Step 1: Log into WordPress dashboard.
Step 2: Naviagate to Plugins > Add new > Wordfence.
Step 3: Once the plugin is activated click on Tools on the left pane under plugin options.
Step 4: Click Live Traffic tab to see all the IP addresses that are accessing your site.
Step 5: Copy the IP address that looks suspicious and then switch to the WHOIS Lookup tab.
Step 6: Enter the IP and click on Look IP or Domain button.
Step 7: If the IP address is untruested then block the IP address.