Proactively protecting your website from troublemaking hackers is an Internet Marketing Best Practice.
One simple hack that I use is to simply move my default WordPress admin login.
It’s harder to break into a house when you can’t find the front door!
To do this I use a WordPress plugin called WPS Hide Login. It allows you to change the default WordPress login location to anything you want.
WPS Hide Login is a very lightweight plugin. It doesn’t rename or change files in core, nor does it add rewrite rules. It simply intercepts page requests and works on any WordPress website.
After installation and activation the default wp-admin directory and wp-login.php page become inaccessible. Remember the new login URL you create! Deactivating the plugin brings your site back exactly to the state it was before.