To prevent attacks on your WordPress website

Wordpress site is attacked using different methods: log-in attempts to the admin via the feedback form, through some php files (like wp-config and wp-login) and using plugins. Need the help of those who have already faced this problem, so in the responses please describe your experience solving such problems, as well as the experience with WP. And indicate the approximate price