We have noticed over the last few days what seems to be a vulnerability scan coming from a private network on our server. 10.16.0.5
We do not have Private Networking enabled.
Fortunately, the vulnerability seems to be for Wordpress Revoslider, which we do not use on this server.
They also seem to have found our admin folder which we have renamed to something obscure.
If someone could advise how they have (a) managed to find our admin folder name and (b) how they can be accessing our site from a DO Private Network IP
Thanks in anticipation.