Hi @cwdwebsites. WordPress itself is constantly being updated to stay ahead of any security issues. Most themes and plugins do as well (unfortunately, not all). The best thing to do to prevent a compromise is to make sure you keep WordPress core files, plugins, and themes up to date. You'll also want to make sure you always use strong passwords.
Additionally, there are security plugins that can help keep your site safe. Wordfence and Clef are two that are commonly used.
You can block IPs from an account by using rules added to a .htaccess file, but you would only be able to use that method if you are comfortable with updating configuration files and using SFTP to connect to the account and make updates. Wordfence does offer a feature that allows you to block specific IP's, which will make changes to your .htaccess file for you.
JesseW - GoDaddy | Community Manager | 24/7 support available at x.co/247support | Remember to choose a solution and give kudos.