Hi,
My website has undergone a day or two of hacking attempts.
This has happened before when someone actually managed to create a new user etc. That was sorted, passwords strengthened etc and I set the system to lock users out of signing after three failed attempts.
So, now I have 11 failed attempts just today.
In each case, the IP address is different(quoted in the email from Wordpress). Sometimes, I also see a hostname (usually a Russian site) but would it be possible to also see the failed passwords??
If they were general ones (eg "123456", "password", "admin" etc) then IMHO it would point to a brut force attempt, but more personal guesses would be otherwise.
Is it possible to find out what those failed password attempts were?
I ask because my admin username is far from standard and the first nine attempts used that username. The failed passwords would shed some light (maybe).
Thanks in advance.
J