jetpack使用_如何使用Jetpack备份和保护WordPress

jetpack使用

This article was sponsored by Jetpack. Thank you for supporting the companies who make SitePoint possible.

本文由Jetpack赞助。 感谢您支持使SitePoint成为可能的公司。

Jetpack is undoubtedly one of the most popular WordPress plugins with millions of installs at the time of writing.

截至撰写本文时，Jetpack无疑是最受欢迎的WordPress插件之一，具有数百万次安装。

If you’ve been following WordPress in the news, you might have heard that Jetpack has undergone some serious redevelopment over the past year, if you haven’t checked it out for a while — now is a good time to take another look.

如果您一直在新闻中关注WordPress，那么您可能已经听说Jetpack在过去的一年中进行了一些重大的重新开发，如果您有一段时间没有进行检查，那么现在是重新审视的好时机。

Developed by Automattic (the people behind WordPress.com) Jetpack is more than just another plugin, it’s more like a plugin on steroids. It brings self-hosted WordPress sites many of the same features of WordPress.com, with a few powerful additions.

由Automattic (WordPress.com背后的人)开发的Jetpack不仅仅是另一个插件，它更像是类固醇的插件。它为自托管的WordPress网站带来了WordPress.com的许多相同功能，并添加了一些强大的功能。

We’ve covered Jetpack in detail at SitePoint, however the latest version boasts a completely redesigned UI, along with a wide range of new features. In this article, we’ll be covering some of the new security features including integrated daily and real-time backups.

我们已经在SitePoint上详细介绍了Jetpack ，但是最新版本具有完全重新设计的UI，以及一系列新功能。在本文中，我们将介绍一些新的安全功能，包括集成的每日和实时备份。

Jetpack安装和功能概述 (Jetpack Installation and Features Overview)

如何安装Jetpack (How to Install Jetpack)

Before you begin, double check you’re running the latest version of WordPress and that your site is publicly accessible (if you’re using a local installation check out Jetpack’s developer mode). You might also want to double check that your web host uses PHP 5 or later (if not, it might be a good idea to move!).

在开始之前，请仔细检查您正在运行的是WordPress的最新版本，并且您的站点可以公开访问(如果您使用的是本地安装，请查看Jetpack的开发人员模式 )。您可能还需要仔细检查您的Web主机是否使用PHP 5或更高版本(如果没有，最好搬走！)。

The easiest method of installation is via the online Jetpack installer. I’ll take you through a brief walkthrough:

最简单的安装方法是通过在线Jetpack安装程序。我将向您简要介绍一下：

Start by typing in your site URL (eg: www.mywebsite.com) — Jetpack will automatically check whether your site is compatible — and click “Start Installation“.

首先输入您的站点URL (例如：www.mywebsite.com)，Jetpack将自动检查您的站点是否兼容，然后单击“ 开始安装 ”。
On the next page, click “Install Jetpack“. This will take you to your WordPress dashboard where you will need to click “Install Plugin”.

在下一页上，单击“ Install Jetpack ”。这将带您到WordPress仪表板，您需要在其中单击“ Install Plugin ”。
Once the plugin has installed click “Activate“.

插件安装完成后，单击“ ** ”。
You will then see the following alert to connect your website to WordPress.com:
然后，您将看到以下警报，将您的网站连接到WordPress.com：

When you click ‘Connect to WordPress.com’ you will be redirected to WordPress.com to either create an account or sign in with an existing account.
当您单击“连接到WordPress.com”时，您将被重定向到WordPress.com以创建帐户或使用现有帐户登录。
After you’ve created an account or logged in with your existing account, Jetpack will confirm that you’re happy to connect the site to this user and then return you to your WordPress site.
创建帐户或使用现有帐户登录后，Jetpack将确认您很高兴将网站连接到该用户，然后将您返回到WordPress网站。
You will now find you have a new ‘Jetpack’ dashboard menu item which enables you to control what features you use.
现在，您将找到一个新的“ Jetpack”仪表板菜单项，使您可以控制使用的功能。

For WP-CLI users, you can also get Jetpack up and running using this command: wp plugin install jetpack.

对于WP-CLI用户，您还可以使用以下命令启动并运行Jetpack： wp plugin install jetpack 。

For more information on the installation process, check out Jetpack.com and the handy quick start guide.

有关安装过程的更多信息，请查看Jetpack.com和便捷的快速入门指南。

Jetpack的主要功能 (Key Features in Jetpack)

The Jetpack interface has been rewritten from the ground up using the popular JavaScript library React. The user experience is smooth and navigating the module selection and configuration feels very snappy.

Jetpack接口已经使用流行JavaScript库React从头开始重写。用户体验很流畅，浏览模块的选择和配置感觉非常敏捷。

Jetpack is definitely the Swiss Army knife of WordPress plugins. It offers more than 30 features with a comprehensive range of services and benefits all in the one plugin. What’s even better is that you can just activate what you need, which enables this plugin to be highly customizable for any WordPress site.

Jetpack绝对是WordPress插件的瑞士军刀。它在一个插件中提供了30多种功能以及全面的服务，并为您带来所有好处。更好的是，您可以**所需的内容，从而使该插件可以针对任何WordPress网站进行高度自定义。

The main features of the Jetpack plugin centre around 5 key areas:

Jetpack插件的主要功能围绕5个关键领域：

Backups and Security – Brute force protection and single sign-on. Jetpack’s Premium features also allow spam protection, offsite backups with archive and storage, automated restores and malware scanning.

备份和安全性 –蛮力保护和单点登录。 Jetpack的高级功能还提供垃圾邮件防护，通过存档和存储进行的异地备份，自动还原和恶意软件扫描。
Performance – High-speed CDN and uptime monitoring.

性能 –高速CDN和正常运行时间监控。
Traffic and Engagement – Site stats, related posts, enhanced distribution, sharing tools and the ‘Professional’ subscription level also enables your site to run polls, ratings and surveys.

流量和参与度 –网站统计信息，相关帖子，增强的分发，共享工具和“专业”订阅级别也使您的网站能够进行民意调查，评级和调查。
Site Management – Plugin management, auto updates and cross platform tools. The subscription options also include easy site migration (via Backups).

站点管理 –插件管理，自动更新和跨平台工具。订阅选项还包括轻松的站点迁移(通过备份)。
Support – The free plugin provides basic support to all users, however the Premium options for Jetpack provide additional WordPress and security support.

支持 –免费插件为所有用户提供基本支持，但是Jetpack的高级选项提供了额外的WordPress和安全支持。

Some of the lesser known features I like are Custom Content Types, Markdown support and Custom CSS, but in this article I’m going to dig deeper into the first point of Backups and Security.

我不喜欢的一些鲜为人知的功能是“自定义内容类型”，Markdown支持和“自定义CSS”，但是在本文中，我将更深入地探讨“备份和安全性”的第一点。

如何使用Jetpack备份您的网站 (How to Backup Your Website with Jetpack)

Jetpack offers some powerful site management and system administration capabilities. One of the most overlooked and underrated tasks for all site owners is backups. We’ll take a look at the Premium options for backups available with Jetpack, but first I’ll delve into why backups are important.

Jetpack提供了一些强大的站点管理和系统管理功能。对于所有网站所有者而言，最容易被忽视和低估的任务之一就是备份。我们将看一下Jetpack可用的高级备份选项，但首先我将深入探讨备份为何如此重要。

并非所有备份都相等 (Not All Backups Are Created Equal)

Just because your host includes ‘backups’, if you look in the fine print these backups are often not kept for very long and they come with no guarantees, sometimes even charging you to restore the backup if the need arises.

仅仅因为您的主机包括“备份”，如果您仔细查看这些备份，这些备份通常不会保存很长时间，并且没有任何保证，有时甚至会在需要时向您收取恢复备份的费用。

I always recommend that my clients never rely on hosting provider backups, for many reasons. Here are a few:

由于种种原因，我总是建议我的客户不要依赖主机提供商的备份。这里有一些：

The backups are often on the same system (or network) as your website. If the hosting service fails, your backup goes down with your website
备份通常与您的网站位于同一系统(或网络)上。如果托管服务失败，则您的备份将与您的网站一起关闭
Your backups are not guaranteed
不保证您的备份
They are just best effort, and typically nobody is checking the integrity of your backups
它们只是尽力而为，通常没有人检查备份的完整性
You have no legal comeback if your backups are lost
如果备份丢失，则没有合法的复出
You have no control over your backups, sometimes being unable to download your own copy for archiving
您无法控制备份，有时无法下载自己的副本进行存档

It doesn’t matter what you’re working on — losing all of your hard earned work can be one of the most frustrating and expensive occurrences we face. It’s all too common, and happens all too easily.

不管您从事什么工作，失去所有辛苦的工作可能是我们面临的最令人沮丧和代价最高的事情之一。这太普遍了，太容易发生了。

Despite your best efforts, failures do happen, so be prepared. A good backup strategy includes storing (preferably offsite) a number of backups, on an automated schedule to help protect you in the event that things go wrong. Certain types of failures might not be apparent immediately, which is why it’s recommended you also maintain an archive of your older backups.

尽管您尽了最大的努力，但失败的确会发生，因此请做好准备。良好的备份策略包括按自动计划存储(最好是异地)多个备份，以在出现问题时帮助保护您。某些类型的故障可能不会立即显现出来，这就是为什么建议您还维护旧备份的存档的原因。

Jetpack的备份选项 (Backup Options with Jetpack)

For individuals and businesses that take their website operations seriously, there are two subscription options available with Jetpack. Both of these options come with professional support, something that many businesses using WordPress want.

对于认真对待其网站操作的个人和企业，Jetpack提供两个订阅选项。这两个选项都具有专业支持，这是许多使用WordPress的企业所希望的。

If you only need daily backups of your site, then Jetpack’s ‘Premium’ subscription option is a great choice. It will provide daily backups of your WordPress themes, plugins, uploads and database. As mentioned above, site owners don’t immediately realize there is an issue with their site, so having access to a 30 day archive of these daily backups is a great feature so you can choose to restore any daily point in time within that 30 day period.

如果您只需要每天备份站点，则Jetpack的“ Premium”订阅选项是一个不错的选择。它将为您的WordPress主题，插件，上传和数据库提供每日备份。如上所述，网站所有者并没有立即意识到他们的网站存在问题，因此可以访问这些每日备份的30天存档是一项很棒的功能，因此您可以选择恢复该30天之内的任何时间点期。

For $99 per year, per site, the ‘Premium’ option provides you with:

每个站点每年99美元，“高级”选项为您提供：

Automated daily backups with an easy one click restore feature
轻松的一键还原功能自动执行每日备份
Spam filtering via the Akismet plugin
通过Akismet插件过滤垃圾邮件
Malware scanning on a daily basis
每天扫描恶意软件

If you spend a significant amount of time in your website on a daily basis then realtime backups are a better choice. These are part of Jetpack’s ‘Professional’ plan which will backup every post, comment, media file, revision and dashboard settings as the changes happen. You can also reap the benefits of a full backup archive so you will be able to restore any backup for the life of your subscription.

如果您每天在网站上花费大量时间，那么实时备份是一个更好的选择。这些是Jetpack的“专业”计划的一部分，该计划将在发生更改时备份每个帖子，评论，媒体文件，修订和仪表板设置。您还可以从完整备份存档中获得好处，因此您将可以在订阅期内恢复所有备份。

For $299 per year, per site, the ‘Professional’ option provides all the great features in the ‘Premium’ subscription but also includes:

每年每站点$ 299，“专业”选项提供“高级”订阅中的所有出色功能，但还包括：

Unlimited off-site backups in real time
实时无限的异地备份
One-click security threat resolution
一键式安全威胁解决
Premium WordPress and security support
高级WordPress和安全支持

Daily backups will be adequate for many sites, however with WordPress now powering more and more ecommerce, membership or community sites, realtime backups are becoming increasingly more important. Realtime backups mean that each change is saved at on offsite location, separate from your hosting environment.

每日备份对于许多站点来说已经足够了，但是随着WordPress现在为越来越多的电子商务，会员或社区站点提供支持，实时备份变得越来越重要。实时备份意味着每个更改都保存在异地位置，与托管环境分开。

备份和还原过程的演练 (Walkthrough of the Backup and Restore Process)

Backups in Jetpack happen automatically in the background. As mentioned above, the initial complete backup will take a little longer than subsequent backups.

Jetpack中的备份在后台自动发生。如上所述，初始完整备份将比后续备份花费更长的时间。

Once you’ve selected your subscription and made your payment, Jetpack will automatically install and configure VaultPress (which powers backups and security scanning) and Akismet (which powers spam filtering).

选择订阅并付款后，Jetpack将自动安装和配置VaultPress(为备份和安全扫描提供支持)和Akismet(为垃圾邮件过滤提供支持)。

If you’ve signed up for a Premium subscription, backups will automatically occur on a daily basis. If you have a Professional subscription, they’ll happen in realtime as your site changes. We’ll walk through an example using a Premium subscription, showing you how to restore a backup.

如果您已经注册了高级订阅，则备份将每天自动进行。如果您拥有专业版订阅，则它们将在您的网站更改时实时发生。我们将通过一个使用高级订阅的示例进行演示，向您展示如何还原备份。

查找备份 (Locating Your Backups)

You can find your backups in the VaultPress dashboard, you can visit https://dashboard.vaultpress.com/, follow the link in your WordPress.com account, or your own WordPress dashboard. You can then navigate to the date you’re looking for and either restore a complete backup, or browse and download or restore individual files. This is a handy feature that not all backup plugins or services offer.

您可以在VaultPress仪表板中找到备份，可以访问https://dashboard.vaultpress.com/ ，按照WordPress.com帐户中的链接或您自己的WordPress仪表板进行操作。然后，您可以导航到所需的日期，然后还原完整的备份，或者浏览并下载或还原单个文件。并非所有备份插件或服务都提供此便利功能。

恢复备份 (Restoring a Backup)

The Settings page is where you can give VaultPress access to your host using SSH, SFTP or FTP, as well as set alternate credentials if you want to move your site to a new host. These settings are provided at the time you sign up for your hosting account. If you ever need to restore from a backup, you’ll need to make sure you’ve configured server access.

在“设置”页面上，您可以在其中通过SSH，SFTP或FTP向VaultPress授予对主机的访问权限，如果要将站点移至新主机，还可以设置备用凭据。这些设置在您注册主机帐户时提供。如果您需要从备份中还原，则需要确保已配置服务器访问权限。

Once you’ve configured your server settings, restoring a backup is easy. Here are the steps:

配置服务器设置后，恢复备份很容易。步骤如下：

Sign in to the dashboard and the ‘view backups’ section
登录信息中心和“查看备份”部分
Find the backup you want to restore and click ‘restore’
找到要还原的备份，然后单击“还原”
You can then select any or all of the options for restoring database, plugins, themes and uploads
然后，您可以选择任何或所有选项来还原数据库，插件，主题和上载
You will then be asked to confirm the restore
然后将要求您确认还原
That’s it! No need to mess around with manual database and file restores yourself, Jetpack handles all of the heavy lifting.
而已！无需搞乱手动数据库和文件即可自己恢复，Jetpack可以处理所有繁重的工作。

On the Settings page you can also add other users via their WordPress.com accounts and grant them access.

在“设置”页面上，您还可以通过其WordPress.com帐户添加其他用户并授予他们访问权限。

Once you’ve activated VaultPress, an initial backup will kick off. This initial backup can take a while, however subsequent backups are much faster.

**VaultPress后，将启动初始备份。初始备份可能需要一段时间，但是后续备份要快得多。

You can also restore a backup to a new hosting provider or a new domain, here’s some more information on how to do this.

您还可以将备份还原到新的托管服务提供商或新域，这是有关如何执行此操作的更多信息。

如何使用Jetpack保护您的网站 (How to Secure Your Website with Jetpack)

Web security is a topic that I am particularly passionate about and something that website owners should never take for granted.

Web安全是我特别热衷的话题，也是网站所有者永远不应理所当然的事情。

常见的WordPress安全威胁 (Common WordPress Security Threats)

In a recent report (called the Website Hacked Trend Report 2016 – Q1), Sucuri analyzed over 11,000 infected websites.

在最近的一份报告(称为《 2016年第一季度网站黑客趋势报告》)中，Sucuri分析了超过11,000个受感染的网站。

Of those that were running WordPress, over 50% were out of date.

在运行WordPress的网站中，超过50％已过时。

In the conclusion, they noted:

他们在总结中指出：

“If there is one thing we know from this report is that vulnerable software is a big problem, contributing to a large number of compromises. The blanket guidance to stay current and update is falling on deaf ears. Some initiatives, like those undertaken by WordPress – emphasis on backward compatibility and auto-updates – are having positives effects on the core of the platform, but we know that the majority of the compromises are coming from a platform’s extensible components, not its core.”

“从这份报告中我们知道的一件事是，易受攻击的软件是一个大问题，导致了许多妥协。 保持最新和更新的全面指导充耳不闻 。诸如WordPress所采取的一些举措(强调向后兼容性和自动更新)正在对平台的核心产生积极影响，但是我们知道，大多数的妥协来自平台的可扩展组件，而不是其核心。 ”

Source: https://sucuri.net/website-security/website-hacked-report

资料来源： https : //sucuri.net/website-security/website-hacked-report

The bolding is mine, but it’s something I feel worth highlighting because I constantly keep seeing this problem in the field — and from people that should know better. It’s up to all of us to take security and backups seriously, and also educate our peers and clients. Regular updates and backups are easily enabled, so there aren’t any excuses.

粗体是我的，但这是我值得强调的地方，因为我一直在该领域以及应有更多了解的人们不断看到这个问题。我们所有人都有责任认真对待安全性和备份，并教育我们的同行和客户。定期更新和备份很容易启用，因此没有任何借口。

Jetpack also offers a centralized management interface that makes the job of managing lots of sites much easier.

Jetpack还提供了一个集中式管理界面，使管理许多站点的工作变得更加容易。

Jetpack中提供的安全选项 (The Security Options Available in Jetpack)

Security is a process. It should never be a ‘set and forget’ approach. Monitoring your website for security threats is an important consideration for any website owner.

安全是一个过程。它绝不应该是“一劳永逸”的方法。监视网站是否存在安全威胁是任何网站所有者的重要考虑因素。

Recognizing the importance of web security, Jetpack has simplified security monitoring for your website with a dedicated section called ‘Security’ under the ‘Settings’ section of the plugin which offers:

认识到网络安全的重要性，Jetpack通过在插件的“设置”部分下的一个名为“安全性”的专用部分简化了对网站的安全监控，其中包括：

Protection against brute force attacks (Free)
防止暴力攻击(免费)
Monitoring of site downtime (Free)
监视站点停机时间(免费)
Single sign-on for secure authentication (Free)
单点登录以进行安全认证(免费)
Security Scanning to protect from threats and attacks (Premium)
安全扫描以防御威胁和攻击(高级)
Akismet spam control (Free and Premium options)
Akismet垃圾邮件控制(免费和高级选项)
Automatic backups of your entire site (Premium)
自动备份整个站点(高级)

缓解攻击的示例 (Example of Mitigated Attacks)

Jetpack will check for several common threats, including changed WordPress core files, web shells (that give attackers control of your site) and detection of plugins and themes with known security vulnerabilities.

Jetpack将检查几种常见威胁，包括更改的WordPress核心文件，Web Shell(使攻击者可以控制您的网站)以及检测到具有已知安全漏洞的插件和主题。

Below is an example of a very common issue caused by the TimThumb script used in many older themes.

下面是一个由许多较旧主题中使用的TimThumb脚本引起的非常常见问题的示例。

结论 (Conclusion)

In this article, we’ve covered the core features available with Jetpack, focusing on security and backups. It couldn’t be easier to get started with using Jetpack as part of your website security and backup regime.

在本文中，我们介绍了Jetpack可用的核心功能，重点是安全性和备份。开始使用Jetpack作为网站安全和备份机制的一部分，这并非易事。

If you want to learn more about the features of Jetpack, SitePoint has previously covered this topic, along with WordPress maintenance, in the following articles:

如果要了解有关Jetpack的功能的更多信息，SitePoint以前在以下文章中介绍了此主题以及WordPress维护：

I’d also recommend the official documentation for reference and support:

我还建议官方文档以供参考和支持：

Automattic is offering SitePoint readers 10% off on Jetpack plans — follow this link to get the code.

Automattic正在为Jetpack计划的SitePoint读者提供10％的折扣-单击此链接可获得代码。

翻译自: https://www.sitepoint.com/how-to-backup-and-secure-wordpress-with-jetpack-2/