You need to protect your WordPress site from malicious requests, and using WordPress Firewall 2 is a good way of doing this.
Why WordPress Firewall 2 Is Important
A commonly used way for hackers to try to gain access to your site is by embedding malicious code in requests to your site.
As an example a hacker might embed code to add an administrator user to the database in a request from the internet. This is also known as a SQL Injection Attack.
The WordPress Firewall 2 plugin will stop these types of attacks.
How You Complete This Security Checkpoint
Follow these steps:
Add and Activate the plugin.
If you repeatedly get attacked from a particular IP address you can block access to your site from this IP address. Hackers usually disguise their real IP addresses and run automated attacks using other peoples computers, so in our opinion blocking IP addresses has little value.
See how to block an IP address from your site: Block IP Address.
Optional: Whitelist your own IP address.
If you edit certain settings or files on your site the Firewall might think it’s an attack. For example this can happen if you edit your theme files via the WordPress administration panel. If that happens you will be redirected to the home page when you try to save the file.
You can disable the Firewall temporarily. Or you can whitelist your own IP address.
This only works well if you have a fixed IP address.
We recommend that you use both WordPress Firewall 2 and Block Bad Queries as they protect against different types of attacks.
You might also wan to consider the Sucuri WordPress Security Plugin, which has a very good Web Application Firewall and some great monitoring options.
Please leave them below. Thanks!