I installed Wordfence on one of my domains and now I get always the same messages (see below). I got in 10 minutes into my mailbox about (8 x 61 + 12 = 500) messages that someone is trying to hack into my site.
How it is possible that he/she is performing 500 hack attacks (from the same IP adress) in such a short period of time if the hacker is (should be) locked out after 20 failures?
Thanks for your explanation.
[Wordfence Alert] http://www.mydomain.com User locked out from signing in
A user with IP address 188.8.131.52 has been locked out from the signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 20. The last username they tried to sign in with was: ''
User IP: 184.108.40.206
User hostname: mail.mottotanitim.com