I run 45 wordpress sites, 44 of which are part of the same multisite. I have run a few plugins in the past, lockout limiter being one of them, but this is the first plugin that is effortless to install across the entire network of sites, and seems to actually reduce server load dramatically. A few months ago, I was unlucky enough to be a target of the ongoing fort disco attack, a few times a week i would get hit with hundreds of Russian/eastern bloc ips, sometimes my server would weather the storm, sometimes not, sometimes i would turn off mysqld just to keep the server/non sql sites up and running. No plugin really seemed to help, htaccess scripts did nothing. I installed Bruteprotect 3:30pm est yesterday and in the past 21 hours it has stopped over 2,000 attacks; "BruteProtect has stopped 2,157 malicious attempts to access leemylescommunity.com." if your thwarted attack counter is accurate, my sites account for over 4% of all attacks BruteProtect stopped in the past 24 hours, which sounds pretty amazing to me, and i can't thank you enough. How is the thwarted attack counter kept up to date? And how is this plugin so different from the login limiter plugin, i have over 25,000 lockouts on one of my sites from that plugin, but it never really reduced server load...i would be running at 15x load 0% idle when being attacked before brute protect, now it barely blips over 2.0 when i do an uptime in linux, and still 70% idle over 5 seconds.