Brute force attack from server's own ip

[paksociety]

i am facing a strange problem, brute force is giving me following message
A brute force attack has been detected in one of your service logs.


IP 1.1.1.1 has 54 failed login attempts: wordpress2=54

Check 'Admin Level -> Brute Force Monitor' for more information
http://help.directadmin.com/item.php?id=404

where 1.1.1.1 is my server ip.


Can any one tell me what does it means? which log file to check? how to identify problem.

Regards

 

[ikkeben]

Before ore after you solved this?
http://forum.directadmin.com/showthread.php?t=54321&p=278513#post278513

 

[paksociety]

it is after disabling http2.

 

[ikkeben]

it is after disabling http2.

I don't know WP but if you changed protocols / SSL ore whatever sometimes settings of a CMS/Htaccess/host has to get the right changes also. ( Or something in cache there.... with http2...)

( local browser caching with old...)

Why suspecting these is because that are the changes the host did get, doesn;t mean the cause couldn't be somewhere else