All PHP script programs have an administrator page. To make the admin folder rock solid and prevent someone from accessing from a non-standard point you can lock the admin folder and force all users to have to log in into the folder as well as the software. This can typically be done on hosting control panel. Typically all hosting providers have some form of folder locking. Use a username that would be universal for all the staff and not to use your personal username. Now the password you need to read my article about passwords.
So now if anyone attempts to use any file or folder below this point the user will be forced to log in to access even the folder or file. From a PHP aspect, this prevents hackers from attempting to find a file without login and accessing the software. My example above is a fictitious folder, username, and password.