On wordpress itself the most you can really do is change the default URL from "wp-admin" to something else. I do this pretty religiously nowadays.

But it wasn't wordpress that they were bashing on I have an application called infiniteWP that allows you to administer wordpress web sites that i use for my clients. it automates back up and updates and a few other aspects of managing a wordpress site.

i was actually getting ready to go outside and do some yard work but i got a flood of over 100 emails saying that there was a bunch of failed login attempts. it only lasted for a few minutes so now i'm paranoid and checking on my server logs.

what's really weird to me though is the ip range that everything was coming from it was all "127" ranges. I know there was talk at ICANN about freeing up that address range. but now i'm just fucking paranoid that something might be on my server