Firefox checks the site it is accessing if it reference the past site it will be blocked. If the first link of reference is otherwise such as filipinofutures.com based, it should be alright. Can do a quick google check for the site "health" as well.
I do see that there will not be 100% secure website but minimally we should make it difficult for the attacker by reducing the attack surfaces esp those low hanging fruits such as the mentioned comments field, they can easily input malicious scripts if proper input validation is not incorporated.
Have the proper authentication and authorisation set in term of the access to the various sub sites. The segregation is good to separate the more sensitive from the least, but do also control the file directory listing. Read on the links esp on the file permission and htaccess in the following links.
@
http://mashable.com/2010/04/28/wordpress-security-tips/@
http://www.thesitewizard.com/blogging/secure-wordpress-blog.shtmlOf course the above is not a panacea for all attacks but being resilient is what we should strive for. Also have regular backup for recovery as needed. Balancing the operational needs is important as well as you do not want to make it too "tedious" for readers to access your site else it can be very secure but it does not attract readers. Identify what is the high risk and protect it, the rest will be more of the baseline protection as necessary.
