So far there's only like 5 spams that went past out of the 1000+ filtered ones, which is a 0.5% false negative rate.  Pretty good I'd say.  Of course a 0.5% false negative rate's not good for sites that get thousands of comments per day, but I'm pretty sure it would suit the needs of most WP installations out there

[WP-SpamFree plugin; WP-SpamFree site]

...from spammers. The number of blocked spam jumped by over a hundred in the span of just a day!

Perhaps it would be good to be careful on the wordings used here, don't want Google to be flagging this site as a malicious site

Somehow chanced upon this site (http://en.gravatar.com/) which allows you to set a custom avatar, so that when you comment on supported platforms like WordPress, it appears along with your comment. Neat huh?

How you use it is like this:
1. You register for a Gravatar account.

2. You tie one (or more) email address(es) to that Gravatar account.

3. You upload avatar(s) into your Gravatar account.

4. You tie the avatar(s) to the email address(es) in Gravatar.

5. Go to the (WordPress) blog post and add a comment. You need to fill in the email address to be the same as one of those you registered into Gravatar.

6. The corresponding Gravatar appears along with your comment!

Lesson learnt: even if tools like WordPress Automatic Upgrade helps you to perform backups, make sure you know everything is backed up before you do a delete!

Even though all the posts have been restored, I think I will not restore any more of the lost images, so there.

It involves the use of a plugin (currently maintained at OSSEC) to get WordPress to send syslog events for OSSEC to parse.  It is a good idea since it is good to monitor any web applications running for anomalies, but WordPress doesn't seem to provide any kind of audit logging.

Looking at its capabilities, the first use for this that comes to mind is to monitor sites that run WordPress with multiple user logons.  As for those with insufficient access to your web server (you're on a shared webhost), you're probably better off using the tips given at wpbeginner.

I won't know yet, but perhaps I'll have a better idea on what it is good for after I try it out.

Do YOU use OSSEC to monitor your WordPress installations?  Any comments on it?

I referred to Ryan's and Mohanjith's blog posts that detail this, and after some tweaks to get it up working with the most recent version of WordPress on PHP5, I've decided to write some instructions that are a little more recent

1. Install WordPress and memcached. (duh)

Google for instructions on how to do that for your relevant distros, but I won't be covering that here.  I assume that your memcached server is listening on 127.0.0.1:11211.

2. Copy object-cache.php into wp-content folder.

I've mirrored Mohanjith's modified version here.  Do remember to rename it to object-cache.php, and make it readable by the PHP user account.

3. Edit your wp-config.php file.

Add these lines in:

global $memcached_servers;
$memcached_servers = array('default' => array('127.0.0.1:11211'));
global $blog_id;
$blog_id = 'some_unique_identifier';

If you have different WordPress blogs using the same memcached cache, $blog_id MUST be unique across different blogs.  Else you can just leave it as it is

4. Enjoy the speedup.

There you're done!  You can verify that WordPress is using the memcached cache by issuing the "stats" command to memcached, which I probably will write how to in another post.