… for spammers, anyway. Upgrading WordPress often might just help!

On the other hand, you could still wake up and find out your blog looks like this after a zero-day attack —

That's probably a bad thing. But, in fact, many of us in the blogosphere have enjoyed this particular problem.

And it's not quite as much fun as the blue pill.

In the worst case, it's not just spam, it's badware or viruses. And then Google won't want to cohabit with you ever again.

Well, you're still alive, and you're sick of getting attacked.

We are, too. So, at least for WordPress, we've come up with quite a few *free* solutions that we use ourselves.

	WordPress Security Plugins by SEO Egghead, Inc.
1.	WordPress Firewall	Blocks SQL, Script Injection, and various other attacks with whitelisting-support, and preset whitelists for WordPress. Coming soon; leave a comment if interested.
2.	WordPress Table Rename v1.2	Renames your tables to mitigate some SQL-injection-based attacks. Plugin makes coherent duplicate set of tables, so there is little risk. Simply switch back to the old set of tables if something goes wrong. Difficulty: Easy.
3.	WordPress Version Spoof v1.0	Changes your WordPress version to anything you desire. Think "SmurfBlog 1.0." Not real security, but it can't hurt. Difficulty: Easy.
4.	WordPress wp-admin .htaccess/.htpasswd Generator	Sets up a wp-admin server-level password in 2 easy steps. Coming soon.

2 of which are released and well-vetted. Anyone interested in testing the firewall, please let me know via the comments. A few are using it already. It's probably the most important in that list.