I used to have this problem each and every day.  They were trying to brute force their way in about 1000 times an hour.  It was crazy.  I decided to lock down my login page with htaccess.  There are quite a few writeups around the web about doing so.  It is fairly easy to do.

 

If your username is admin, then you really need to change it.  That is more complicated and you would need to create a new user, move all of the posts to that user, then delete the original.  Then you have to do some database work to complete the migration.  It takes some time.

 

You can reach out to me if you have any more questions.

Thanks again Grayson. I did some time ago go through the steps to change my username, so that's been done. Sounds like the attack on Money Counselor is pretty feeble compared to what you've experienced, so think I won't worry too much. I did learn from iptrackeronline.com that one attack originated in the Ukraine, one in St. Petersburg, Russia.

If your username is admin, then you really need to change it.  That is more complicated and you would need to create a new user, move all of the posts to that user, then delete the original.  Then you have to do some database work to complete the migration.  It takes some time.

You can reach out to me if you have any more questions.

My 6Scan plug-in has sent me two of these messages in the past 8 hours:

I'm glad the plug-in is doing its job, but I'm nervous that the would-be hacker will eventually succeed. Does anyone have suggestions for further defense I might take?

Thanks!