After the 3rd time my Wordpress site was hacked, I'd had enough.
I hadn't touched my website pretty much since I got hired for my current job. I tried to stay relevant with Twitter and Facebook and the other various social tools of today. I always missed my actual site though.
It was in terrible shape. I had a semi-custom theme that worked well enough. Un upgrade broke it and I lazily defaulted to some stock theme. You could totally say I didn't care, you'd be right. One day though, probably after a particularly frustrating day at work I browsed to my site. I was going to kick my site back into gear and find myself again.
The first time I came back to my site and tried to click through to some of my old posts, I got redirected to some random url that nobody would actually go to on purpose. My .htaccess file had been hacked and was rewriting urls to far off places. I fixed it, locked my .htaccess file down, then it happened again. I fixed it again. I checked back after a few days, everything was fine, a few weeks, still everything was fine. Problem solved.
The was a new problem though. I sent enough time figuring that out, fixing it, updating Wordpress, researching ways to secure it that I no longer wanted to touch the damn thing. So I didn't.
My Date with Malware
So, after a few months, I attempt to browse to my site and my browser turns bright red, declaring that Google listed my site as known for spreading malware!
Long story short here, my Wordpress install was infected like crazy. New JavasScript appended to theme JS files, hidden iframes in the Admin area. Totally hosed. It took half a Sunday to gut it out and get it clean. Then I had to request Google take another look at it and remove my site from the malware list. More time wasted, but all ends well
Done and Done and Starting Over
The last straw in place, Wordpress is going away. I was never very fond of it for the scope of what I wanted to do with my site anyway. I'm moving on, slow but sure, and this is the start.