I'm just wondering if any normal forum user would need direct access to deferred.php? From my limited experience it seems as if it only runs when rebuilding caches after installing addons or changing permissions in the back end.
It appears as if someone may have used this script to attack our website so can I restrict this php file to admin use only or would it harm the functionality of the forums if I did so?
I'll keep digging through our logs but it appears they used some method unfortunately to severely disrupt our site. I noticed that deferred.php was one of the links that was accessed by IP's from an unknown country. Thank you for the reply.