Our Strategy Against Hackers:

Here's our Website's Anti-Hacking Strategy.

Make a text file with Known Hacker URL Strings, that are clearly not on your server, and would only be accessed if someone was trying to hack your Server.
[continually updating based on Logs]
See ours at....Click here 
This list may not work on other Webservers because we do NOT use wordpress, while other sites do. So this list may trigger false positives on your server, so it must be edited based on what you see in your 404 logs.

We made a custom 404.php page, that searches the failed 404 URL requests with the strings in that file. 

================= part of our 404.PHP code ==================
$LoadedHackString = file_get_contents('K:\hacker_strings.txt', true);
$request_uri = $_SERVER['REQUEST_URI'];
//Forward any Hacker onto the Hacker Warning Page
if(preg_match($LoadedHackString, $request_uri) == true) {
  exec('p:\ShouldIBlockHim.bat ' . $ip);
  print "<script language=\"javascript\">window.location.href = \"http://www.stophackers.net/hackeralert.php?".$ip."\";</script>";

If the 404 URL is in the List of Hacker Strings, then I forward the hacker onto a threatening webpage.
See ours at...     http://www.stophackers.net/hackeralert.php

Then the 404 PHP file runs a script that checks if it is a repeat offender, if so, I run a command to add a FireWall Block.

Netsh advfirewall firewall add rule name="Auto Hacker Block-[IP_Address_Here]" dir=in interface=any action=block remoteip=IP_Address_Here/32
for Linux----> # iptables -A INPUT -s IP_Address_Here -j DROP

Then I make public every IP address of a repeat hacker...
(continually updating)   http://www.stophackers.net/hacker_ips.txt

Then we report the repeat offenders to the www.AbuseIPDB.com community worldwide.

Then we make a publicly available command line string for other websites to copy/run in a command prompt, if they want to block the TOP 300 Latest Hacker IPs with their firewall. [Windows Server]   [
Linux Servers]   (free + continually updating)

Then we make publicly available what files the Hackers were looking for.  This shows us what the current known web vunerabilities are, but it also helps us forsee any NEW web Vunerabilities that hackers are starting to exploit.
The list of Hacker Activities are here... http://www.stophackers.net/whatweretheytryingtohack.txt

Then we make a publicly available what dates the Hackers were blocked. So you can judge how long they've been active.
The date of the Hackers Activity is listed here.  http://www.stophackers.net/WhenIPWasBanned.txt

Therefore, the more we get hacked, the more our database grows, and the more the web community can benefit from using our firewall command that blocks the latest hackers.   :-)
There is a recursive #INCLUDE chain