Replies: 0
Hello
I am a dev experimenting with different ways to secure websites. This includes tools such as Wordfence premium and free as well as various server and client side applications.
I am testing completely blocking the admin for all IP’s except one whitelsited IP.
I still see brute force attacks being reported from Wordfence for example from Netherlands. When I use a VPN set to Netherlands on the /log-in.php I get the expected 403 forbidden page. How is Wordfence still reporting brute force attacks?
Thank you