Now I totally understand why personal blogs aren’t a thing any more and why Medium, Substack, etc grew so fast.
Part of the troubles are my fault. For a variety of reasons, I’m self-hosting my WordPress blog on Windows Server when it really really wants to run on Linux instead. But mostly the internet has gotten really complicated.
Want to setup a WordPress site? I hope you can:
- Setup PHP to run on IIS, which it doesn’t really want to do
- Edit PHP conf files to enable a laundry list of sublibraries (which are probably 50kb of code total btw and should just be auto-included) required by WordPress
- Setup SSL (this has gotten worse and worse)
- Figure out how you are going to auto-renew SSL (this is a thing now apparently)
- Setup the basic ability to send email (this used to be a standard feature of IIS, but in the modern web ecosystem has become incredibly complicated)
- All WordPress plugins seem to be bloatware with built-in upsells. Since plugins are arbitrary PHP code snippets they can do annoying things like put nag screens into your WP dashboard.
- Figuring out file permissions on Windows such that IIS will deign to serve various files. See also: authentication.
- Install mod_urlrewrite because for some reason in 2025 this isn’t standard web server functionality.
- Figuring out how to install imagick so basic things like copy/pasting .HEIC files into the editor works.
- Find a theme that doesn’t look terrible that also gives you enough customization options to make it feel like yours.
- Find all the plugins you need when WordPress “Add a Plugin” search returns no results when you type the exact name of the plugin you are looking for.
- Setup periodic backups of your MySQL database (after you find the version of MySQL that still supports MySQL Workbench which is discontinued and has no replacement)
- Google analytics, which used to be lightning fast circa 2010 now takes ages to load in the admin panel, so feel sad about that
- Enjoy getting hacked constantly because WordPress has a huge attack surface through random plugins you might have installed
It really seems like the ideal distribution for something like WP is a giant docker container that just has all the stuff you need already configured and isolated.
If you want more color on why open source CMSs are losing to SaaS solutions, this is a good deep dive.
There’s literally 1000 steps to get this thing working and I’m sure I screwed something up somewhere. For that reason, I’m offering a exploit bounty of $100 to anyone who can inject arbitrary HTML code into my site. If you succeed in doing this, hit me up on twitter with a DM and let me know what I messed up. This is a first come first serve situation.