Someone has figured out how to make changes to my data base (it's a baseball league). From the Apache log it looks like he's reading the address log - which shows the calls - and entering something after it to delete records.
Is there a way I can stop the url call from showing? Any help would be appreciated. He's hit us twice (even after I banned his first IP) and it's taken me hours to undo what he's done.
At least he hasn't figured out a way to tell it to pack.
Thanks for any help.