Disaster Recover Plan (DRP)
1. Purpose
To ensure the swift restoration of hosting services in the event of a disaster (natural, cyber, or operational), minimizing downtime, data loss, and business disruption.
This Disaster Recovery Plan applicable to all shared hosting accounts, and dedicated servers with backup plans and SLAs.
2. Scope
This DRP applies to:
- Web servers (shared, VPS, dedicated, cloud)
- Databases (MySQL, MariaDB, etc.)
- DNS servers
- Email services
- Backup systems
- Core internal systems (billing, CRM, support desk)
- Data centers (primary & secondary)
3. Objectives
- Depending on SSL Agreement if applicable
- Restore web hosting services within 4 hours (RTO)
- Recover customer data with a maximum loss of 1 hour (RPO)
- Maintain continuous communication with clients
4. Risk Assessment
| Threat | Impact | Likelihood | Mitigation |
|---|---|---|---|
| Power outage | High | Medium | Redundant power + UPS/Generators |
| Cyberattack (DDoS, ransomware) | Critical | High | Firewalls, WAFs, 24/7 monitoring |
| Hardware failure | High | Medium | RAID, failover clusters |
| Data center disaster (fire/flood) | Critical | Low | Geo-redundant backup DC |
| Software/configuration error | Medium | Medium | Version control, CI/CD testing |
5. Key Roles & Responsibilities
| Role | Responsibility |
|---|---|
| DR Coordinator | Initiates DRP, communicates with all teams |
| SysAdmin Team | Executes server recovery and re-routing |
| Backup Manager | Ensures data recovery from offsite/cloud |
| Network Admin | Restores DNS, IP routing, firewall policies |
| Customer Support Lead | Updates customers and manages status page |
| Security Officer | Investigates breaches or exploits |
6. Data Backup Strategy
- Frequency:
- Continuous Raid Drive Data Replication
- Nightly Full Offsite Backs
- Storage Locations:
- On-site Raid Drives
- Off-site backup data center
- Encrypted cloud storage
- Retention: 90 days
- Testing: Quarterly restore tests
7. Disaster Response Procedures
A. Detection & Activation
- Monitor alerts from systems (In-House Monitoring & Outsourced Monitoring)
- DR Coordinator evaluates severity
- Declare disaster level:
- Level 1: Partial service disruption
- Level 2: Major regional disruption
- Level 3: Full DC failure or breach
B. Communication
- Internal Slack channel activated
- Public status page updated to client area
- Emails/social media for customer updates
- Escalate to legal/compliance if needed
8. Recovery Procedures
A. Web Servers
- Establish Redundant Hardware
- Re-deploy Backups to New Hardware
- Validate SSL, PHP, and database compatibility
B. Database
- Restore from latest snapshot
- Run consistency checks (e.g.,
mysqlcheck,pg_verify)
C. DNS
- Use anycast DNS or failover to secondary DNS provider if applicable
D. Email Services
- Failover for all incoming mail currently established
- Spin up redundant SMPT Outgoing services if applicable
- Alert users of potential delay
E. Support System
- Switch to cloud-based ticket system if in-house version is down
- Post fallback contact options (phone, emergency form)
9. Post-Recovery Review
- Full system audit and security scan
- Forensic investigation (if cyber-related)
- Debrief with team (what went wrong/right)
- Document timeline and actions
- Customer refund/credit handling (if SLA breached)
10. Plan Maintenance
- Review DRP quarterly
- Update contact info and vendor agreements
- Test partial and full failovers bi-annually
* This Disaster Recover Plan falls under our Limitation of Liability
* This information may change without prior notice
