Here is some info on wordpress security plugins are helpful for protecting the admin login page from attackers:
All in One Security or Defender Security - allows you to whitelist specific IP addresses; have bruteforce protection and will block ips and ranges
Wordfence and Wordfence Login Security - allows you to put a captcha or 2FA (Two Factor Authentication) on your logins for Wordpress as well as a firewall
WPS Hide Login - no IP restriction functions but it does allow you to change the URL for the Wordpress login without modifying the site files so that hackers can't easily find the login page and hit it again and again trying to get in
