com
• Google PageSpeed Insights
• Browser DevTools → “Network” tab → Look for cache-control headers

How Caching and GZIP Work Together

• GZIP reduces file size for each download
• Caching reduces the number of downloads

Together, they create a faster, leaner web experience.

Other Speed Optimization Tips

• Use a Content Delivery Network (CDN) like Cloudflare
• Compress images using tools like TinyPNG
• Limit heavy JavaScript usage
• Enable lazy loading for images
• Regularly update your CMS/plugins/themes

Why Vicservers Is Built for Speed

When you host with Vicservers, you’re not just getting space — you’re getting performance infrastructure built to scale. Our hosting plans include:

• SSD storage
• GZIP-ready configurations
• Server-side caching support
• LiteSpeed for high-speed performance
• One-click WordPress optimization

We give you the tools. You make the impact.

Need Help?

If you’re not sure how to enable GZIP or caching, don’t worry — Vicservers support is always here to assist.

📧 Email: [email protected]
🌐 Website: www.vicservers.com

Final Thoughts

Speed isn’t optional — it’s essential. GZIP compression and caching are two of the most effective ways to optimize your website’s load time and keep your visitors happy. Whether you run a blog, an e-commerce store, or a corporate site, the faster your pages load, the better your results.

Ready to boost your website’s speed and SEO? Host with Vicservers and experience the difference.

Published by VicServers – Powering Nigeria’s Digital Future

WordPress Security 101: Plugins and Server Settings

WordPress powers over 40% of websites globally — and that popularity makes it a prime target for cyberattacks. Whether you’re managing a blog, an e-commerce store, or a corporate website, WordPress security should be one of your top priorities.

In this beginner-friendly guide, we at Vicservers will walk you through the essentials of securing your WordPress site using plugins and proper server configurations.

Why WordPress Security Matters

• 43% of cyberattacks target small businesses
• Over 90,000 attacks happen on WordPress sites every minute
• A hacked site can cost you time, money, traffic, and reputation

Fortunately, you don’t need to be a cybersecurity expert to protect your site. All it takes is smart plugin choices and secure server settings.

Essential WordPress Security Plugins

1. Wordfence Security

Features:

• Web application firewall (WAF)
• Real-time traffic monitoring
• Malware scanning and repair

Why we recommend it:
Wordfence offers one of the best free versions for site protection, plus detailed reports.

2. iThemes Security

Features:

• Brute-force protection
• 404 detection
• File change monitoring

Why we recommend it:
It’s great for beginners and includes over 30 security tweaks right out of the box.

3. Sucuri Security

Features:

• Malware detection
• Website firewall (premium)
• Security activity auditing

Why we recommend it:
Sucuri also offers free malware cleanup with their premium plan — a lifesaver after an attack.

4. WP Login Lockdown

Features:

• Restricts login attempts from the same IP
• Stops brute-force attacks
• Customizable lockout times

Why we recommend it:
Simple and lightweight — great for protecting your WordPress login page.

5. UpdraftPlus (for Backup)

Features:

• Scheduled backups to Google Drive, Dropbox, etc.
• Restore directly from WordPress
• Supports file/database backup

Why we recommend it:
In case of an attack, backups will save your life. UpdraftPlus is the most reliable free backup plugin.

Secure Server Settings (The Vicservers Way)

As important as plugins are, server security is your first line of defense. Here’s how to lock down your hosting environment — especially if you’re on a VPS or dedicated server.

1. Use a Secure Hosting Provider

Choose a host like Vicservers that provides:

• Free SSL
• Firewall & malware scanning
• Regular software patching
• Isolated server environments

2. Keep PHP and MySQL Up-to-Date

Older versions are full of vulnerabilities. Always upgrade to the latest stable versions of:

• PHP (e.g., 8.1 or above)
• MySQL / MariaDB

On Vicservers, we handle these updates for you.

3. Disable Directory Listing

Add this to your .htaccess file to prevent visitors from seeing the contents of folders:

Options -Indexes

4. Limit File Permissions

Set the correct file and folder permissions:

Files:   644  
Folders: 755
wp-config.php: 400 or 440

This ensures hackers can’t modify key files.

5. Move wp-config.php and .htaccess

Move sensitive config files one directory above the web root when possible. This adds a layer of protection from browser-based access.

6. Use SSH/SFTP Instead of FTP

Disable traditional FTP and always use SFTP or SSH for secure file transfers.

7. Install a Web Application Firewall (WAF)

Use a server-level WAF like:

• CSF Firewall
• Fail2Ban (blocks brute-force IPs)
• ModSecurity (built into many cPanels)

We include these on all Vicservers managed VPS.

Additional Tips for Locking Down WordPress

• Use strong passwords & 2FA (Two-Factor Authentication)
• Change the default login URL from /wp-login.php to something unique
• Limit user roles and audit accounts regularly
• Delete unused plugins and themes
• Install a CAPTCHA on login and comment forms

Automate, Monitor, and Recover

Automate:

• Daily backups with UpdraftPlus
• Plugin/theme updates with tools like ManageWP or via cPanel

Monitor:

• Use Wordfence Live Traffic and Sucuri logs
• Set up email alerts for suspicious logins

Recover:

• Keep regular off-site backups
• Have a security action plan if you’re compromised

Pro Tips from Vicservers Experts

• Use Cloudflare for an additional security layer & DDoS protection
• Don’t install plugins from untrusted sources
• Consider a staging environment for safe testing
• Use cPanel’s IP blocker to blacklist frequent offenders

Final Thoughts

WordPress is powerful — but with power comes responsibility. Fortunately, keeping your site safe doesn’t require a cybersecurity degree. A combination of smart plugin choices, proper server configurations, and a reliable host like Vicservers gives your site a strong security foundation.

Need Help Securing Your WordPress Site?

Our team at Vicservers offers:

✅ WordPress hardening
✅ VPS firewall setup
✅ Free SSL installation
✅ Daily malware scans
✅ Full website recovery

 Let’s Secure Your WordPress Site Today

🌐 www.vicservers.com
📧 [email protected]

By Vicservers | Web Hosting Experts in Nigeria