Because I am a naive optimist, when I migrated various defunct blog archives from elsewhere to here, I assumed that running them on auto-updated WordPress would be fine. This was a stupid move. Not specifically because WordPress is bad, but because everything is bad, and hacking is easy. And, of course, happened.
After several months of this site being broken and struggling to keep client sites afloat, I’ve finally got everything sorted out.
My main websites, client and personal (this one included) are now signed up with crazy amounts of security. I’ve blocked all kinds of user agents, headers and IPs, and I’ve signed up with Cloudflare. They’ll probably get hacked again because YOLO, but at least less so than before. Meanwhile, the old websites are cloned HTML mirrors of the original with everything set to 644, so nobody nefarious can nefare with them.
And now I can log into this site, I might even write something substantive here before anyone else dies.