Xubuntu Website Attack

I've been using Xubuntu for around 15 years, and it pissed me off when "a malicious actor [gained] access by brute forcing a vulnerable component of the WordPress [website] installation that Canonical maintains for the [Xubuntu development] team." Recovery from the jerk's attack took several days of work by the all volunteer Xubuntu team. I admire so much how the team and others worked through this crisis.

One thing that makes me feel better is that the attack made the team decide to make migrating from WordPress to Hugo a top priority. The migration was progressing slowly before the attack—something that is understandable given that no one was being paid to work on it—but it is now completed.

I'm pleased that the Xubuntu website is now a static site. This "completely [eliminates] the type of attack vector taken advantage of" in the attack on the WordPress installation. No more website database to deal with will give the team more time to work on Xubuntu itself. And the site is super fast with pages loading in an instant.

Information

This post is a page of the Tidbits website.

Subscribe to the web feed to receive notifications when new posts appear. Use a feed reader to subscribe to the web feed. The web feed is a text file containing code written in the Atom syndication format.

Thunderbird can be used as a web feed reader.

Elfeed is a web feed reader for Emacs. Elfeed is available on MELPA as the package elfeed. Elfeed can be configured with an Org Mode file using the elfeed-org extension.

License

Author: Flower Snark
Email: flowersnark@gmail.com

Made with GNU Emacs and Org Mode.

Copyright © 2025 Flower Snark
This work is licensed under the Creative Commons Attribution-ShareAlike 4.0 International license (CC BY-SA 4.0).
CC BY-SA 4.0 summary
CC BY-SA 4.0 legal code

Page created on 2026-03-24T12:37:05-04:00.