I have been receiving a ton of emails from limit login attempts of ip's being locked out.
Today there were 1800 different ip's listed.
Since this is the first time I have encountered such a large scale"attack" any tips are welcome.
Is there a way I can figure out if these attackers are using a certain user agent so I can block it? I have access to DirectAdmin.