@srd75
Receiving all those notifications indicates your site is under brute force attack(s) (or receiving requests that lead to many 404s) and the iTSec plugin Brute Force Protection and\or 404 Detection features are protecting your site.
You could enable the Digest email but it would be better to prevent those Brute Force Attacks (BFA) from ever happening. No BFAs -> no lockouts\bans -> no email notifications … and better performance of your site.
There are 2 types of BFAs:
- BFAs using the WP Dashboard login script (wp-login.php)
- BFAs using the WordPress XMLRPC feature (xmlrpc.php)
Your web server access_log will show which type of BFA your site is suffering from.
To prevent (automated) wp-login.php BFAs simply use the Hide Backend feature to hide your WP Dashboard login slug.
Please note this may not prevent all BFAs if your site exposes your secret login slug …
To prevent (automated) xmlrpc.php BFAs disable XMLRPC (if possible) in the WordPress Tweaks section of the iTSec plugin Settings page.
Last but not least the lockouts\bans could be the result of many 404s.
You could disable 404 Detection but it would be better to fix the 404s.
dwinden
@srd75
If you require no more assistance please mark this topic as ‘resolved’.
dwinden
