Blocking access to wp-login via htaccess not working
As long as a plugin is blocking excess login attempts, then I am not sure that additional protection is needed. The plugin should be protecting against the attempts at credential guessing. There will always be login attempts on sites, even if they aren’t WP sites. You could look at your access logs (filtering by a … Read more