From WordPress to Hugo: My Setup Explained
Why I migrated from WordPress to Hugo, pros and cons of both platforms, and a detailed look into how my website runs today using GitHub Actions, GitHub Pages, and Cloudflare.
Ten years ago, I started my first website projects—some for myself, others for friends or clients. I spent a lot of time experimenting with themes, plugins, and WordPress setups.
My Experience with WordPress
WordPress is a solid way to get started—especially if you’re messing around with your first LAMP server. But long term? It can be a pain. You’ll find yourself tweaking PHP configs, switching to LiteSpeed, juggling plugin updates, and basically fine-tuning everything so it doesn’t fall apart.
What I Liked
- Database-based structure
- Huge plugin ecosystem
- Easy integrations with third-party tools
- Pretty smooth for non-devs thanks to the admin dashboard
But Also…
- Every plugin is another potential vulnerability
- Too many resources for something like a static website
- Gets heavy fast (plugins + DB = bottleneck)
- Needs constant updates and babysitting
From my perspective, if you just want a simple presentation website, WordPress is overkill. You’re burning CPU cycles and adding surface area for no real reason.
E-commerce? Maybe. WooCommerce is fine—until it isn’t. Do your research. Shopify is probably the better call long-term.
Here’s a visual from wpscan.com showing the current number of known vulnerabilities:
WordPress vulnerability statistics from WPScan
Moving to Hugo
For over 6 months now, I’ve been all-in on Hugo—my current site merox.dev runs entirely on it. I had totally underestimated the power of a static site. Hugo’s written in Go, builds super fast, and is already SEO-optimized out of the box.
Hugo static site generator homepage
I chose Blowfish as the theme and tweaked it over time to fit my needs.
Hugo Pros
- Static = zero backend vuln headaches
- Hosting? Free, thanks to GitHub Pages
- Markdown = clean, portable, fast to edit
- Insanely fast loading
- Version control with Git, so I always know what’s changing
Hugo Cons
- You need to be a bit technical
- No dashboard—everything’s in Markdown
- Some DevOps skills help if you want a clean, automated setup
Setting Up Hugo + Blowfish
- Install Hugo: https://gohugo.io/installation/
- Add Blowfish theme: https://blowfish.page/docs/installation/
- Use
blowfish-tools
for live previews—it’s a nice touch
To keep the theme up to date without breaking my customizations, I forked Blowfish and added it as a Git submodule like this:
1
git submodule add https://github.com/YOURUSERNAME/blowfish themes/blowfish
This way, I can track upstream updates while maintaining my own style.
Connecting Domain via GitHub Pages + Cloudflare
After installing Hugo + Blowfish, I decided to host my site using GitHub Pages and manage DNS via Cloudflare.
Here’s a quick guide:
- Push Hugo project to a private repo
- Enable GitHub Pages on a public repo (choose branch:
gh-pages
, folder:/
) - In Cloudflare:
- Add a CNAME for
www.yourdomain.com
→yourusername.github.io
- Add A records pointing to GitHub Pages IPs if needed
- Add a CNAME for
- Add a
CNAME
file in your repo containing:1
merox.dev
Wait for DNS to propagate and you’re done.
GitHub Pages configuration interface
Automating Deploys with GitHub Actions
I’m not about that manual deploy life. So I set up GitHub Actions to take care of builds and deploys whenever I push to master
.
My workflow? Make changes in VS Code → push to private repo → GitHub Actions builds → deploys to public repo.
Connecting Private + Public Repo Using RSA
I didn’t want my source repo to be public. So here’s how I did the private → public deploy using RSA keys:
SSH Deploy Setup
- Generate an RSA key pair:
1
ssh-keygen -t rsa -b 4096 -C "github-deploy" -f deploy_key -N ""
- Public repo (destination):
- Go to Settings → Deploy Keys → Add
deploy_key.pub
with write access
- Go to Settings → Deploy Keys → Add
- Private repo (source):
- Settings → Secrets → Add
PRIVATE_KEY
→ paste the private key contents
- Settings → Secrets → Add
- My
.github/workflows/deploy.yml
:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
name: github pages
on:
push:
branches:
- master
permissions:
contents: write
id-token: write
jobs:
deploy:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
with:
submodules: true
fetch-depth: 0
- name: Setup Hugo
uses: peaceiris/actions-hugo@v3
with:
hugo-version: 'latest'
extended: true
- name: Build
run: hugo --minify
- name: Deploy
uses: peaceiris/actions-gh-pages@v3
with:
deploy_key: $
external_repository: meroxdotdev/merox.dev
publish_branch: gh-pages
publish_dir: ./public
GitHub Actions workflow in action
SEO Results After the Switch
I didn’t even have to do much SEO magic — Hugo just works. With clean structure and no bloat, I got over 80% SEO scores right away. That’s the beauty of static sites done right.
SEO analysis from freetools.seobility.net
From https://freetools.seobility.net/
SEO checkup results from seositecheckup.com
From https://seositecheckup.com/
Final Thoughts
No more updates every week. No plugin bugs. No servers to worry about. And I finally get a blazing-fast site, version-controlled, with everything set up exactly how I want.
If you’re into the idea of a static site and want help setting one up—or just have questions—drop me an email or comment. Happy to help.