We cannot get iThemes Security to lockout any users, even though we have failed to correctly login over 10 times (using bogus passwords). What are we doing wrong? The IPs say they are white-listed, but there are at present NO white-listed IP’s during testing. Any ideas? Also, do we need to buy the Pro version to get emails saying a user account has been blocked for too many failed login attempts?