Messing with Bots

3 posts by 2 authors in: Forums > CMS Builder Community
Last Post: October 28, 2017   (RSS)

By Mikey - October 27, 2017

I've been frustrated with Bots looking for a Wordpress wp-login.php page that doesn't exist on my site. I decided I'd mess with the bots a bit and put this little snippet together to get them off my site.

I created a PHP file named "wp-login.php" then added the code below.

<?php if ($_SERVER['PHP_SELF'] = '/wp-login.php'): ?>
<?php endif; ?>

Here's another that sends them back to themselves if they/someone hits the "wp-login.php" file.

if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
    $ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
} elseif (!empty($_SERVER['HTTP_X_FORWARDED'])) {
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
} elseif (!empty($_SERVER['HTTP_FORWARDED_FOR'])) {
} elseif (!empty($_SERVER['HTTP_FORWARDED'])) {
} else {
    $ip = $_SERVER['REMOTE_ADDR'];
//echo $ip;
header('Location: http://'.$ip);

Any thoughts on either of these? Pros VS Cons?


By Mikey - October 28, 2017

Thanks Deborah!

much cleaner approach... I'm going to put your suggestion into action!

cheers, zicky