The servers that run this Web site are under heavy load, even when things are operating normally. And on top of that, they have to fend off a lot of attacks. There’s the usual spam pingbots, but usually when the site starts to get all bogged down, it’s because there is an active attack on the site at the network level. And it doesn’t matter what software is running the site. It’s not like the bad guys are going to say, “Oh, this site is using PHP. I guess we’ll leave them alone.”
For example, the problems earlier this week were caused by two IP addresses saturating all the connections to the server. Last October’s slowdown was caused by the server being overwhelmed by 100,000 simultaneous connections (suspected to be a denial of service attack but no proof). The slowdown from last August was caused by a distributed attack from a botnet attempting to perform various SQL injection attacks. (They failed, but they kept trying.) The outage from last July was caused by a computer owned by a different customer of the hosting service that had been hacked, and which was launching its own network attack that took out connectivity for all other computers on the same network subnet. (In other words, blogs.msdn.com just happened to be in the wrong place at the wrong time.)
Those are all the outages for the past six months that I still have records of. (I’m not saying there were no other outages; those are just the ones that the people who run the servers considered significant enough that they sent out an explanation for the outage.) And it’s not clear how switching to a different blog engine would have prevented any of them.