Finally, fix hacked wordpress site will inform you that there is no htaccess inside the directory. You may place a.htaccess record into this directory if you would like, and you can use it to handle this wp-admin directory from Ip Address address or address range. Details of how you can do this are plentiful around the internet.
Also, don't make the mistake of believing that your hosting company will have your back so far as WordPress backups go. Not always. It has been my experience that the company may or may not be doing backups while they say they do. Why take that kind of chance?
In case you ever wish to migrate your website elsewhere, like official website a new web host, you'd be able to pull this off without a hitch, and also without needing to disturb your old site until the new one was set up and ready to roll.
Now we're getting into matters. You have to rename it to config.php and alter the file config-sample.php, when you install WordPress. You need to set up the database facts there.
However, I recommend that you set up the Login LockDown plugin in place of any.htaccess website here controls. That will stop login requests from being allowed from a specific IP address for an hour. You may get into your admin panel whilst away from your workplace, and yet you still have great protection against hackers if you do so.