Finally, rename your login url to secure your wordpress website will also inform you that there's no htaccess inside the directory. You can place a.htaccess record in to this directory if you would like, and you can use it to handle this wp-admin directory from Ip Address address or address range. Details of how you can do that are plentiful around the net.
This is great news as it means that there's a strong community of developers and users who could improve the platform. Whenever there is a group there'll always be people who will attempt to take down them.
Yes, you want to do regular backups of your site. I recommend at least a weekly database backup and a monthly "full" backup. More, if possible. Definitely more, if you make additions and changes to your site. If you have a community of people that are in there all the time, or make changes multiple times every day, a daily backup should be a minimum.
Now we're getting into matters. You have to rename it to config.php and alter the file config-sample.php, when you install WordPress. You need to that site deploy the database facts there.
There is. People always know where they can login additional hints and additionally they could just visit your login form and try a different combination of user accounts and passwords out. So as to prevent this from happening you need to install Login Lockdown. It is a plugin that lets users attempt to login with a password three times. After that the IP address will be banned from the server look at this now for a specific timeframe.