3 posts by 2 authors in: Forums > CMS Builder Community
Last Post: October 28, 2017   (RSS)

I've been frustrated with Bots looking for a Wordpress wp-login.php page that doesn't exist on my site. I decided I'd mess with the bots a bit and put this little snippet together to get them off my site.

I created a PHP file named "wp-login.php" then added the code below.

<?php if ($_SERVER['PHP_SELF'] = '/wp-login.php'): ?>
<?php
    header("location: http://example.com/");
    exit();
    ?>
<?php endif; ?>

Here's another that sends them back to themselves if they/someone hits the "wp-login.php" file.

<?php
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
    $ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED'])) {
    $ip = $_SERVER['HTTP_X_FORWARDED'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} elseif (!empty($_SERVER['HTTP_FORWARDED_FOR'])) {
    $ip = $_SERVER['HTTP_FORWARDED_FOR'];
} elseif (!empty($_SERVER['HTTP_FORWARDED'])) {
    $ip = $_SERVER['HTTP_FORWARDED'];
} else {
    $ip = $_SERVER['REMOTE_ADDR'];
}
//echo $ip;
header('Location: http://'.$ip);
?>

Any thoughts on either of these? Pros VS Cons?

Zicky

Thanks Deborah!

much cleaner approach... I'm going to put your suggestion into action!

cheers, zicky