I was able to reinstall Wordfence after removing the empty word fence folder in wp-content/plugins. Within hours, WF emailed me about a suspicious login attempt which used my correct user name but obviously not the correct password. However, this is troubling as my user name is as complex as a password (numbers, letters, cases, symbols). In all previous attempts they are clearly guessing– this person knew it.
Updated to 6.1.7
Looking at the Live Traffic for the last couple hours, I am getting hundreds of suspicious attempts to access a file named xmlrpc.php. Is this a known attack?
