Hmmm. At about 16:40 today someone (something?) tried to log in to our site with userid "Austin". As this doesn't exist, the IP address range was blocked - I got an email, and the IP address range shows on the WP Security locked out IP address list.
Over the next 10 minutes there were about 300 further login attempts, using 2 existing userids, from the same, locked out, IP address. These show up in the plugin WP Activity's log. Should these repeated attempts have triggered further lock outs? Should they not be blocked before getting far enough to trigger an entry in the WP Activity log?
Using v3.0 of AIO.