8
Yeah, that's kind of what I was trying to hint at as far as XOOPS being bypassed. This module was re-enabled to be used for keeping track of raids, and I saw the version but I assumed the updates I did a few months ago from 2.0 to 2.7 fixed it. Note to the wise to never assume.
I disabled, uninstalled the module and then deleted the agendaX directory within a minute of seeing that GET statement. So it's cool from that standpoint. I'll install the newest calendar tonight.
Thanks for all your help guys, and sorry I lost faith and blamed xoops, it must be the horror days from PHPnuke that pushed me towards blaming the engine.
Two things, first everytime I add that command to the .htaccess file I get the 500 error. It's the only thing in the file too so I don't know what's going on with that.
Second, you mentioned server log analysis. Does XOOPS do this or do you mean through the Protect module? I look at the hosting logs about 1 time a week as is.