it's could be apply not just to wordpress. But to any or all blog platform that may be installed right into a server and shared host. so, Where do you turn via PHP coding or pluggin or any approach to secure your installation ?
Standing on a shared host is really a bad limitation. Jetski from you against setting up an internet application firewall like Mod_Security.
Here is a listing of things you can do to harden your Wordpress installation.
I guess you can customize the .htaccess file to deny permission to
/wp-admin* when the Ip does not match yours.
Limit use of ftp. With this, upload to server file .ftpaccess, and paste following code:
<Limit ALL> Deny from all Allow from Your.IP.Address </Limit>
Also, limit use of most significant files (like wordpress-login.php), uploading within the same folder file .htaccess:
<Files "wp-login.php"> Order Deny,Allow Deny from all Allow from Your.IP.Address </Files>