I’m seeing WAF blocking Wordpress logins with: Multiple Username Violation
What about hack attempt on a single username? Why isn’t there a rule for that? How would I add the rule or do I need to use another tool to block too many failed login attempts on a single user name?