I have a question about how the option "Blacklist searches for wp-login:" works.
Does it work by REQUEST_URI or something like REQUEST_FILENAME variables? I currently use Theme My Login that puts the login screen in a page of my choosing. So basically am I safe using this option with Theme My Login?
It looks like it's using $_SERVER['REQUEST_URI'] in stop-spammer-registrations.php. So does it block anything/anyone doing a request_uri for just wp-login? Something like http://www.example.com/wp-login ? Will it affect anything/anyone searching for wp-login.php? Sorry, it's hard to test this when I need to be whitelisted and I block most of the known proxies and tor networks from my site as well.