To secure your admin area from hackers, you should only allow access to your admin directory from selected IP addresses. You can create a dot htaccess file in the directory where you want to restrict access to specific IP addresses.

For example, if you have a WordPress blog installed on your main directory and you log in via cloudwafer.com/blog/wp-admin, you should create an htaccess file in /wp-admin/.htaccess and put the following code into it. Please, don’t forget to replace the allowed IP address with your IP address.

order deny, allow
deny from all
allow from YOUR-IP-ADDRESS-HERE

Replace the Your-IP-Address-Here text with your IP address.

You can test this by accessing the wp-admin directory from another IP address, not mentioned in your htaccess file.