I have a server that hosts a few wordpress websites, they are being attached the title of the post is the notification I get.
I have installed a firewall and WordFence on each wordpress website. They get locked out but nonetheless they can still try to login, also they seem to be using dynamic IP's so its impossible to block them this way.
They are still hitting the server hard and it slows it down dramatically.
We also installed a firewall but because the IP's change all the time we can't block them and traffic still makes it to the server.
What else can we do ?
How come this huge security issue has not been addressed by WordPress ? I am sure am not the only one.