fix wordpress malware fix will inform you that there's no htaccess inside the directory. You can put a.htaccess record into this directory if you would like, and you can use it to handle this wp-admin directory from Ip Address address or address range. Details of how you can do that are plentiful around the net.
A simple way to keep WordPress safe is to use a few tools. First of all, don't allow people run a web host security scan, to list the files in your folders and automatically backup your entire web hosting account.
Keep control of your online assets - Nothing is worse than getting your livelihood in the hands of someone else. Why take chances with something as important as your site?
Another step to take to make WordPress secure is to always upgrade WordPress. see this here The main reason for this is that there also come fixes for security holes that are older which anonymous makes it essential to update.
These are only a few. Great thing is that they don't need much time to do. These are also solutions, which can be carried out.