Thread: Spam, attacks, fake registrations

Spam, attacks, fake registrations

Within a matter of minutes I started receiving failed login attempts. Wordfence was letting me know and these are some of the IPs:
45.33.157.170
5.157.14.25
5.255.81.209
37.203.215.166
136.0.110.155
45.33.157.170
45.33.155.51
192.186.151.238
107.183.191.143
216.158.205.28
37.203.211.69
45.33.158.51
104.151.210.38
94.249.241.66
104.151.210.38
23.27.21.18
45.59.29.144
5.255.81.38
45.59.24.217
50.118.173.169
216.158.196.96
107.152.160.14
45.59.24.91
23.27.21.72
216.158.209.46
216.158.202.57
107.183.191.59

Then I read that I have to allow anyone to register so they can pay for listings. So I checked that box in WP > Settings > Allow anyone to register (as contributor or subscriber).
Now I'm getting accounts being created with spammy usernames and if it continues I'll end up with thousands and will not be able to distinguish the few that are good!!

I'm concerned that the attacks were happening almost immediately after creating the WP site and adding the Vantage theme. Previously the domain had never been used (with any site). So it seems spammers/hackers are watching for new WP+Vantage installs... I'm worried about how they are ultimately going to plague my site with spam.

What can be done? Captcha mods? Security question, move the login page?

Thanks for any help.