To protect your WordPress wp-admin folder from everyone else apart from you, you can add a htaccess file in the /wp-admin folder to allow only access from your IP address and everyone else will be denied and receive a ‘Page Not Found‘ 404 error.

This ensures no-one can even get to the login screen which is a great way to better protect your site.

The file must be named:

.htaccess

File it in:

/public_html/wp-admin/.htaccess

And its content should be as below – but swapping in your IP address:

<FilesMatch ".*">
 Order Deny,Allow
 Deny from all
 Allow from 12.34.567.890
</FilesMatch>

This will deny access to anyone that does not have the specific IP address to that directory.