I use Wordfence as well as DM User tracking to monitor traffic to my site mariacdawson.com. Often, I see malicious login attempts on DM that I don't see on Wordfence. Anyone know why?
34m ago 213.184.102.67 (referrer) http://mariacdawson.com/wp-login.php (page visited) /wp-login.php
34m ago 213.184.102.67 http://mariacdawson.com/wp-login.php /wp-admin/post-new.php
34m ago 213.184.102.67 http://mariacdawson.com/wp-login.php /wp-login.php
34m ago 213.184.102.67 http://mariacdawson.com/wp-login.php /wp-login.php
34m ago 213.184.102.67 http://mariacdawson.com/ /wp-login.php
Sometimes, the activity does show up in Wordfence:
United States Scottsdale, United States left http://mariacdawson.com/wp-login.php and tried to access non-existent page http://mariacdawson.com/wp-login.php
4 hours 47 mins ago IP: 50.63.144.181 [block] Hostname: ip-50-63-144-181.ip.secureserver.net
Browser: Chrome running on Win7
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1623.0 Safari/537.36
[Block this IP] — [Block this network] — [Run WHOIS on 50.63.144.181] — [See recent traffic]
I've begun to use the "block this network" functionality when I have time to investigate, but for other times, I'd like to click "block" and not have to worry about it again. But, I can't figure out how to permanently block IPs without manually entering them. Can anyone help?
Thanks!