Comments on: Should you be concerned about your WordPress security?

By: stratosg

stratosg — Wed, 24 Jun 2009 07:44:50 +0000

@Sherry: I have discussed this before and my opinion is that if you have a good password you can keep any username. But if you feel safer this way then go ahead

By: Sherry

Sherry — Tue, 23 Jun 2009 23:53:48 +0000

A small but good security measure is to make your log-in something other than the default ‘admin’. Make it something unique and hard to guess, and it’s almost as good as having two passwords.

Great article!

Sherry

By: Nihar

Nihar — Tue, 02 Jun 2009 16:32:50 +0000

Even i read david’s post and sire’s post.

Security is utmost important to protect our blog from bad guys..

By: Sire

Sire — Fri, 15 May 2009 05:58:31 +0000

David I don’t actually have a captcha at all. I was thinking of deactivating akismet and use the math problem instead.

By: David Hopkins

David Hopkins — Thu, 14 May 2009 13:58:53 +0000

@Sire – If you are using a server-side captcha (one that is generated on your server) it can use quite a bit of system resources because the image libraries require them to generate images all the time. If you have a high traffic site, its really going to mount up. You can use something like reCpatcha though which uses external servers to generate the images.

I think Stratos has the best spam solution by using this math problem. Another good one to use is to use JavaScript to add the action attribute to a form or make the form AJAX. This is what I have done and I’ve never had any spam.

By: stratosg

stratosg — Thu, 14 May 2009 11:18:34 +0000

@Kim: That has happened to me, as a commenter, a few times and i can assure you there is nothing more annoying than this. In most my comments i put some serious effort to compile and having them rejected (which means that even if i resubmit there is no use to it) is the most annoying thing. That’s the main reason i hate Akismet.

@Sire: Memory usage is minimal since no query is done. To install it you need to tweak your comment.php file and then a hook is there to the comment submit to compare the values. Minimal resource usage.

By: Sire

Sire — Thu, 14 May 2009 03:39:47 +0000

You didn’t answer my other question stratos in regards to memory usage?

By: Kim Woodbridge

Kim Woodbridge — Thu, 14 May 2009 01:25:01 +0000

I don’t have real comments go into spam very often. There is one commenter that always does – someone must have marked that person as a spammer – it wasn’t me. I should contact her to let know about the problem.

By: stratosg

stratosg — Thu, 14 May 2009 01:04:38 +0000

@Kikolani: I saw your post and it was a very nice one too. Thanks for visiting!

@Sire: The thing with falsely caught comments is that it might drive people out (and piss them of as it did on me ). As for the captcha i use the “Math Comment Spam Protection” provided at http://sw-guide.de/wordpress/plugins/math-comment-spam-protection/

By: Sire

Sire — Wed, 13 May 2009 23:30:56 +0000

I usually check on a daily basis and not much non spam is caught and when I find them I retrieve them. A small price to pay for akismet.

Stratos, as far as memory consumption is concerned, would akismet use more than a captcha? If so give me a link to your captcha plugin.