Every WHM admin always get Large Number of Failed Login Attempts from the hackers. They use open public IP lists.
We can share this information across the world. By checking which IPs are often use to attempts login to many servers. We ban them for a whole day or week.