There are many plugins that make your blog a better place to be (show top commentators, threaded comments, feedburner feed replacement). I am only now realizing that my favorite plugin is Akismet.

This plugin was installed by default with my blog, but for some unknown reason I didn’t enable it until my blog was 3 weeks old. For those of you that don’t know, Akismet stops comment spam and trackback spam automagically. The only requirement to enable this plugin is that you need a wordpress.com API key, which is free from wordpress.com. Once enabled, the comments tab of your wordpress admin console will be broken up into 3 sections (Comments, Awaiting Moderation, and Akismet Spam). So far, Akismet has protected my site from 68 spam comments without me having to do a thing. It has done all this without 1 false positive, i.e. NO ERRORS.

I didn’t realize that comment spam was a problem until they started appearing on my blogs. Once my blog started getting incoming links, the spam started as well. Comment moderation was beginning to take up far too much of my time, which is what prompted me to find a spam filter. I was surprised that I had one already installed on my blog, I only needed to enable it. If you are a new or old wordpress blog, I highly recommend you enable this plugin. Everyone these days is trying to make some money from their blog. Well, you know the saying, “time is money”? Akismet will save you boat loads of time by filtering all spam comments for you.

As a follow-up to my last post regarding the ability to effectively read multiple blogs via a tool like bloglines, I would now like to approach the topic of RSS feeds from the webmasters point of view. Maybe WordPress has some functionality that I am unaware of, but I don’t know of a way to monitor your feeds effectively without 3rd party intervention. My feed management tool of choice is FeedBurner. They offer a free account that allows you to create feeds for all of your blogs and monitor them all from one page. By clicking on the “My Feeds” link, you can view all of your blogs on one page and view how many subscriptions each has. FeedBurner also offers tools galore (from displaying your feed subscriber count on your blog to jazzing up your feed to make it more eye catching). I, by no means, have taken advantage of everything that FeedBurner offers for free, but I know they offer plenty of options when I feel like improving my blog feed.

You may be asking why you would want to better monitor your feeds. That is an excellent question, and if you are just blogging for hobby or personal posts, you most likely don’t care about your feed subscriptions. However, if you are concerned with SEO or want to eventually monetize your blog, you better start caring right now. There are monetization opportunities out there that will not allow you to participate unless you have a certain number of visitors and feed subscribers. To that, I say, try to increase your feed subscription now as there is no point in eliminating some of your monetization opportunities before you even start.

Having said all that, I would be remiss to not provide you a link to my feed from within this post. If you feel so inclined, subscribe to my feed and follow this blog as it grows.

Based on feedback I’ve received, I have added a new plugin to the site, show top commentators. Well, how it works is easy enough.

This Plugin encourages feedback and discussion by rewarding readers for making comments. The top 5 commentators are displayed off to the right along with the number of comments made and a link back to their site or blog. This plugin gives excellent install instructions at the plugin site.

Right now, the Top Commentators are reset once per month. I may change that to once per week or a year depending on how things go. The Plugin gives you the option to adjust the resetting from a day, a week, a month, a year, a set number of days, or never.

This feedback is great. If anyone knows of other must-have plug-ins, let me know.

This just in from wordpress:

Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately.

Longer explanation: This morning we received a note to our security mailing address about unusual and highly exploitable code in WordPress. The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code. We took the website down immediately to investigate what happened.

It was determined that a cracker had gained user-level access to one of the servers that powers wordpress.org, and had used that access to modify the download file. We have locked down that server for further forensics, but at this time it appears that the 2.1.1 download was the only thing touched by the attack. They modified two files in WP to include code that would allow for remote PHP execution.

This is the kind of thing you pray never happens, but it did and now we’re dealing with it as best we can. Although not all downloads of 2.1.1 were affected, we’re declaring the entire version dangerous and have released a new version 2.1.2 that includes minor updates and entirely verified files. We are also taking lots of measures to ensure something like this can’t happen again, not the least of which is minutely external verification of the download package so we’ll know immediately if something goes wrong for any reason.

So now for the short, short version: If you had upgraded your WordPress blog to version 2.1.1, please upgrade to 2.1.2 immediately.