It is a fact that there are between 50,000 to 180,000 failed attempts at login daily on various sites hosted. For instance, Copyblogger is known for 275 login attempts per hour which are unauthorized. The magnitude of that number is unbelievable, but fortunately, none of us are powerless against these hack attempts which are faceless and nameless. Thus, it is crucial for the web host to help protect you from these attacks of brute force. It should monitor where failed attempts of login come from and then lock out any offending IP addresses.
There are various programs which can be installed and will make things quite difficult for techniques of brute force to be beneficial. It is vital to monitor your website for malware. Some type of system should be in pace to monitor your site constantly for malware. The most esteemed companies achieve this for the server-side scanning which can be done for every client in business.
It is immensely important how you monitor. You can choose a method which can actually be a part of your file structure and you can detect deep breaches, rather than one which reveals where you are most vulnerable. Fortunately, you can achieve something when it comes to malware. In and of itself, monitoring for malware isn't a solution. The solution is what can occur once malware is spotted.
There are true costs of WordPress ownership overlooked, especially those linked with downtime due to issues with security and cleaning up on these various issues. This is part of the value proposition which should be rolled into an offering of a managed hosting provider.
It is important to respect the precarious nature of taking security of websites seriously. The steps above are security safeguards to consider, as well as a well-rounded start, namely for those who find implementing the basics a serious challenge. If you expect to have the basic WordPress security measures in place, then you should take action on these steps.