To protect your WordPress wp-admin folder from everyone else apart from you, you can add a htaccess file in the /wp-admin folder to allow only access from your IP address and everyone else will be denied and receive a ‘Page Not Found‘ 404 error.
This ensures no-one can even get to the login screen which is a great way to better protect your site.
The file must be named:
.htaccess
File it in:
/public_html/wp-admin/.htaccess
And its content should be as below – but swapping in your IP address:
<FilesMatch ".*">
Order Deny,Allow
Deny from all
Allow from 12.34.567.890
</FilesMatch>
This will deny access to anyone that does not have the specific IP address to that directory.
