You can secure your eCommerce installation more by doing the following:
Change Admin Login URL
By default, eCommerce Suite already generates a random admin login URL for security. It looks like the following:
If you’d like to change it to something else, you can edit the define statement in /application/config/config.php:
Change that to a different alphanumeric string as you see fit.
Rename Your Admin Folder
To protect the rest of admin page URLs, you can change the name of your admin folder. To do that you can edit the define statement in /application/config/config.php:
Once you have changed that, you need to manually rename the jroxadmin folder in your eCommerce Suite installation in /application/controllers to the one you set in the ADMIN_ROUTE define statement.