You can help secure your WordPress site by making sure that you’re not using a predictable username. A naïve hacker has to guess both your username and your password. If your username can be easily guessed, their job is much easier.
Last night, I discovered that all of my WordPress sites on Dreamhost (including this one) had been hacked. I’m not sure when this happened, but I discovered (quite by accident) small text links hidden at the bottom of various pages.
Apparently the WordPress search redirect hack that I reported on the other day is fairly widespread. Moreover, it’s been taking down sites running WordPress installs as late as ver. 2.5.1, so it appears that upgrading won’t necessarily protect you.
Something scary happened today over at one of my other sites. Around 3:30 EDT, I noticed that traffic to the site was running way below normal. Upon further investigation, I realized that my search engine traffic had all but dried up. Thinking I had been banned by Google, I dug deeper.