Judging from the server logs, at least you are trying.
Your lack of imagination is curious, though. Automated SQL injection attempts in 2017 – really? If that’s the best vector you can think of, then well… best of luck.
A few short words about security measures taken at our side: Only a couple of free plugins. Which ones? How about you tell us! More important than any plugin, however, is using a clever and curated .htaccess file. You’d love to see it. But you can’t.
Paying for third-party protection solution? Nah. We’re just doing fine without any of it, quite apparently.
Come on. Shared hosting, Apache, WordPress.
You have so far delivered a couple of cocky comments, but… you can’t even find the login page. And what good is a login page, provided you one day find it, if you have absolutely no idea what usernames are in use?
We say WordPress can be run safely. You call bs. But – why are we still up and running then?
Speaking of failures, how do you like our 404 page? 🙂