I am getting lots of attempted logins:
attempted a failed login using an invalid username "admin".
I can block them if I set the setting:
Immediately lock out invalid usernames
But I don't really want that set as it may block legitimate users with typos.
I tried setting:
Immediately block the IP of users who try to sign in as these usernames
But this does not block them, there is no admin user set in Worpdress.
Any ideas why it's not blocking them?