Well? And I mean really, how secure is your blog?

Let me tell you, if you are not using the latest version. If you have not upgraded yet, then your blog is indeed insecure and you must upgrade immediately.

If the above statement is true in your case, STOP! reading this right now and go upgrade your blog this very instance. If anything has been holding you back and still does from upgrading, then let me give you something to make you let go of it and go get your blog secured.

Reason number 1: Read this thread on wordpress.org forum – http://wordpress.org/support/topic/297639?replies=58 – This is a result of not keeping wordpress up to date.

Reason number 2: Read this post by Matt (One of the guys behind the wordpress project) – http://wordpress.org/development/2009/09/keep-wordpress-secure/ – Explains and highlights the real danger of not keeping your install up to date by upgrading.

Reason number 3: read Matt’s reply in relation to reason number 1 – http://ma.tt/2009/09/keep-wordpress-secure/ – Just goes to re-enforce the topic.

Been affected by any of the mentioned issues? There are various ways you can check and eliminate the problems. The permalink syntax can be corrected by just resetting your permalinks but does not cure it. Take a look at your database and search for suspicious looking user names and if any are found delete them.

Here’s a post that can direct you to many ways you can check and recognise the problems with follow ups on eliminating them – http://lorelle.wordpress.com/2009/09/04/old-wordpress-versions-under-attack/ – Good pointers at the end of the article.

Best policy? Always upgrade and keep your wordpress install up to date, keep your plugins updated and remove none required ones. Use a compatible theme and keep it up to date or change it. A periodical check of your database is a good habit to get into – not all problems/hacks are evidently plain to see on the blog or in the admin dashboard, so a closer look at your database can unearth some unwanted data which you can get rid of.

Seriously if you don’t know what am talking about I strongly suggest you visit the links above and take a closer look at your installation. I have not reported the actual problems/issues to avoid duplication and also felt that the original authors deserve the credit for raising them.