I have Defender on all my sites and the settings are very tight as you can see here:
I also have xmlrpc.php requests blocked:
But my sites and server still get taken down:
I have blocked an IP address 18.104.22.168 which was attempting to brute force login to the following sites
The server load has now dropped from 14 to 1 and the sites are now online and responsive and the alert has cleared. As
with all WordPress sites, I would recommend protecting the wp-login.php pages as described in the following document:
https://codex.wordpress.org/Brute_Force_Attacks. In particular, the section on limiting access via an .htaccess file to
certain IPs may be useful. Please let us know if you need any more information.
Do you recommend another plugin next to Defender or in the place of defender?