As you all might know that the Admin directory of a default WordPress install is located at wp-admin folder. This folder contains all the administrator files and should be accessed by an administrators only. We can add a layer of security to this wp-admin folder or to our admin folder by creating a file named .htaccess inside the wp-admin folder ( How to create .htaccess file ? ). In this file add the following lines of code:
deny from all
#white list
allow from your_isp_static_ip
Instead of your_isp_static_ip please put in the IP address assigned to you by your ISP ( How to check your IP address ? ). If the IP address assigned to you by your ISP is dynamic in nature than also you can protect your admin folder. In that case instead of your_isp_static_ip put in the {xxx.yyy.zzz.aaa} where the expression in the curly bracket represents your IP address.In this do not put the entire IP address. Here first of all you have to check which part of your IP remains constant that is whether xxx remains constant and than check for yyy and so on. in most of the dynamic IP cases xxx part always remains constant. After checking which part of your IP address remains constant form a expression accordingly for example i am here assuming that for my IP xxx and yyy remains constant than instead of you_isp_static_ip put in xxx.yyy
In this way you can restrict access to your wp-admin folder and this securing it.