I was helped by it although my first step is. I had a good old fashion pity party. I cried and railed against the evil hackers (that where probably 13 and smarter then me.) And then I did what I should have done before I started my site. And here is where I want you to start as well. Learn hacked. The beautiful thing about secure your wordpress site and why so many of us recommend it is because it is easy to learn. Unfortunately, that is also a detriment to the health of our sites. We have to learn how to add a security fence around our site.
Safeguard your login credentials - Don't keep your login credentials More about the author where a hacker could find them. Store them offsite, and even offline. recommended you read Roboform is for protecting them very good . Food for thought!
This is very handy plugin, protecting you against brute-force password-crack attacks. It keeps track of the IP address of every login attempt. You can configure the plugin to disable login attempts when a certain number of attempts is reached.
As I (our untrue Joe the Hacker) understand, people have far too many usernames and passwords to remember. You've got Twitter, Facebook, your online banking, LinkedIn, two site logins, FTP, internet hosting, etc. accounts that all come with logins and passwords you need to remember.
However, I recommend that you set up the Login LockDown plugin rather than any.htaccess controls. That will stops login requests from being permitted from a specific IP-ADDRESS for an hour or so after three failed login attempts. You can access your admin mobile while and yet you still have site web protection against hackers, if you accomplish this.