> WordPress is secure already
That depends on one’s definition of secure. I, for one, wouldn’t call admin access over unencrypted connections secure.
I can’t view http://www.manicdog.com, it says my current IP (80.144.160.15) is banned.
The IP is from a large pool of dynamically assigned addresses most German DSL providers use. Blacklisting dynamically assigned IPs doesn’t make much sense, you’re likely to lock out legitimate visitors (like me for example).
I’ve just written an article about how I’ve done this: Securing WordPress Admin Access With SSL
