Janric Simple Attack Monitor

Most security plugins try to do everything — firewall, blocking, malware scanning, email alerts — and end up bloated, slow, and full of upsells. Attack Monitor does one thing: it watches your site for common attack patterns and quietly logs them, so you always know what’s being thrown at your site.
What it detects

Brute force login attempts
XML-RPC abuse (including system.multicall floods)
User enumeration via ?author= and the REST API
Admin area probing by unauthenticated visitors
Path and plugin scanning (phpinfo.php, .env, phpmyadmin, wp-config.php and more)
SQL injection attempts in URLs and POST data
XSS attempts in URLs and POST data
Comment flooding

What you get

A dashboard widget showing this week’s attacks by category at a glance
A full log page with day / week / 30-day / all-time views
A bar chart of attack volume over time
Top attacking IPs ranked by hit count
Filterable event log with timestamps, IPs, URLs and detail
Safe IP whitelist — exclude your own monitoring tools, cron jobs or office IP ranges
CIDR range support (e.g. 192.168.1.0/24) for the whitelist
A single lightweight database table — nothing else added to your WordPress installation

Philosophy
Detection and blocking are separate concerns. This plugin handles detection only, leaving you free to choose how you respond — whether that’s Fail2ban, Cloudflare, a companion blocking plugin, or simply reviewing the data. No firewall rules are added, no requests are blocked or slowed down, and no data is sent anywhere outside your own database.
Ideal for developers, agencies and site owners who want visibility without handing over control to an all-in-one security suite.