Multiple URLs for single site and wp-login.php attacks

I have a single website with several URLs pointing to the single Wordpress instance on my own server. I have set up 301 rules for the secondary URLs and have also enabled Bot protection in the Firewall.

I am still getting a lot of hits reported in Loginizer for /wp-login.php

If I have a 301 rule set up, how is the login on the secondary URL being reached? Also, the attackers’ IP addresses are all Cloudflare ones, so presumably this attack will eventually prevent anyone from logging in?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.