Your WordPress login page is one of the most important pages on your website. If you don’t have a strong password, hackers can break through your defenses and do your site great harm. Limiting access to the WordPress login page by IP is a very good idea. You could also hide or rename the page to make it harder for people to find it:
Custom Login: a simple plugin that allows you to customize your login screen easily. You can obscure your login URL using the Stealth login feature.
Don’t assume for a second that if you hide your login page or WordPress URLs, your site is going to be completely safe from hack attacks. Keeping your site secure is an ongoing process. You still need to backup your site, harden your server, and do a whole lot more to keep hackers at bay.