One of the first things we should do when we put a Joomla site into production is hide access to the administrator .
Nobody should access the /administrator folder of your website , neither curious, nor robots nor of course hackers. It is necessary to hide that folder for safety and also for a bit of modesty.
More info: https://algosemueve.es/en/something-about-it/asm-no-admin-joomla-4-plugin