Again I inquire... Do any UNA operations require the POST request? Such as logging in? Posting in a Forum? I have blocked every other kind of request.

I finally found the back door where hackers were entering. Actually it was a ... front door. Hackers were posting malicious php files directly into my UNA storage folder and even into other documents. Uploading files such as .ico images containing malicious base 64 code.

Hackers did not need ftp access. Or UNA passwords. Somehow they attacked a Wordpress instance and gained their original entry, I think. Wordpress and it's extensions and plug-ins are so full of holes - it could be compared to a piece of Swiss cheese. It's beyond pitiful.

Can I possibly block all POST requests and still run UNA? Any ideas for a fix? Perhaps in the Access file for UNA or in the storage folder? They also posted directly into my modules folder, btw.

Oh, if you are going to host UNA on your own server or say a virtual private one, get ready to be hammered away at every few seconds by automated probing hacking bots. About 85 to 90 percent of my site traffic appears to be malicious. Fake ip's and fake referrers. 

   Help!