But the IP is not the server, the request comes from the users browser and clearly the attackers have figured out how to easily spoof the referrer etc.
It's insane to me this is so easily exploited without an official patch / workaround. As usual seems like Magento OS customers are just left to whither on the vine...
