One effective option to reducing the risk of a security breach on the Admin folder is by limiting the IP addresses that can access it via an htaccess file. This is for Apache Web Servers.
Creat a new blank documentin your favorite text our source code editor. Save that file with the name : .htaccess
1. Find your IP address via this site, What is My IP Address
2. Place the following directives in .htaccess file
AuthUserFile /dev/null AuthGroupFile /dev/null AuthName "Admin Access Control" AuthTypeBasic <LIMIT GET> order deny, allow deny from all #white list IP allow from xxx.xxx.xxx.xxx </LIMIT>
3. Upload .htaccess file to Admin folder. Do not upload it to root folder
This option is nice and tightens the security, but its’ inconvenient if you work from multiple locations with different IP addresses or non-static IP environment