Finally, clean hacked wordpress site will also inform you that there is not any htaccess within the directory. You can place a.htaccess record into this directory if you would like, and you can use it to manage usage of this wp-admin directory from Ip Address address or address range. Details of how you can do this are plentiful around the net.
Truth is, there is no way if your site is targeted by a capable master of the script. What you are about to read below are some measures you can take to minimize the risk. Odds are a hacker would prefer picking another if your WordPress site is well protected.
Move your wp-config.php file up one directory from the WordPress root. WordPress will look for it if have a peek here it can't be found in the root directory. Additionally, nobody else will be able to read the file unless they've FTP or SSH access.
Note that you should only try this step for setups. If you might like to do it for installations, you will also have to change all of the table names inside the database.
But realize that security is something you really need to start thinking about. Do click reference not just be the type, take steps to start today protecting yourself. Don't let Joe the Hacker make your life miserable and turn all that you've worked so hard in creating come crashing down in a matter of seconds.