Running a blog can take a lot of hard work unless some of the tasks are automated.

One of the biggest problems facing bloggers is the number of spam comments that are blatantly promoting everything from lawn-mowers to hard core pornography.

There are several ways of limiting spam comment.

You can allow all comments, and then spend your days going through them all, deleting the spam.  This is obviously not the best method.

You can install a Captcha to try to eliminated the automated spam.  This has two disadvantages – it doesn’t stop the hand-written spam, and it irritates the hell out of genuine commenters.

You can install software to filter all comments as they come in.  This is by far the best method.

When I install WordPress, the first plug-in I would normally install was Akismet.  This is such an essential plug-in that it is now incorporated in the core of the WordPress release.

Another plug-in I install is WP-Spamfree which is very easy to install, and is remarkably effective.

I have both the above installed on my main blog and in the last few months Akismet has trapped 63,975 comments and WP-Spamfree has stopped a further 2,152.  During that period, there were 22,476 legitimate comments, which nicely illustrates the bad ratio of spam to genuine.

Another headache for the blog owner is that of security.

Hackers are always on the lookout for sites they can compromise.  Sometimes they infiltrate the site and abuse it by changing the content.  Sometimes they will insert code to allow the site act as a portal for illegal software, or porn.  This site was compromised recently whereby search engine spiders were redirected to another site, resulting in this site disappearing off Golle and others.

Hackers love a site where they know they can depend on certain information.  For wxample, they know with 99% certainty that all WordPress database tables are going to start with “wp_”.  During installation, it is a very simple matter to change this option.  Few ever do so though.

Another certainty is that there is a user called “admin” which has full rights to the site.  Happily, WordPress have changed things in the soon to be released WordPress 3, in that the default user is no longer “admin”.

With this knowledge, a “brute force” attack on a site is much easier, and therefore one plug-in I like to install is Limit Login Attempts.  This virtually removes the chance of “brute force” attacks

One of the biggest problems though is file and directory permissions.  Frequently these need to be changed for some reason, and it is all too easy to forget to change them back.

WP Security Scan is a nice little plug-in that checks through the installation and will highlight any potential security problems, including incorrectly set permissions.

If there ever is a problem with your site [God forbid] then reinstalling all the files should pose no major problem – you do have them backed up?  I hope?  However, the database is a constantly evolving animal, and last week’s backup is going to lose all this week’s posts, comments and other information.  A regular backup is essential therefore, An I find WordPress Database Backup the ideal plug-in for the job.  It can do scheduled or manual backups and will save them to the server, or can mail you the backup file.

Last, but not least, if you have a heavy duty site that gets a lot of traffic [and none of us knows when he or she is going to write the post that will set the world on fire?] it is a good idea to install caching software.  This not only speeds up downloads for the viewer, but also reduces the load on the server.  Probably the best plug-in for this is WP Super Cache.  This can be somewhat problematic to install, and may require a little technical expertise, but it is worth the effort.

With that lot under the bonnet [hood?] of your WordPress installation, you should be able to enjoy a little extra peace of mind.