Recently, my WordPress site experienced a surge of hacking attempts by different IP addresses, but they all have the same user hostname:
The user with the IP address xxx.xxx.xx.x was blocked from logging in or using the password recovery form for the following reason: Used an invalid username to log into the system. IP User: 91.121.156.62 User Host Name: ks359219. badhost.com
The user with the IP address xxx.xxx.xx.x was blocked from logging in or using the password recovery form for the following reason: Used an invalid username to log into the system. IP User: 5.135.182.147 User Host Name: ks3289006. badhost.com
The user with the IP address xxx.xxx.xx.x was blocked from logging in or using the password recovery form for the following reason: Used an invalid username to log into the system. IP User: 5.135.185.89 User Host Name: ks3290602. badhost.com
The user with the IP address xxx.xxx.xx.x was blocked from logging in or using the password recovery form for the following reason: Used an invalid username to log into the system. IP User: 5.39.86.162 User Host Name: ks3273571. badhost.com
The security plugin I use seems to block them, but I would like to block all requests from ANY IP address associated with the username with a wildcard such as xxx. badhost.com
The plugin allows me to block a number of IP addresses, such as 123.12.1. * but not hostnames. What would be the best way to block these hacking attempts? .Htaccess? Thanks
source share