I installed the plugin best wordpress security in my blog yesterday.
Today I had an alert telling me that there had been 5 bad login attempts (I was already logged in then), seems the 5th was successful... Then I get an email from best wordpress security with a file change warning telling me there has been file changing while I wasn´t working in my blog, in flies like .htaccess, wp-config.php, etc.
I´m worried I´m hacked, but don´t know how to proceed. How can I mend this and how can I protect myself from attacks? Would something like site lock secure or secure really protect my webs from hackers?