I’m not a fan of WordPress, which feels like this:

Godzilla: not the balls!

Think twice

WordPress is a slow as molasses, security target with downright ugly frontend code. However, a massive percentage of the web runs on WordPress. For a straightforward blog, it’s pretty decent and streamlined.

Use Statamic

Endless plugins don’t make a good CMS. Statamic does content definition right. 99/100 times it’s the better choice.


Recover from a WordPress hack:

  • Change FTP password
  • Backup and download a copy of the entire filesystem (for analysis)
  • Delete unknown users from WP admin
  • Lock down non-critical users (change role to subscriber)
  • Change password for all users
  • Change database password
  • Delete entire filesystem
  • Reinstall fresh WordPress
  • Reinstall plugins (after vetting)
  • Reinstall theme files
  • Reinstall uploaded files
  • Replace the WordPress keys in wp-config.php
  • Replace database password in wp-config.php