[ad_1]
I am using the “Limit Login Attempts Reloaded” plugin and it sends me emails when an IP address exceeds an error count and the email shows the IP address and the wordpress username that they were attempting to guess the password for.
The thing is that I use a username that is not simply “admin”, but a unique variant of that. But yet the email notice shows that the hacker is using that unique username when trying a brute force attack.
So, how was the hacker able to figure out the unique username?
[ad_2]