I use the Wordpress Limit Login Attempts plugin a little bit across various Wordpress sites that I run and support. Lately i've toyed with fine tuning some of these sites by using Limit login attempts in conjunction with Nginx and Varnish.
Varnish happens to be a reverse proxy (more on varnish here varnish) which means all traffic is routed through it first.
Every other day I would get a message telling me that limit login attempts has exceeded total amount of failed attempts from IP 127.0.0.1 - after a little brain racking and a bit of confusion I had an aha moment! Varnish was causing all failed login attempts to be from the same IP I.E the local one!
Once I realised this was the cause of the problem it was pretty simple to fix. Limit login attempts has an under reverse proxy setting which is as simple as just flicking on to prevent this problem.
Simple as that, quite frustrating until you realise this though. So i'm hoping it helps someone else out sometime in the future.