Heads up! IP addresses with more than 4 password failure are being automatically IP banned for 24 hours.
The server is undergoing hundreds of simultaneous brute force password guessing attacks.
WP_fail2ban is working perfectly. The site hasn’t gone down in the flood. Attack IPs are getting banned every second, usually more than one. But due to the extreme numbers of attackers I’ve had to drastically cut back on the number of password failures allowed.
So be careful logging in. If you do get blocked, e-mail andy at this domain, or use the contact me link above if you can access from another location. Try to include the IP address that got blocked.
REMEMBER: andy at this domain
Sorry for the inconvenience.