As an update.
This did not stop the attack,
adding to htaccess:
<files wp-admin.php>
order deny,allow
deny from all
allow from my.ip.add.ress
</files>Also I tried deleting wp-login.php, but still am getting notifications from Life Traffic:
Kennesaw, United States attempted a failed login using an invalid username "admin".
IP: 66.56.51.99 [block]
Hostname: c-66-56-51-99.hsd1.ga.comcast.net
5 seconds ago
I'm not sure how that is possible...