Looks like there was an obfuscated backdoor in the database after all. I’ll have to ramp the security up a bit more after dealing with those backdoors. Thanks!
Thanks for the suggestions, I’ve given ’em a glance. However I’m worried that they might also block Google and other crawlers, which are necessary for the multisite to generate minimal revenue.
Cookies for comments looks promising, however if cookies are disabled on the client side… is this a cause for concern?
