WordPress Announcements

July 29, 2006 / This WordPress round up is for all version 1.5.x and higher users. (Links galore.)

This WordPress round up is for all version 1.5.x and higher users. (Links galore.)

WordPress Security Problem

A critical security flaw in WordPress versions 1.5.0–2.0.3 was discovered last week. A patched version (2.0.4) has been released but the official response has been a little casual in tone, so you may not have heard about it. Here’s the deal: unless you are currently running version 2.0.4 it is recommended that you take the following action without delay:

  1. If it is enabled, disable (uncheck) the “Anyone can register” option in WordPress Admin » Options.
  2. Delete, or at least disable, any guest accounts created by people you don’t know.
  3. Upgrade to version 2.0.4.

This advice comes courtesy of Dr. Dave. He has posted a detailed follow-up to his initial warning which may also be of interest.

Controlling Blog Spam

Since April I have been using two spam-blocking tools on my WordPress instance that have proven highly effective.

The first is Spam Karma 2, produced by the aforementioned Dr. Dave. It is no longer under development but as of version 2.2 it remains a highly effective tool, and one of the most downloaded security plugins for WordPress. (Correction: My mistake — SK2 is still being developed. See dr Dave’s comment below for more info. It’s good news too. Apologies for the mix-up.)

The second is Michael Hampton’s recently updated Bad Behavior 2 (current version: 2.0.4). (I upgraded from 1.2 yesterday and it’s working like a charm.) Hampton works crazy-hard on this plugin and there’s nothing else like it out there.

The combination of these two products has reduced the number of comment spams I have to worry about to zero. I can’t recommend them enough. If you decide to try them, and you’re happy with the results, please consider leaving a donation in the developers’ respective tip jars.

2 responses

  1. dr Dave

    Hi there,

    Thanks for the support and mentioning SK2 as a potential anti-spam plugin, just one little clarification: SK2 is still very much under development (in fact, there is a beta being tested these days to be released any time soon). Although it tends to do its job fine and I see no reason to rush out new versions or add too many fancy features… At any rate, sorry if my post on the matter was a bit muddled: I am no longer taking an active part in most WP developments, but I am not about to give up SK2…

    Cheers

    July 29th, 2006 at 3:11 pm #

  2. Ads

    Thanks for the clarification, and apologies for getting my info wrong!

    July 29th, 2006 at 3:14 pm #


Zero to One-Eighty contains writing on design, opinion, stories and technology.