In the last 6 hours my site has detected nearly 300 failed login attempts [limit login attempts plugin].
I have WP-Ban and I have banned all the IP's but it's never ending! I can't block them fast enough.
Is there a way to move my login page?
Or can I just remove the wp-login.php until the next time I want to login, but still remain logged in? And if I remove the wp-login.php will it still keep others from logging in?
I need more than just backing up my database and changing my password, I need to move the login or something drastic.
What kind of crazy attack is this?