To secure your admin area from hackers, we recommend that you allow access only from a selected IP address to your admin directory. You need to create a .htaccess file in the directory where you want to restrict access to specific IP addresses.
For example, if you have a WordPress blog installed on your main directory and log in via example.com/wp-admin, you should create an .htaccess file in /wp-admin/.htaccess, and you should put the following code into it. Don’t forget to replace the allowed IP address with your IP address.
order deny, allow
deny from all
allow from YOUR-IP-ADDRESS-HERE
(Replace “Your-IP-Address-Here” text with your IP Address)
You can test this by accessing your /wp-admin IP address from another IP address, which is not mentioned in your .htaccess file.