Secure the WP Admin Folder in WordPress Using htaccess
To protect your WordPress wp-admin folder from everyone else apart from you, you can add a htaccess file in the /wp-admin folder to allow only access from your IP address and everyone else will be denied and receive a ‘Page Not Found‘ 404 error.
This ensures no-one can even get to the login screen which is a great way to better protect your site.
The file must be named:
.htaccess
File it in:
/public_html/wp-admin/.htaccess
And its content should be as below – but swapping in your IP address:
<FilesMatch ".*"> Order Deny,Allow Deny from all Allow from 12.34.567.890 </FilesMatch>
This will deny access to anyone that does not have the specific IP address to that directory.