WordPress has just announced the release of version 3.0
Unlike others I recommend that you DON'T UPGRADE your current version until 3.01 or 3.02 is out, but that's just my opinion, what do I know anyway...
I took a quit look at the "themeing" thing and didn't find anything relevant, yet I might be wrong.
It would be great if you could post about any blatant changes that might need to be done.
There are always bugs with the release of a new level of WordPress. 3.0.1 will probably be released within a couple of weeks.
I do have two new blogs to set up, so I will probably give it a test run sometime in the next week. Personally, I would never do an upgrade for an existing, successful blog until the bugs have been identified and worked out, but it would be much less risky to use it for a new site.
That particular .htaccess file contains a user IP address. It only allows a user on that IP address to access the admin area. A hacker would never know that IP address, and therefore could not fake it.
@bogart, if you think your server may have been compromised, be sure to change your FTP access passwords.
I have never had any of my web sites hacked, but I have always gone to great lengths to secure my sites and my servers. If you take all of the proper security measures, the weakest link tends to be the hosting company. I've seen situations where hundreds of sites on a major hosting company's servers were hacked because their security was the easiest to crack.
There are some good articles out there about hardening WordPress. Download this white paper. It is one of the best.
WordPress Security Whitepaper
bogart (18 June, 2010)