I used a WordPress theme for a while that was causing high IO-load on my server. That was because there was some kind of exploits made/available for the theme: http://www.exploit-db.com/exploits/29150/ .
So I deleted my theme, installed another, but “they” are keep coming back. Because the domain name is somewhere registered that it is vulnerable or something like that.
What can I do to stop this? Moving it to another server isn’t the solution I guess, because they’re pointing to the domain name.
I’ve already blocked IP-ranges from outside my country, they’re pointing to a “forbidden” html page then, but still it are a lot of “things”, so the io load stays high.