WordPress is already a pretty secure platform and gets security updates on a regular basis. There are always additional steps you can take to harden WordPress. Here are 5 plugins you can use to block malicious URL requests:
BBQ: this plugin is designed to protect your site against malicious URL requests. It checks incoming traffic and blocks suspicious attempts. It can stop directory traversal attacks and executable file uploads.
QueryWall: another malicious URL request blocker that analyzes all incoming HTTP requests and stops malicious queries. It lets you add your own rules.
All In One WP Security & Firewall: a complete security plugin that lets you know how strong your site is against security attacks. It can protect your site against brute force attacks, protect your database, identify files/folders with problematic permissions, and stop malicious scripts.
Wordfence: one of the best WordPress security plugin with a a malware scanner, vulnerability detector, login security, and Live Traffic to monitor hack attempts in real-time. It serves as a firewall to identify and stop malicious traffic.
IP Geo Block: helps you protect your site against zero-day exploits, malicious login attempts, and badly behaved bots. It uses multiple IP geolocation databases for better accuracy. The plugin can also stop malicious file uploads.
Have you found better malicious script blockers for WordPress? Please share them here.