Okay so in addition to this plugin, I'm also using WP Better Security -- only the "Hide" function. This requires a special string in order to access the wp-login.php page.
However, I'm still getting emails from Login Security Solution saying there is a brute force attempt.
Does this mean the custom login URL has been compromised, or does it actually mean that the hackers are attempting to POST to wp-login.php still, and Login Security Solution is hooking in BEFORE WP Better Security?
If that latter is the case, might I suggest Login Security Solution hooks in AFTER WP Better Security?