Comment by stevenicr

and hackers..

install a fresh wordpress and you'll be blocking hundreds of Digital Ocean Ip addys within 24 hours..

Or you won't.

If you add a failed login detector you'll see DO, OVH Hetzer and similar are non-stop password guessing your logins everyday.

Maybe your admin password is so long they will never get in, maybe you don't care that your server gets slower responses for actual users as it serves pages and does DB lookups for all the bots trying to use a different password every minute.

Maybe the website owner doesn't know any of these and the open internet is actually legoland where everything is awesome all the time.