You could use a plugin like this one:
https://wordpress.org/plugins/ip-address-blocker/
Check your stats. I suggest to consider a country IP ban, since each time this happens, it uses your server resources, which it might not be much right now, but it could affect the speed of your site or even lower your Google Rank
You might take a look at WordFence which has fairly strict but sensible settings for these things.
You don’t want to be too strict but you sure don’t want to be too lax either. You don’t want to lock someone out for a simple mistake or following a bad link submitted by a prankster.
You also don’t want to slam the door on ‘Your hired gun’ either. Of course, he should have access to clear his own ban.
I will tell you that WordFence has a companion plugin called ‘WordFence Assistant’ which serves to let the admin back in on command after the admin gets himself banned. Yeah, it happens…. I advise using that and a secondary admin account.
Thread Starter
tcloud
(@tcloud)
thanks — I’ve looked at this and similar plugins. None I’ve found automatically block IP which attempt to access restricted files — e.g. files in theme directory or in plugins (including plugins which do not exist on the site). I also want to immediately ban any IP (that isn’t whitelisted) that attempts to access login.php
thanks again for the recommendation
This is best done on the server level with iptables or firewalld or hosts.deny and managed through an intrusion detection system like OSSEC. (At least, that’s how I do it on my server.) But I use WordFence to log the attempts and let OSSEC read those logs.
If you don’t have server level access like that, let WordFence do its thing. It will 500 error most of the bad actors trying to access your login,
Thread Starter
tcloud
(@tcloud)
sorry, my reply was to the suggestion to use IP blocker. I believe WordFence does automatically ban IPs under some conditions.
