[ad_1]
[ad_2]
My website is barraged with login attempts from people who aren't me. from pakistan, kazakhstan, croatia, you name it. I get dozens of attempts a day, and receive notifications that they have been locked out. Is this normal for wordpress sites?
yes, add captcha and try wordfence plugin and or cloudflare proction…..
you can also move your admin login path. it helps hide the login from the usual bots
Try cleantalk
CloudFlare WAF rules – block any countries that don’t need access to your site.
Use Wordfence to automatically block any ip addresses that fail login after 3 attempts.
Very common with any website.
Put your site behind Cloudflare and use their WAF to block countries. For spam and abuse use OOPSpam. You can block countries there too. Even better, use Allowed Countries to restrict your login/registration to your country only.