Your right though, with WP everyone is so taken by the fact that there are a gazillion cool plugins, they over look security problems.

It’s a vicious circle… The more popular WordPress becomes, the bigger the target for crackers, hackers and spammers. It’s a victim of it’s own success.

Once bitten, twice shy. Yes. Although the benefits of WordPress (compared to other blogging software I’ve used) far outweigh my need to have a 100% hardened blog/website.

That’s the gamble that WordPress users are willing to take.

I’m losing a bit of faith with WordPress, how the hell can php script be violated, more than that, the simple.php code that got added, was that new code or is there a string entitled that by default and it was overwritten? If it isn’t part of the WordPress system then surely there should be code in place to check for extra strings within the database and flag up a warning if new code is added at least?!

In this day and age upgrading should be a lot less of a hassle as well, seems things haven’t advanced that far concerning upgrading since the time I’ve been messing with websites/code, that’s a good 7 years or so!

Ah well rant over, here’s hoping the latest version alleviates my grief with this thing lately, thanks again for your input Lee, that could have gotten out of hand big time on my site, as you say, checking for this stuff isn’t high on my priorities and we shouldn’t have to worry about it these days.