All methods to protect the ADMIN PANEL + SITE!

[Dolphin]

Good morning, I would like to hear your views on this topic that I consider important for all of us... ADMIN PANEL SECURITY: 1) What general measures should we take to protect admin panels that are specific to site administrators and members? 2) How can we hide the panel link and ensure that only members know about it, or even prevent members from knowing or understanding it? (Ensuring it is not indexed by search engines is a must, of course.) Let's say our actual panel address and folder where the files are located is as follows; panel.websitename.com/real_folder/ Can we camouflage this using htaccess by giving it various fake names (regularly) without disrupting its operation? Can we change the panel address/folder to the following names once a month to make those who log in think they are in a non-existent folder? For example; panel.websitename.com/qwer12345u/ panel.websitename.com/panelll_1/ panel.websitename.com/islemlerrr/ panel.websitename.com/yetkili_alani_2022/ ... 3) What are your thoughts on implementing a two-step login system for the panel's root page with a password through htaccess (with conveying it to members) + standard login process? SITE SECURITY: * Would using SSL alone be sufficient, or should we also install cloudflare and similar services additionally? * If we are using PDO, is the risk of injection zero, or do we need to take additional precautions and write code & functions for this? * ... + Is there a master among us who can gather and share PHP CODES on a single page to protect against various attacks that can be made on the site? The list can be extended extensively, and I wanted to leave some room for you too... I would be glad if you also add your questions and answers you may know... I may update this initial message over time (especially based on your input)... Thank you...