Method 1: Password Protect wp-admin with .htaccess (Apache)
sudo nano /var/www/html/wp-admin/.htaccessAdd:
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /etc/apache2/.htpasswd
Require valid-userCreate password file:
sudo htpasswd -c /etc/apache2/.htpasswd adminuserMethod 2: Restrict by IP (Nginx)
location /wp-admin {
allow 192.168.1.100;
deny all;
try_files $uri $uri/ /index.php?$args;
}Method 3: Rename wp-login.php (Plugin)
Use WPS Hide Login plugin.
Method 4: Limit Login Attempts
Install Limit Login Attempts Reloaded plugin.