We reviewed Linux access logs through Cockpit, MariaDB logins, WordPress logins and attempts, as well as site traffic to identify our attacker. The only sign we saw of them was their accessing of our website and attempt to exploit it through the use of comments. Their attacks were unsuccessful.