How to block these POST attacks

Replies: 0

I had to restore my website from backup because it was infected.
Then I put it under a reverse proxy of a frien, and he said:
“You are still under attack:

2020/05/26 21:13:09 [error] 17974#17974: *3104 upstream prematurely closed connection while reading response header from upstream, client: 157.230.161.123, server: beezingonia.org, request: “GET / HTTP/1.1”, upstream: “https://34.90.32.132:443/”, host: “beezingonia.org”, referrer: “http://beezingonia.org/web/wp-login.php”
2020/05/26 21:29:49 [error] 17974#17974: *3176 access forbidden by rule, client: 176.9.4.210, server: beezingonia.org, request: “POST /wp-content/uploads/2019/12/fhqlprbv.php HTTP/1.1”, host: “beezingonia.org”, referrer: “https://beezingonia.org/wp-content/uploads/2019/12/fhqlprbv.php”
2020/05/26 21:29:52 [error] 17974#17974: *3181 access forbidden by rule, client: 176.9.4.210, server: beezingonia.org, request: “POST /wp-content/uploads/elementor/ndhecyud.php HTTP/1.1”, host: “beezingonia.org”, referrer: “https://beezingonia.org/wp-content/uploads/elementor/ndhecyud.php”
2020/05/26 22:09:57 [error] 17974#17974: *3381 upstream prematurely closed connection while reading response header from upstream, client: 220.246.32.14, server: beezingonia.org, request: “GET / HTTP/1.1”, upstream: “https://34.90.32.132:443/”, host: “beezingonia.org”, referrer: “http://beezingonia.org/shop/wp-login.php”
2020/05/26 23:06:28 [error] 17974#17974: *3522 upstream prematurely closed connection while reading response header from upstream, client: 158.69.113.245, server: beezingonia.org, request: “GET / HTTP/1.1”, upstream: “https://34.90.32.132:443/”, host: “beezingonia.org”, referrer: “http://beezingonia.org/new/wp-login.php”

You see? They make POST calls on nonstandard paths, especially to php files..
My nginx rules block these trivial trials, luck you are :)”

I wish to know if thans to Wordfence (free, as installed now in the website, or pro, as I could buy if needed) I can stop these attacks.

The website is currently hosted into SiteGround.org and I don’t know [yet] if the use nginx or only apache (is it a shared hosting, thus one of the better available)