I recently had my WordPress websites for one of my clients shut down because of the recent increase of hacker attacks.
So I recently installed not only a firewall but one of my favorite plug-ins to limit login attempts.
I was surprised at the number of bots and attempts to break into my humble sites so if you own a wp site ,do yourself a favor and install some security . The number one task is to replace the default admin login by creating another admin user with a different secure pass username
Log out and test the new admin user before implementing any of the other security measures.