17 Comments


  1. Great take on VaultPress and other backup solutions like BackupBuddy. For the past year, data portability has been a key catch phrase. And solutions like BackupBuddy offer that type of data portability allowing users to take their site data anywhere they want.


  2. @Benjamin – Yes. In fact, when I published the review of BackupBuddy, it was evident in the comments that the migration feature alone was worth paying for. It’s not just convenience people are after, it’s versatility. Matt knows this better than anyone which is why it’s only a matter of time before VaultPress has some sort of migration feature.


  3. Jeff, thanks for this …. we’re definitely not discouraged. After two years of being in the theme business and seeing one after another competitor launch almost daily, we’re used to it. :)

    Ultimately, we know competition is good for business … it keeps us sharp and innovative FOR our community — those who choice to spend their hard-earned money supporting us and allowing us to continue to release great WP projects.

    Many people have asked how we’ll respond and my answer is always this: We’re going to keep doing what we do … innovating and support our community.

    I also think people want choices. They want control. If only VaultPress or [insert any new backup solution] existed, people would still want another solution. And vice versa.


  4. What I don’t want to happen is some sort of major delay between the 0 day fixes being available for all WordPress users versus those who have paid for that type of comfort.

    Comon Jeff, that’d be plain silly. It’s in everyone’s best interest (including Automattic’s) that security fixes are pushed out publicly ASAP. Not to mention that WordPress(.org) is not an Automattic product. While many of us contribute to it and help guide it’s development, it is it’s own independent entity.

    The advantage of having VaultPress take care of security uprades though is that upgrades would be able to be done automatically without your intervention which is currently required (you gotta be aware that a new version is out and then press that upgrade button).


  5. How is BackupBuddy even comparable to VaultPress? BackupBuddy doesn’t host your backup files for you, does it? I haven’t used the plugin, but don’t you have to supply a remote FTP server for it to move the files to?

    My backup solution is, however, along similar lines to VaultPress. I have a daily cron script that use Duplicity to encrypt and back up all the important stuff (/var/www, /etc/, and a directory of MySQL dumps) to Amazon S3. It’s cheap, reliable, and off-site.


  6. @redwall_hp – If you choose to do that, yes. But I opt to have my backup files stored on the same server as the site, in it’s own folder. Alternatively, I could have backup buddy email me the zip file containing just the database if it were of small size.

    I occasionally download the various backup files which creates two back ups, one that is off site via my webhosting account, and on my local PC. If I feel paranoid, I’ll move the backup file to my external hard drive.


  7. @Alex (Viper007Bond) – I don’t think it’s silly, I think that is a way to encourage people to pay for the service by creating a tiered environment. I don’t want that to happen because if it did, then yeah, it would be silly and downright stupid.

    As for automatic upgrades, that to me is the biggest selling point of VaultPress so far.


  8. There seems to be a lot of confusion about VaultPress and I think this is down to the flaky name which emphasises the backup aspect of the service. I suspect they decided to skew towards that because it is a selling point that anyone can understand but the two groundbreaking features – features that put it well beyond any existing backup plugins – are that VaultPress PATCHES and MONITORS your site.

    Google’s super-smart Matt Cutts has an excellent buzz about Why VaultPress is Important. He draws attention to this part of the announcement:

    “In the future, if your site is tampered with in any way, we’ll know within minutes and can take appropriate steps.”

    Again, VaultPress will be WATCHING your site. All of it. If a hacker somehow gets in and places a subtle link on some old post that you would never notice in a million years, VaultPress will. Remember, this is from the people who brought you Akismet.

    Now, you may not think this is important, link-hijacking may seem to be a far less concrete concern than the more obvious worry of losing all your data due to some sort of mistake or server failure, but the next year or two will see your priorities turned on their head.

    We are on the verge of a serious surge in Web usage because of a new wave of devices, led by the iPad, that will encourage more people to spend more time online. People who previously avoided the Web, people like my parents, now have an enticing onramp. This will be the most noticeable surge of newbies onto the Internet since back in the day, when AOL started mailing discs to every home in America. This is AWESOME news for any of us who own websites because there is going to be a lot more traffic to go round, and those idiots will be clicking a lot of ads.

    The BAD NEWS, however, is that there will also be a lot more money to be made by hacking WordPress sites and inserting links into old posts. Site hacking has already increased exponentially over the past couple of years, mainly because a strong market has formed for buying and selling links. The increase in traffic and money will mean that if your site has any skin in the game, it will be a target.

    Professional hackers are subtle, they don’t plaster your homepage will L33T messages, they simply place non-obvious links in old posts that you, the owner, are unlikely to visit. Like patient vampires, they slowly drain away your site’s PageRank.

    So, having a service that monitors your site is really, really useful.

    Of course, it also helps to prevent them getting in to begin with, and that is where immediate hot-patching is useful. Now, you may be a very efficient admin, who updates all the sites under his wing just as soon as you hear about a new security update – if you wake up in the morning and discover that an update has been released overnight, you update all your sites while you drink your coffee. BUT. What if a hacker, knowing that a security hole is certain to appear at some point, decides to make a list of attractive sites he will automatically hack within moments of an update being released? What if, like many hackers, he exploits that useful gap between an update being released and sites actually being updated? That is where hot-patching comes in useful, that is where VaultPress saves you a wasted day and some major headaches.

    You know, we discussed hot-patching here in the comments the last time a load of WP-based sites got compromised – the consensus was that, sure, it would be wonderful, but technically impossible. Well, look, here’s Automattic saying that they have a way to do it.

    And, coming back around to that crowd favorite, backups, VaultPress does it realtime, as you post, not on a scheduled basis like BackupBuddy. That is a big difference and an important one in an age when we are using to services such as GMail backing up our emails as we write them. Nightly backups are one thing, realtime backups are quite another.

    Now, let me just temporarily remove my head from Matt’s butt and say that there are some major problems with what he is proposing – simply put, the price sucks. Or, at least, it might suck. It seems to suck. The word on the street is that it sucks. We don’t really know, but the “planned price” of $25 dollars per mother-fuckin’-month is … problematic. Don’t get me wrong, if you have a huge site, a site that is your one-and-only central focus, the price is a steal. If, like Matt, you have 33 gigabytes of photos and thousands of online stalkers, $300 per year is not a problem. Likewise, if you have a business or if your livelihood depends upon your Web presence well, then, sure, $300 per year is nothing.

    Most of us, however, have divided our attention among a flotilla of smaller, more specific and blissfully amateur sites. We would LOVE to have all those sites monitored, hot-patched and backed-up in realtime, but that might mean paying thousands.

    Matt has already responded to one comment expressing concerns about the pricing with a fairly dismissive “If you’re a casual user, maybe it’s not a good fit” and, okay, yeah, Automattic are entitled to sell their service for whatever amount they want but, hmmm, I can’t help feeling that they are missing the bigger picture.

    It would be good for ALL of us if there was widespread adoption of hot-patching, making WordPress – by far the leading CMS – a less juicy target. I also believe that Automattic will end up making a lot more money by targeting not just that 1% of WP sites that are big and profitable enough (or small and stupid enough) to pay $300 per year. Is the underlying cost of any online service that great? Couldn’t they make more money by pricing it more along the lines of the $70 per year that Apple’s MobileMe charges? Or anything under $100 for smaller, less frequently updated sites, sites that don’t have 33 gigabytes of photos?

    I’m just saying.


  9. @donnacha | WordSkill – You have a knack for writing comments that are short novels. Do you have a site that focuses on WordPress? This would have made for a good post that I could link to. Not that I’m complaining that it’s a comment on the Tavern :)

    You want widespread adoption of hot-patching? build it into the core of WordPress without a price tag attached. I mean, if the benefit to all who use WordPress is to stay protected against the latest threats as soon as possible, attaching a price tag to that sort of makes it a little difficult if you’re not running off of subversion.

    As for a lot of the other stuff you mentioned, I don’t see how a good competent webmaster would fall into all of those traps with bad back links and such. Also, what if the server the site is on gets compromised? Does hot-patching and such become null and does VaultPress end up in a loop restoring the site, the site gets hacked, restore the site, site gets hacked, during one of these server level problems? I know you don’t work for VaultPress but I figured I’d ask :)


  10. @Jeffro – What, may I ask, is the point of backing up if you’re just going to keep the files on the same server? If someone else gains access, they can delete them. If the server catastrophically fails, they’re gone. The two biggest reasons to have backups defeat local storage.


  11. Yeah, I do tend to write a lot when I’ve been thinking all day about a particular subject – I try to break it up a bit with short paragraphs, and I try to pack a lot in but, yeah, it must be pretty daunting for readers to encounter such long posts. I hope I haven’t scared all your readers away :)

    I will, at some point, focus my thoughts on a WordPress-related blog of my own but, for now, I remain a comment terrorist, taking your readers hostage, if that’s okay with you Jeff.

    Sadly, hot-patching cannot be part of the free WordPress package, because an ongoing monitoring and patching service requires serious resources. This service must be paid for, there’s simply no other way to get it done, but my main point is that it doesn’t require $300 per year of resources, Automattic could probably make more money and do a lot of good for the wider WordPress eco-system if they could price this service just below the all-important $100 threshold – by all means, charge heavy users more but, really, the vast majority of sites cannot justify $300. I suspect they could make more by charging less.

    You are wrong, just plain wrong, if you think that competent webmasters notice the smaller, more professional hacks. C’mon, you’re a busy guy – unless you routinely examine all your old posts by hand and compare them against original print-outs, you’re not going to notice if someone has quietly linked all your 2008 mentions of the phrase “Web Design” to “Sanjeev’s House of Web, Best Prices For Your My Friend” site. That is the whole point, we are all busy guys and an entire link-building industry has built up around that fact.

    With regard to your question on the mechanics of VaultPress – yes, I am not privy to any details beyond what we have all read on the VaultPress site and the various tech news sites, but it seems pretty clear, and common sensical, that the hot-patching does not also entail hot-restoration.

    The hot-patch merely applies the latest core update as soon as it can, if a site is already compromised that won’t help. If your site is a smouldering pile of rubble, you will have to wipe everything and re-install using the most recent back-up – a bit like Apple’s excellent Time Machine and, in the same way, you can reach back to earlier versions if you feel that the most recent backups were in some way compromised. It is almost certain that Automattic will use heuristic signatures to detect compromised backups anyway.

    Also, with regard to the earlier comments about BuddyPress’ migration feature – any backup solution can be used for migration purposes, it’s just a question of how easy they make it, whether they provide the UI for it to be presented as a feature. I have no doubt that VaultPress will make migrations a snap.


  12. Jeff,

    I think Matt’s comment sums it up:

    That’s actually why we decided to take a different business model approach with VaultPress. Most of Automattic’s services are freemium, meaning the core product is free with premium upgrades available. That just didn’t seem appropriate as we imagine how we imagined VaultPress evolving over the next 5 years — it’s a high-end product, for high-end users.

    It’s not intended for average bloggers/average WordPress users. It is intended for WordPress users who deem the value of the potential loss of their content to exceed the price point (which I’ve seen anywhere from $15 – $25 per month).

    @donnacha | WordSkill

    Sadly, hot-patching cannot be part of the free WordPress package, because an ongoing monitoring and patching service requires serious resources. This service must be paid for, there’s simply no other way to get it done

    Why?

    If update notification (of core, plugins, and themes) can take place every 12 hours for every single wp.org installation in the wild, why would it be any great resource drain to allow site admins to configure their WP installs to automatically install core updates without their intervention?

    Why would this functionality take any particular additional resources?

    Unless you’re talking specifically about VaultPress monitoring a site for (malicious) changes? And if so, aren’t there plugins that do precisely that sort of monitoring?


  13. When Matt was in town a month or so ago, we had a prolonged chat about VaultPress over lunch. Let’s just say that some of the features he was proposing are really, really slick, but I did have the same concerns over the price. It doesn’t seem to fit my price point, although if I was running WordPress as part of a small business, I’d consider it a bargain.

    But the short of it is that that sort of price point is kinda required to make it profitable at all. Cloud storage simply isn’t cheap, especially when you’re using more than one provider for it.

    One feature that we talked about which I thought really drove the point home: Migration. How would you like to be able to migrate a site as easy as restoring a backup from their servers? That sort of thing is entirely possible. Now, I have no idea if they actually have that feature, just that it would be more than possible to do based on what he was talking about. Essentially you’re letting them manage your site entirely at the file and database content level, so having it automagically change those contents according to pre-defined methods lets you do this sort of thing.


  14. @Otto – the use of different clouds is attractive/smart, and I know that cloud storage is relatively expensive per GB but is it really $25 per month expensive? Even using replicating the data in two or three different places?

    Using Amazon as a yardstick, we’re talking around 15c per GB of storage, and the same per GB of transfer, even at the most expensive pricing tiers. The vast majority of WordPress sites have far, far less than a GB of data and would be adding far less again in posts per month, mostly text.

    If the cost of cloud services is seriously being put forward as a justification for the price, it means that all the sites which produce mostly text content will be subsidising the handful of extremely active photographers who aren’t already using Flickr ($25 per YEAR) or the even fewer video-makers who aren’t already using YouTube or VideoPress.

    Again, the advanced features are what is selling this to me but I would love to see Automattic have the balls to pursue the mass market by getting the price beneath the $100 per year barrier.


  15. @Chip Bennett – The resources involved go substantially beyond those involved in update notifications, including liability and the need to have serious engineering talent oncall 24/7. Polling for updates involves truly tiny amounts of bandwidth per site and not much CPU – either there’s a newer version or there isn’t. When an update is available, the user initiates it, is responsible for it and is right there to deal with any problems than crop up. The cost is relatively small.

    Once you get into hot-patching, you step into an entirely different territory. Dealing with millions of sites, a million variations of plugins, themes and ugly core hacks, it is impossible to predict how each site will be affected by the patch. The owner of a site that goes down might be asleep, at work or on Safari for three months. If his site goes down at a direct result of a botched patch, Automattic could be liable for all sorts of losses and, at the very least, their reputation would get a drubbing.

    So, when an exploit pops up, Automattic will need to have experts on hand to figure out how to counter it, create the patch, test the patch in as many different simulated environments as possible, release it and stick around to deal with any disasters that result. By the way, a side effect of all this effort and talent being poured into VaultPress should be faster and better patches for regular WordPress users, so, yay!

    Continuous monitoring is also much more expensive, because bots would have to keep reading your entire site, using a lot more bandwidth and CPU than simply posting an update notification.

    So, yes, they do need to charge, I am just hoping that they will put this within reach or regular users too.


  16. I like the look and sound of it. It caters to a different site owner than say BackupBuddy, which I also like the look and sound of.

    $300/yr (riffing off someone’s earlier comment) is a drop in the bucket if the site is making tens of thousands of dollars a year (or more), especially for the cloud-ey nature of Vaultpress. Having it automatically, and incrementally backup to resilient, replicated storage online saves a lot of hassles.

    For my smaller sites no doubt BackupBuddy and email/FTP to get the backup file off-server will be fine.

    The hot updates also interest me. Frankly I’m still disappointed that WP doesn’t include at least the *option* to do automatic upgrades. I understand the risks and still want it.

    In the IT world we went through similar resistance to Microsoft’s automatic Windows Update options when they first appeared, but the truth is they solve more problems than they create.


  17. Hi all,

    I think where vaultpress have something is that by pushing day zero security fixes and backups in the eyes of a board room is like having support from the people who make wordpress. Then they think we need that. Then they say IT Department – make it so.

    I know everyone contributes because i’m a geek but with the illustration above you can see why business users jump up at the idea and perhaps that who Automattic are after.

    T

Comments are closed.