Monitoring your WP website/Blog
Sometimes prevention is not enough and you may still be hacked. That's why intrusion detection/monitoring is very important. It will allow you to react faster, find out what happened and recover your site.
Monitoring your logs
If you are on a private server (where you have admin access), you have to watch your logs to detect password guessing attempts, web attacks, etc. A good open source solution to monitor your logs in real time and block the attacker is OSSEC.
Monitoring your files for changes
When an attack happens, it always leave traces. Either on the logs or on the file system (new files, modified files, etc). If you are using OSSEC for example, it will monitor your files and alert you when they change.
Monitoring your web server externally
If the attacker tries to deface your site or add malware, you can also detect these changes by using a web-based integrity monitor solution.
Useful Plugins for Monitoring website activity
- LBAK User Tracking
- WordPress Firewall II