I had a persistent bot(s) hitting me up yesterday and happened to be tailing the log in real time over about a 10 minute period. It was brute force from 2 simultaneous IP's in the same country. Anyway, Login Lockdown banned them, but they did not stop hitting the wp-login.php page at a rate of about 2 times per second for quite a while until I physically closed the connection.
The question is if the bots are banned, the plugin is not actually stopping them from continuing to hit the login page? (or, I'm totally off on my assessment). If true though, how is the plugin denying them trying to fill out the form if they can continue to hit the page?
thx for any insight on this,