Somehow our website has come under scrutiny by a hacker from Saudi Arabia. We were originally hacked and I installed Better WP Security, along with implementing a number of other security measures.
It seems to be working so far. However, every couple of days, I notice that I get a 404 error in the log where a different IP range from Saudi Arabia attempts to access the URI "/not_found"
Does anyone know how I can prevent others from even accessing the site via that URI? I was going to try and block the IP ranges, but every time it's a different range apparently. There's a screenshot of the entry here.
They've managed to hack the site and inject files into my folders through this method in the past (prior to Better WP Security) and I want to make sure I'm fully addressing the vulnerability.