How to block plugin activations with no known user or coming from unknown IP address range?

I have received a Sucuri alert for an unauthorized plugin activation: Event: Plugin Activated Website: http://www.XXXXXX.XXX IP Address: XXX.XXX.XXX.XXX Reverse IP: XXXXXX.XXXXXX.XXXX Date/Time: 7 January 2021 5:00 PM Message: Plugin activated: Wp Zzz

How can I stop this happening?

Compared to a legitimate activation:

  • Here there is no admin username specified (I guess nobody has logged in from the admin interface)
  • The source IP address is not my home or office (this IP address keeps changing every time I get this Sucuri alert)

I appreciate all suggestions in advance.

Topic activation security plugins Wordpress

Category Web

About

Geeks Mental is a community that publishes articles and tutorials about Web, Android, Data Science, new techniques and Linux security.