I set up logging and Athena for this site out of curiosity and ran a quick query of uri calls. Though I shouldn’t have been, I was surprised by the number of requests to WordPress admin pages. I’m not advocating against using WordPress (…well…maybe with a little MidWestern passive aggressiveness), but if you’re using WordPress please, please, please change your default admin password! I’m not seeing blasts at other platform admin pages.

SELECT uri, COUNT(*) count 
FROM cloudfront_logs 
WHERE date BETWEEN date '2020-01-01' AND date '2020-02-08' 
AND uri like '%wp%' GROUP BY uri;