fix wordpress malware plugin will even tell you that there is no htaccess from the wp-admin/ directory. You can put a.htaccess file into this directory if you desire, and you can use it to control access by IP address to the directory or address range. Details of how to do that are available on the net.
This is fantastic news because it means that there's a community of developers and users who can improve the platform. However there is a group there'll always be people who will try to take them down.
A snap to move - If, for look at more info some reason, you want to relocate your website, such as a domain name change or a new hosting company, having your files at your fingertips can save you oodles of time, headache, and the demand for tech help.
Another step to take to make WordPress more secure is to always upgrade WordPress to the latest version. The main reason behind this is that with each upgrade there also come fixes for security holes that are old making it essential to update early.
Do your homework and some hunting, but if you are pressed for time and need to get this try the WordPress safety plugin Check Out Your URL that I use. It's a relief to know that my website (and business!) are secure.