Turning a Hack into Growth Lessons from a Website Breach

At the start of 2025, I discovered something unsettling: one of the URLs I owned for my portfolio website was redirecting to an unrelated site. Nothing in the settings pointed to why - no rogue commits, no expired domain registrations I could find. The only option was to rebuild from scratch. That turned out to be a blessing.

Technical Lessons

Going through the portfolio section particularly hit home - seven years of projects stretching from clumsy first attempts to things I'm genuinely comfortable showing people. A friend mentioned how far I'd come and it struck me that I'd been unnecessarily harsh on myself and my history.

The breach itself taught me several technical lessons:

DNS management matters. Domain registrars and DNS providers can have different security postures. Make sure you're using providers with strong account security (2FA, account locks) and monitoring.

Expired domains are a vector. If a domain you own expires, someone else can register it and redirect it. Even if you're not actively using it, keep domains renewed or transfer them to a provider you trust.

Having a backup plan is essential. When the breach happened, I needed to rebuild quickly. Having my projects backed up and a deployment pipeline ready made the difference between losing weeks of work and losing a few hours.

SSL/TLS certificates should auto-renew. Manual certificate management is a single point of failure. Use auto-renewal wherever possible.

The Rebuild

My old site felt like it belonged to someone else now. Over the previous three or four years, my skills and perspective had shifted enough that the design I'd been proud of looked stale. Going through the portfolio section particularly hit home - seven years of projects stretching from clumsy first attempts to things I'm genuinely comfortable showing people.

I avoided sharing my work publicly for years. The fear was simple: if I put everything out there, people would think I was arrogant or just padding my ego with half-finished experiments. So I kept projects in private repositories instead. That protection became its own prison - no feedback, no connections that might have come from someone actually seeing what I'd built.

The breach forced a reckoning. I could rebuild the same site and hope nothing like this happened again, or I could use it as an excuse to finally do something I kept putting off. I chose the latter.

Sharing and Growth

I don't expect my stories or projects to reach a massive audience. That was never the point. But if even one person finds something useful on the new site - a tool they need, an idea that sparks their own project - then rebuilding was worth it. Sharing isn't about building a personal brand. It's about leaving something behind that might help someone else down the line.

The redesigned site reflects not just my skills but the mistakes I made along the way. Each project on it is a record of something I learned, unpolished and honest. Progress doesn't need to be perfect to be worth showing.

Related Reading