The Way To Secure Your Wordpress BlogYou may well have heard all the buzz online about the attacks on WordPress security. Unfortunately this is no joke, and it needs to be taken very seriously, or all you've built could be hijacked or worse, lost to you.
fix hacked wordpress site will also inform you that there is not any htaccess inside the directory. You can put a.htaccess record in to this directory if you would like, and you can use it to manage usage of the wp-admin directory from Ip Address address or address range. Details of how you can do this are plentiful around the internet.
Protect your login credentials - Do not keep your login credentials where a hacker could locate them. Store them off, and even offline. Roboform is good for protecting them, also. Food for thought!
For me it's a WordPress plugin. They are drop dead easy to check my reference set up, have all the features you need for a task such as this, and are relatively cheap, especially when compared to having to employ someone to get this done for you.
Along with adding a secret key to your wp-config.php file, also think about changing your user password into something that is strong and unique. WordPress will tell you the strength of your password, but include amounts, use upper and lowercase letters, and a great idea is to avoid common phrases. It's also a good idea to change your password regularly - say once every you can try this out six months.
However, I advise that you install the Login LockDown plugin instead of any.htaccess controls. From being allowed after three failed login attempts from a certain IP address for one hour, login requests will stop. If you do that, you may still get into your admin panel whilst away from more info here your office, and yet you still have good protection against hackers.