Since scare tactics appear to be at least start considering the problem, or what drives some people to take rename your login url to secure your wordpress website a little more seriously, let me shoot a couple of scare tactics your way.
Don't depend on your internet host - Many men and women rely on their web this article host to"do all that technical stuff for me", not realizing that sometimesthey do not! Far better to have the responsibility lie rather than out.
A snap to move - If, for some reason, you want to relocate your website, such as a domain name change or a new web host, having your files at your fingertips can save you oodles of time, headache, and the need for tech help.
Now we are getting into matters specific to WordPress. You have to rename it to config.php and modify the document config-sample.php, when you install WordPress. You need to deploy the database facts there.
However, I recommend that you set up the Login LockDown plugin instead of any.htaccess controls. That will stop login requests from being allowed from a specific IP address for one hour after three unsuccessful login attempts. You can still get into your panel whilst away from your office, and yet you have protection against hackers if you do so.