We implemented the following security measures:
The website had been hacked several times. It encountered issues like unauthorized account creation, unauthorized placement of ad codes, repetitive requests to admin, login and other files from several IP addresses across the world.
We cleaned up the site off any files that may compromise its security. We also installed a few security plugins, changed some passwords, disallowed file editing, setting directory permissions etc.
The site has been clean since and hasn’t been hacked anymore.