I created an extremely simple wordpress plugin that creates log of failed login attempts, this way I can target only a brute force attack and not a webmaster login into several sites in an hour for normal work (this is a server with more than a thousand wordpress sites)
I can make the log any way I want, but so far I am appending a timestamp and an the ip of the failed login attempt remote host, as an example:
Code: Select all
2022-11-12 18:14:32 188.8.131.52 2022-11-12 18:15:35 184.108.40.206 2022-11-12 18:18:25 220.127.116.11
Also, if you have any suggestion on the log format, please let me hear them.