put this code in your DOCUMENT_ROOT/.htaccess
file:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^shop\.example\.com$ [NC]
RewriteRule ^admin - [F,NC]
This will return forbidden error for all the http://shop.example.com/admin
requests.