This WordPress round up is for all version 1.5.x and higher users. (Links galore.)
WordPress Security Problem
A critical security flaw in WordPress versions 1.5.0–2.0.3 was discovered last week. A patched version (2.0.4) has been released but the official response has been a little casual in tone, so you may not have heard about it. Here’s the deal: unless you are currently running version 2.0.4 it is recommended that you take the following action without delay:
- If it is enabled, disable (uncheck) the “Anyone can register” option in WordPress Admin » Options.
- Delete, or at least disable, any guest accounts created by people you don’t know.
- Upgrade to version 2.0.4.
Controlling Blog Spam
Since April I have been using two spam-blocking tools on my WordPress instance that have proven highly effective.
The first is Spam Karma 2, produced by the aforementioned Dr. Dave.
It is no longer under development but as of version 2.2 it remains a highly effective tool, and one of the most downloaded security plugins for WordPress. (Correction: My mistake — SK2 is still being developed. See dr Dave’s comment below for more info. It’s good news too. Apologies for the mix-up.)
The second is Michael Hampton’s recently updated Bad Behavior 2 (current version: 2.0.4). (I upgraded from 1.2 yesterday and it’s working like a charm.) Hampton works crazy-hard on this plugin and there’s nothing else like it out there.
The combination of these two products has reduced the number of comment spams I have to worry about to zero. I can’t recommend them enough. If you decide to try them, and you’re happy with the results, please consider leaving a donation in the developers’ respective tip jars.