Install the fix wordpress malware attack Firewall Plugin. Stop and this plugin investigates requests with straightforward heuristics to identify attacks that are most obvious.
Don't depend on your internet host - Many people rely on their web host to"do all that technical stuff for me", not realizing that sometimes, they do not! Far better to have the responsibility lie with you, rather than out of your control.
This is very handy plugin, protecting you against brute-force password-crack strikes. It keeps track of the IP address of every failed login attempt. You find out here can configure the plugin to disable login attempts when a certain number of attempts is reached.
Another step to take to make WordPress secure is to always upgrade WordPress to the latest version. The main reason for this is that there come fixes for security holes which makes it essential to upgrade early.
However, I recommend that you set up the Login LockDown plugin rather than any.htaccess controls. Login requests will be stopped by that see page from being permitted from a specific IP-ADDRESS for an hour or so after three failed login attempts. It is still possible to access your cell while from your Find Out More office, and yet you still have protection against hackers if you accomplish that.