There are many sophisticated ways to hack a WordPress website. But not every hacker uses advanced techniques to try to get around your defenses. In fact, many rely on brute force attacks to hack sites. Protecting your wp-login.php and admin pages with plugins such as Stealth Login Page will allow you to thwart basic hack attacks.
Stealth Login Page lets you protect your login page by automatically redirecting those attempting to access it to a customizable URL. That way only those who are authorized will be able to access your login page. You have the option to change the required strings and email the login URL to the admin. Webmasters have the option to disable this plugin at any time.
I still prefer using IP restrictions to keep people from reaching my login and admin pages. But Stealth Login Page does offer basic protection for your site and is easy to implement.