I have a small vps with a couple of websites and scripts running on it. One of them is made with wordpress.
Looking at the logs, there is a brute force tentative running. I'm trying to block the ip addresses but basically after ~20 requests, the ip changes (and there are a few concurrently accessing my website).
This stupid script kiddie has put the some bad coded script at work which dosen't care if there is no wp-login
page to access. Since this is a bit annoying, I wanted to know if there was a way to block all the ip addresses (possibily via ip-tables) accessing the /wp-login.php webpage - best if with ip-tables.
Thanks