Someone/bot has been trying to access one of the sites I run for a little while now, plugin works as it should, locks IP out and sends me an email, the locked out IP continues to try to login once the plugin allows it again and quickly gets locked out again.
My problem is that now with that one IP banned for 48 hours, myself and other users are effectively locked out.
Receive the following error above the login form and are unable to login even with the correct credentials.
ERROR: Too many failed login attempts. Please try again in xx hours.
Seems like all IP addresses have been locked out instead of just the offending one. Using WP 3.8 and 1.7.1
Anyone seen this one, don't want to hack DB if avoidable