Hi, most of the criminal attack bots hit lots and lots of file names. That’s a weakness, as you can trap them by placing a list of common attack vectors in the “Immediately block URLS” list, in Wordfence (see All Options). I spent some time tuning this, but it’s been running pretty much on its own now for many months, resulting in a ton of block. Below is an _EXAMPLE_ of the sorts of stuff one might place on the list. DO NOT COPY PASTE, AS SOME OF MY ITEMS MIGHT RESULT IN FALSE POSITIVES. MTN
/—–NOTE-url-must-not-exist-on-server
/—–NOTE–dots-periods-for-suffix-not-substituted-by-wildcard
/—–NOTE-all-case-sensitive-no-thanks-wordfence
/author/*//wp-login.php
/author/*/wp-login.php
/author/*/wp-login.php*
/*/*login=go%21&H=
/*/*/*login=go%21&H=
/administrator/*
/administrator/index.php
/administrator
/administrator/
/*/administrator/*
/admin
/admin/
/admin/*
/Admin/*
/admin.php
/adminzone
/wp-login
/*/wp-login
/*/wp-login.php
/*/*/wp-login.php
/wp-login.php*
/login.html
/login
/*/node/add
/node/add
/*/*/ckeditor-for-wordpress/*
/*/ckeditor-for-wordpress/*
/dev/*
/deV/*
/Dev/*
/data/*
/data/*/*
/.git/*/
/*/*/thecartpress/*
/*/thecartpress/*
/wp-content/*/*/a-a.css
/a-a.css
/wp-content/*/*/gallery-plugin.php
/gallery-plugin.php
/whitehat
/plugins/lim4wp/editor_plugin.js
/*/plugins/lim4wp/editor_plugin.js
/*/plugins/xerte-online/logo.png
/user-photo/admin.css
/*/plugins/user-photo/admin.css
/*/mac-dock-gallery/bugslist.txt
/*/*/mac-dock-gallery/bugslist.txt
/*/*/*/destination.php