WordPress / Site Hell, Hopefully Getting Better

All of my websites have been a mess this weekend as there has a been a worldwide brute force attack occurring for several days on WordPress admin accounts.  I avoid most of the common mistakes (using the default user name, simple passwords, etc) so I don't think anyone has breached a site but the constant calls of the login function acts effectively like a DDOS attack, flattening my server.

I have put in place some extra code to detect brute force attacks and temporarily and even permanently ban IP's.  Since attackers don't just sit in a single IP in Russia any more but use shifting and spoofed IP's, you may at some point find yourself locked out.  Email me if that happens.