first time posting, hello
The reason for my post is I starting getting alerts from Wordpress lately that multiple IPs are trying to hack my site. I have a plugin installed called “Limit Login Attempts,” it blocks access when someone is trying to get into my site with multiple failed attempts. One of the IPs I am seeing in the alerts is 126.96.36.199 When I look into this IP using geo locate tools it tells me it’s a CloudFlare IP out of San Francisco.
This is one IP that constantly is trying to login to my wordpress with “admin.” I am using a cloud flare SSL certificate on my site. I don’t believe Cloudflare would be doing this nor does it have any connection with the SSL cert. I think someone is trying to get into my site (likely just a bot or script kiddy etc ) and using Cloud Flare as a disguise / Proxy or etc. Am I right ? Should I just ban this IP?