Anti-Spam

Since updating to WordPress 3.9, D4D™ was getting thrashed with spam comments – something that hasn’t happened for a long time. Nothing else changed, so I assume that there’s an issue somewhere within 3.9 that’s opened up again.

Anyway, having seen upwards of 200 spam comments per day, I asked around for some advice on other things to block it, and on Twitter Laura came through with a suggestion to use another plugin called WP Hashcash which I’ve done.

So far, it appears to be working very nicely, and I’ve not seen any more spam comments coming through at all. Definite win.

Of course, it may be that some valid comments get blocked too – if so, email me at lyle2 at the domain name…


Increased Security

At the moment, there is a huge attack going on against blogs using WordPress.

It’s primarily attacking the blogs who’ve kept a lot of the default settings – particularly keeping the primary user as “admin” with weak/known passwords – but still, it’s better to make sure that things are secure.

D4D™ has always been on an altered install of WordPress – mainly because I’m really bad at leaving things alone – so I’m less concerned about it, but all the same, I’ve added in a couple of security plugins just to reinforce things.  I’m also making use of Cloudflare to add another level of security.

It’s going to make things interesting for a lot of Blog Owners on the WordPress platform, though.  Basically, if you’re on WP you need to :

  1. Make sure you’re not relying on the “admin” user
    1. Add a new user to WP , give it admin rights (and a strong password)
    2. Set “admin” to have the lowest possible permissions (contributor), or delete it completely.
  2. If possible, make sure your database isn’t using the wp_ prefix for all wordpress tables.
  3. Use Cloudflare or similar
  4. Install the Limit Logins plugin
  5. If you know what you’re doing, also install the Extend WP Security plugin
  6. Take backups!

There’s other stuff along the way, but those really are the key points.


New Appearance

If you look at D4D™ on the site, rather than through an RSS reader, you’ll have already noticed I’ve put a new theme on the site for the time being.

There’s no real reason for it, I just fancied a bit of a change.  There’s been a lot of change this year for me, which has also come through onto D4D (for obvious reasons) so it felt like I should change things here visually too. Besides, it’s been the existing theme for a very long time now, so time for a bit of an update.

It may also be the indicator of a new mode for D4D™, I don’t know yet. We’ll see.


3.1

Yesterday, I updated to WordPress 3.1 here on D4D™. No idea what the real differences are, or whether there’s anything that’ll rise up and bite me on the backside.

Still, it’s good to be on top of these things. Allegedly.


Wp 3.0.3

Just a quick reminder – if you’re running WordPress, update to the latest version ASAP.

It’s only been a couple of weeks since 3.0.2 came out, but it’s definitely A Good Thing to keep up to date.


Upgraded

D4D™ is now running on WordPress 3.0.

The upgrade process was remarkably simple – a couple of mouse clicks once I’d backed everything up – and job done.

Consider me impressed.


2.8

The new version (release 2.8) of WordPress came out today – and it’s already been installed here at D4D™.

I have to say, since I updated D4D with the redesign and brought the WordPress install up to date as well, one of the things that has impressed me the most (despite some of its potential security issues) is the ability to update WordPress or the installed plugins directly from the site. It makes life a hell of a lot easier.

In this case, even updating the core files for WordPress was a matter of a couple of clicks, letting the file download, then a final click when everything was completed.

All told, it’s a pretty impressive way of doing things.

As for the use of 2.8? Well, there’s certainly been some changes, but I still have to explore most of them, so I’ll write more about it sometime in the next few days.