If you subscribe to email notifications, you probably read the post about this site getting hacked.Since then, I have put stricter policies in place in order to make hacking this site a bit harder for anyone who might try to. I did this mainly by having two security plugins: Shield Security, and WP Cerber. Both are great, but I think combining them makes your self hosted WordPress site more secure.
WP Cerber, is in my opinion, the most basic, but effective, WordPress security plugin. It attempts to block bot spam comments, prevent brute force attacks, and even has a citadel mode. Citadel mode is actually a really cool feature; if there are a certain amount of failed logins within the specified time, it goes into lockdown, or Citadel mode. In this mode, only IP addresses in the white list are allowed to log in to your WordPress, and existing logged in users will not be logged out. This is one of the many steps WP Cerber adds to prevent brute forcing the password. It even has an access log, so you can see the IP addresses that are trying to hack you. This plugin alone was unable to prevent this site getting hacked, although it did do a good job at preventing it, as it went into lockdown mode and sent me an email.