Featured image of post Hello World! – A Fresh Start with Hugo + Cloudflare
Hugo

Hello World! – A Fresh Start with Hugo + Cloudflare

Moving away from WordPress headaches to a secure, blazing-fast Hugo.

“Third time’s the charm.”
After GitHub Pages and a turbulent WordPress era, this blog is finally static-and-secure on Hugo + Cloudflare Pages.

Logo of Cloudflare

Quick Timeline

Year Platform Key Takeaway
2017 GitHub Pages (Jekyll) Great for learning Git workflows, but I soon craved richer features and better-looking themes.
2020 WordPress Visual editor was handy—until the security flood-gates opened.
2025 Hugo + Cloudflare Back to static HTML served from the edge; goodbye sleepless patch nights.

Why I Abandoned WordPress

  • 7,966 new vulnerabilities were disclosed in the WordPress ecosystem in 2024 alone—a 34 % jump over 2023, about 22 per day (Patchstack, 2025).
  • Sucuri’s incident dataset shows 96.2 % of hacked CMS sites in 2022 ran WordPress (Sucuri, 2023).

My site joined that statistic: an outdated plugin let a botnet deface the front page and lock me out. With no recent backups, the database was toast.

Cliche Hacker and Binary Code

Lessons Learned

  1. Auto-renew everything – I even let my Japanese-romaji domain jiyuuneko.com lapse. A squatter grabbed it within hours.
  2. Version control = backup – Static files in Git are harder to lose than a live database.
  3. Least-moving-parts wins – No PHP, no MySQL, no attack surface.

Logo of Hugo

Why I’m Loving Hugo + Cloudflare Pages

  • Blink-and-you-miss-it builds – Hugo cranks out the whole site faster than I can take a sip of coffee; thousands of pages appear in a heartbeat.
  • Served from everywhere – Cloudflare tucks a copy of each page on its global edge, so readers in Wellington, Kuala Lumpur or Kansas get the same near-instant load.
  • No moving parts, no drama – Static HTML means no database, no PHP, nothing for bad actors to poke.
  • Perks included – Free HTTPS and a solid firewall, both flipped on with a couple of clicks.
  • Pure Markdown happiness – I type in plain text, commit to Git, and Hugo does the rest. Diffs stay readable and my words aren’t locked inside any platform.

What to Expect Here

  • Deep-dive notes on landscape research, homelab tinkering, gaming, and tooling.
  • Preview URLs for every pull-request thanks to Cloudflare.

If you bookmarked the old WordPress site—thanks for tracking me down again. The new URL is https://gatto-libero.com, and yes, auto-renew is ON ✨.

See you in the next post!

References

Cloudflare. (2016, September 27). Cloudflare logo [SVG logo]. Wikimedia Commons. https://commons.wikimedia.org/wiki/File:Cloudflare_Logo.svg

Coelho, E., & YellowIcon. (2008, May 2). Stachledraht DDoS attack diagram [SVG image]. Wikimedia Commons. https://commons.wikimedia.org/wiki/File:Stachledraht_DDos_Attack.svg

Francia, S., & Parr, B. (2014, May 28). Logo of Hugo the static website generator [SVG logo]. Wikimedia Commons. https://commons.wikimedia.org/wiki/File:Logo_of_Hugo_the_static_website_generator.svg

Patchstack. (2025). State of WordPress Security in 2025. https://patchstack.com/whitepaper/state-of-wordpress-security-in-2025/

Sucuri. (2023). 2022 Hacked Website Report. https://sucuri.net/reports/2022-hacked-website-report/

Whelan, D. (2016, May 24). Cliche hacker and binary code [Photograph]. Flickr. https://www.flickr.com/photos/davidpwhelan/26946304530/