I got an email from my host the other day telling me that I’d sent more than 400 emails within an hour. They suspected that my site had been compromised, scanned it and found a bunch of vulnerable pages. Turns out I had missed a Wordpress update and some bell-end had exploited a known vulnerability to take control of the site.
I can’t be bothered to keep up to date with Wordpress releases and plugin and theme updates, so I’ve taken the rather drastic approach of ditching Wordpress and migrating everything over to a static site generator - Jekyll.
Jekyll is really nice. I can write posts in Markdown, Textile or plain ol’ HTML and it just generates a bunch of static HTML files that get thrown onto the server. No more worrying about keeping software updated as there’s no code executed on the server. There’s also no need to run caching plugins or the like because it’s all just flat content with no database access.
While implementing the new site, I took the opportunity to change the look. Please excuse it - I’m a programmer, not an artist.