My self-hosted Wordpress site was hacked twice in less than 3 months as reported here and here. I don’t update this site enough to deal with that and so I’ve switched to Octopress which is a ruby-based hacker-friendly static site generator based on Jekyll. At first this seemed like a step backwards, but I just don’t need a database-driven CMS that requires frequent security patches.
I used the default wordpress importer, but I still had to do a fair bit of manual hacking to get everything setup just right. I’m using rake to deploy to a public_html folder using rsync over SSH.