I’ve been following the activity over at blogsecurity, their activities are very interesting and quite commendable. After some shameless delay I decided to read though their WP Security White Paper and apply some of the steps… yes I did say some, harden security folk will insist that you should follow all of the whitepaper to be security, which is probably true, but one should never forget that security is about risk… and in basic terms accessibility vs security, for example I won’t ever lock my wp-admin down to a single IP as I’ve been know to blog at work, home, around my parents place and even moderate comments on the train! Thus my wp-admin isn’t as secure as someone who did lock it down, but this is a risk I’m willing to live with.