No, just PTSD from my WordPress blog. I would use a static site generator if possible.

Hah, yeah securing something like WordPress can be a challenge, especially if you're running a bunch of plugins.

My blog is a pretty straight-forward Django setup without many other dependencies, so it's a lot less of an attack surface: https://github.com/simonw/simonwillisonblog