Last night I got an email from my hosting company, they shut down one of my WordPress site for it was brute force attacked on login page. The support guy asked me if I could recognize the source IP, and sent a Google search results link about how to solve the problem, that means I have to solve the problem by myself.
I’m pretty upset when I got this email, but still tried to block the IP in the .htaccess file. I found the hosting company changed the file privileges so I couldn’t update the .htaccess. The only thing I could do is replied the email and called their EMERGENCY service number, which was answered by an answering machine, asked them how could I do any fix if I couldn’t edit the .htaccess file.