FWIW https://github.com/invisnet/wp-fail2ban
Works great for me on Ubuntu server.
I just stumbled across Relevanassi and it resolves the above issues. Looks pretty nice.
I would value the talent of the developer over the software stack. I didn’t look at your site, nevertheless a LAMP stack with WordPress is an excellent solution. Cost effective and versatile in the hands of a competent developer. The auto updating feature has also greatly improved security for some.
