Flooded with "BPS Security Log" emails

Sounds like a medium to large scale Brute Force attack is occurring. If your Security Log entries show the same ip addresses over and over and the Request URI/URL is your Login page then these are Brute Force attacks. Brute Force attacks can last a few days. You can choose to not email zipped log files or keep them. That choice is up to you. You can just ignore the attack until it ends since besides getting the automated emails you or anyone else will not notice any negative impacts or be aware that a Brute Force attack is occurring – business as usual.

IP address: 178.137.163.42 is a known Ukrainian spambot/hackerbot: http://www.ip-finder.me/178.137.163.42/
Host: kyivstar.net is known to be infested with spambots/hackerbots and shady people in general == bad neighborhood/no Host oversight whatsoever.
Protocol HTTP/1.0 is used by spambots and hackerbots
The Request URI is your Login page
The User Agent is blank which means that this is a bot and not a human request.

Summary: this is a hackerbot or spambot making a Brute Force login attempt on your site. The reason for seeing a malformed syntax 400 error instead of a 403 Forbidden error is most likely because you are using Cloudflare Rocket minification or the hackerbot/spambot delivery system is fubar and making a bad request to your site.

Yep that was me who posted in the Alpine plugin support forum. I usually look at any other posts someone makes to look for additional clues. I see you posted a new response there. I will post a reply to your question.

Assuming all questions have been answered – thread has been resolved. If the issue/problem is not resolved or you have additional questions about this specific thread topic then you can post them at any time. We still receive email notifications when threads have been resolved.

Thread Start Date: 6-26-2015 to 6-27-2015
Thread Resolved/Current Date: 6-29-2015