I got my blogengine 1.6.1 site hacked as someone succeeded creating a user and then used the site as a platform for hacking other sites.
I assume the solution found on this site
should solve the problem, the solution for "older versions".
The suggestion is to add an extension file "BlockTraversal.cs" to the App_code/extension folder.
Sure, but my problem is that the deployed blogengine site is a VS published one and so it doesn't contain any App_code folder.
What are my alternatives in order to have this BlockTraversal extension deployed?