From my experience, blocking such IPs can be solving the wrong problem. Some hackers can generate new fake IPs every few seconds. I found the easiest solution was to install a plugin that hid the login screen and to set Wordfence to block all invalid logins. That totally eliminated login attempts on my sites, 100%. The Wordfence setting was precautionary, but in over a year not one hacker has gotten that far.
↧