Hi @bigzakweb, thanks for reaching out.
It’s best with the items you’re seeing in Live Traffic is to understand and check the settings that allow Wordfence to deal with these for you. It sounds from your description that Wordfence is catching these attempts so this sounds good for you going forward.
Some of the WAF rule blocks, as they aren’t assigned a block expiration time, never appear on the Firewall > Blocking page. If Wordfence > All Options > Brute Force > Amount of time a user is locked out and Wordfence > All Options > Rate Limiting > How long is an IP address blocked when it breaks a rule? are set to low timescales such as minutes or hours, you may never see them on any blocked list as they’ve already been removed when you check. You can try increasing these to days or months if you prefer. Naturally, make sure both Brute Force and Rate Limiting toggles are set to ON for these rules to work.
My general advice after looking into the sections mentioned above, is that Wordfence does all of the important blocking for you automatically so you don’t have to. A planned manual IP blocking plan is generally an ineffective strategy and takes up your time, so please consult the following links before deciding on what you do going forward:
https://www.wordfence.com/blog/2017/11/should-permantly-block-ips/
https://www.wordfence.com/help/blocking/#ip-address
I hope this helps you out.
Thanks,
Peter.
