Not sure what you mean by “legitimate”, but the increase could simply be the natural ebb and flow of hacker bot traffic…
By legitimate I meant that it looked like a spam.so were they real? Been more than a month I own the domain and that many of them in number never really happened. Yesterday count was above 500 and today after every 2-3 hours I get notified via email, of login attempts in bundle of 14-15. Gives a bad sensation. Do I need to worry about that? Although they are getting blocked simultaneously but still. And this has started happening when I changed my WP password but that doesn’t seem to be of any relevance. Can you tell bit more about the same?
My suggestion would be to install/enable the “WPS Hide Login” plugin to change the default WP login URL.
Then – once you’re sure the new URL you set is working – set WordFence to immediately block anyone who accesses “/wp-login.php” (no quotes). This is done in the WordFence options.
Thought of something like that to be last option but didn’t knew if that exists. The plugin would be enough. Thanks a ton! Have a great day and a wonderful life ahead.
