Hackers often use automated scripts to check if a site is running WordPress by simply calling https://yoursite.com/wp-admin and this will let them know you’re running WordPress. You can redirect any calls to https://yoursite.com/wp-admin to your home page adding the following to the functions.php for your theme at wp-content/themes/yourtheme.
add_action( 'wp_loaded', 'redirect_to_home', 9);
function redirect_to_home() {
if ( is_admin() && ! is_user_logged_in() && ! defined( 'DOING_AJAX' ) ) {
wp_redirect( get_site_url() );
exit;
}
}