Hello,
My Wordfence security plugin shows that there are IP’s blocked from all over the world. I have Godaddy, and multiple WordPress sites on one host. Some sites have multiple IP blocks per day, while others 1 every couple of days.
The IP’s usually either go for /wp-login.php, or /xmlrpc.php. Wordfence lists them as Human, and sometimes bot.
Is all of this normal? Does everyone get bombarded by malicious traffic, or what is this?
If I transfer my WordPress sites to a new host, or to wordpress.com, would these “attacks” continue? Or is my hosting somehow compromised?
I don’t really know much about security, so any info would be of great help!
Thank you for reading.