One of my Wordpress sites is causing my entire hosting account to run out of CPU I keep getting queries trying to pass /'+zgi_url+' here is a screenshot from my visitors list to show what's happening. It is a Wordpress site I set up for my girlfriend so she can post her pictures from Flickr. It uses the WP Flickr Post Bar plugin. Some background that probably has to do with this. A couple of days ago the site when offline. I found two dummy .gifs that had somehow been uploaded. When I downloaded they wouldn't open, but when I changed the extension to .txt and opened it with notepad it was some php code displaying some links. I deleted them from my host and updated Wordpress to the newest version and the site was back up. Now this is happening. I banned some of the IP addresses doing this, but they change everytime. Is there some .htaccess trick I can do or something to stop this madness?