I tried the wordpress site first, but no replies.
I had a couple of emails this week from WordPress Firewall saying that it had detected and blocked a potential attack; path below with blog address removed.
This obviously was an attack, because I made no changes and I don't know anyone in Belarus!
Now, the firewall stopped this, but is there anymore security I can put in place?
I have an htaccess file in the root of web and root of blog, but in my limited knowledge, is my index.php safe? Do I need to do anymore than have Firewall installed and latest version of WordPress?
I have login lockdown as well.