I’ve installed an activity log plugin (https://wordpress.org/plugins/aryo-activity-log/) and notice many Brute Force attacks trying to login with a wrong combination of user id/passwords. The user IDs used for these attacks don’t belong to any of the subscribers. I have like 20 attacks in a row that come from the same IP every time and there is an attack every minute.
In Brute Force IP/Login Restrictions the setting is: “allow 3 failed attempts login (then punish for 30 minutes)”. So after the third attempt, that user ID/IP should be punished for 30 minutes: but this doesn’t happen, since the 4th and following attempts happen just one minute later.
I also set Unique IP Access Restriction to 5 IPs per customer every 30 days with 30 minutes of punishment, and restricted the simultaneous logins to 2.
The other plugin I use that could be related (but which doesn’t have a similar function) is User Blocker (https://wordpress.org/plugins/user-blocker/)
I tried to reset the logs, but nothing changed. Any suggestion? Thank you!