my web site is under brute force attack since October.
Better-wp-security logs hundreds of failed login attemps every day.
I'm trying to improve my web site security following the better-wp-security directions, so I did almost everything suggested but my site is still under attack.
I suppose that the main issue is that I cannot hide the login page.
- Hide backend options are ON
- I changed the name of login, admin and register slugs
- I modified my .htaccess file as suggested here (http://wordpress.org/support/topic/after-enabling-hide-backend-still-i-am-getting-bad-login-attempt-how)
but I suppose that my login page is still visible to the hackers.