aaP_sagarkumarsahu60
Did you hardened your OS?
Did you completely disabled the password login for OS and used key instead?
Did you use cloudflare or any other waf?
Did you enabled the local firewall and secured all ports?
If you are running DB on same server, you can close the mysql port.
Did you installed fail2ban and configured it?
If not do a clean install of OS and do it all over again. again if the same thing is happened, you have to accept that there is something wrong with your application security part.