Wordpress Hacks Hacking - With Power Comes Responsibility

From some of my posts people might think I am anti-Wordpress... not so... I love Wordpress. I really love Akismet.. I think Matt and the boys are building quite a empire. I just like to razz these future multi zillionaires a little bit ;) Ok this post mainly was to respond to people saying that Wordpress is so insecure. Here is the thing. Wordpress is open source... which means there is going to be some security issues pretty much out of the gate. Especially something as infant as Wordpress. Not to mention they have a pretty amazing release schedule and making leaps and bounds with major releases... and again being its open source its going to have some security issues. Now mix that with the fact it has HUGE market share makes it a HUGE target. Sure there will be many security wiz's sitting back reading this post saying like it wouldnt be that hard blah blah and pointing out the flaws... and ya... I tell you what why don't you volunteer and help them? I know it seems like I out a lot of bugs publicly but for everyone that I out (and 90% of the time they are more cool then harmful) I have submitted 100x more bug reports and fixes. I think the Wordpress developers have done an outstanding job bring a incredibly powerful blogging platform to the masses that can do very very advanced things and does them VERY easily for the end user. But here is the thing... You have to be responsible for what you install. AND you must keep up with updates. Its always a system of give and take and if you want the cool toys then you need to also make sure going to be diligent with updates and patches as they happen. This blogged got hacked 1 time and it was purely because I had not updates when I knew I should have. It was down a couple hours... I restored and upgraded and all was well. The best way to ensure you will not get hacked would be to install mod_security and use some of the config files floating around.