Monitoring a WordPress site is certainly the most important of the 4 aspects that are part of the security cycle.
It is useless to have set up a very good security, if the system is not then monitored to detect vulnerabilities and threats that are constantly evolving.
Monitoring of updates to WordPress system files, theme and installed plugins
Monitoring the proper backup and restore performances
Monitoring of any unauthorized changes to website files
Monitoring of possible intrusion attempts by bots looking for vulnerabilities, with automatic ban in case of repeated attempts
Monitoring of server availability and reachability over the Internet
Entering new blocking rules in the Web Application Firewall, following intrusion attempts recorded daily
Daily system vulnerability scans are performed to detect any new vulnerabilities that can be exploited by malicious users.
Core files, theme and plugins updating
Backup & restore
System files integrity
Bad bots monitoring
Firewall rules updating