Four breaches in six months on shared hosting. A system that replaces it all — from closing a deal to a live, secure client website in minutes, powered by Emergent and Cloudflare.
This is the real history of the Pair Networks shared VPS that hosts talkingheads.com, websitetalkingheads.com, and client sites like mukbuddy.com. Every one of these happened.
After each incident, we built more defenses. Here's what's running right now just to keep the shared VPS from getting popped again:
Daily malware scans, file integrity baselines, new-file monitors, heartbeat watchdogs, external health checks, Slack alerting, Wordfence WAF, .htaccess lockdowns, PHP function restrictions, FTP password rotations, database credential rotations, WordPress salt rotations, admin account audits — all to defend a platform that was breached five times in six months.
And the fundamental problem remains: Pair is shared hosting running WordPress with PHP. Other accounts on the same VPS are attack surface you can't control. Every WordPress plugin is a potential entry point. Every PHP endpoint is a potential shell. Every credential on disk is one webshell away from being exfiltrated.
The answer isn't better security on Pair. The answer is removing the things that get attacked. Static sites on Cloudflare Pages have no server, no PHP, no database, no shared hosting neighbors, and no credentials on disk. There is nothing to compromise.
Everything we've been defending against — gone:
We've built a CLI toolkit called th-infra that handles the entire infrastructure layer: domain registration, site hosting, media storage, DNS, and SSL — all on Cloudflare. You describe the client's site to Emergent, same as you do now. Emergent builds whatever you ask for. When the site is ready, it calls our tools and it's live in under a minute.
Here's what Emergent does after you say "set up a site for Acme Corp at acme-corp.com":
Checks availability, shows the price, and registers it. DNS zone and SSL are configured automatically.
Spins up a Cloudflare Pages project. The site gets a free staging URL immediately.
Emergent builds whatever site you described — any framework, any design. Then deploys it with one command.
Creates an R2 bucket for videos, images, and assets. Uploads everything.
Wires the domain to the Pages project. CNAME records, custom domain registration — all handled.
We tested every command against a live Cloudflare account. Here's an actual run — real API responses, not mockups.
Cloudflare's pricing model is uniquely generous. Most of what we use costs nothing.
| Service | Cost | Notes |
|---|---|---|
| CF Pages (hosting) | Free | 500 deploys/month, unlimited bandwidth, global CDN |
| R2 (media storage) | Free | 10 GB storage + 10M reads/mo free. Then $0.015/GB |
| DNS | Free | Unlimited queries, always |
| SSL Certificates | Free | Auto-provisioned, auto-renewed, always strict |
| DDoS Protection | Free | Enterprise-grade, unmetered, on by default |
| Domain Registration | ~$10/yr | At-cost pricing — CF charges what the registry charges |
Everything else is already built and tested.
Free. Takes two minutes at dash.cloudflare.com. Add a payment method for domain registration.
In CF dashboard → My Profile → API Tokens → Create Token. Permissions needed: Zone, DNS, Pages, R2, Registrar.
Paste your token and account ID into th-infra. That's it — every command works immediately.
The toolkit is built, tested, and waiting. Set up a CF account and we'll launch a client site together in your next session.
And here's the proof — talkingheads.com is already running on it: