I use WordFence and it will block them automatically.
I am blocking them but them are using multiple IP addresses and despite having removed to log in page (wp-login.php) they keep coming there must be another file I need to disable to stop them.
How are you blocking them?
I use log-in lock which blocks their IP address. They are using multiple IP’s
You might try this one also …you can set the time it takes to fill in the form and if its too fast its a Bot and get blocked and blacklisted.
https://wordpress.org/plugins/stop-spammer-registrations-plugin/
Thx. The blocking is working. What I need to do is to disable the log in function. I have removed the log in page by deleting wp-admin.php. But the bot has found a way around that.
The blacklisting is working. But the bot switches IP addresses and just keeps coming.
The blacklisting is working. But the bot switches IP addresses and just keeps coming.
I’ve offered you two solutions to this and it appears that you are not interested in exploring them. You can delete all the files on your site and the Bots will still probe the site. Perhaps someone else might be able to give you what you are looking for.
I might have misunderstood you but what does Wordfence do to block a bot? Login Lock shuts it out and and triggers an admin alert. Does Wordfence operate differently?
I just figured it would be easier to remove the functionality that enables the login.
Better is to protect website with server level access permission on wp-login.php file. Or you can use Login lockdown plugin.
When you say it is better to use server level permissions on the wp-login.php file, what do you mean? How would one do it? My solution after Login Lock was to get rid of the login page.
But it didn’t work for this site.
Is it possible to close the site by removing all login access? I have deleted wp-login.php
