nel j-esimo sito wordpress essi stanno cercando di entrare con delle credenziali inesistenti, appartenute a vecchi utenti ora cancellati: basta aggiungere all’array $fake_known_users il vostro (o i vostri) vecchi username, sperando che i bot capiscano l’antifona.
/* Redirect fail login attempts for known non-existent users to honeypots.net Copyright (C) 2016 Valerio Vendrame (lelebart) http://www.valeriovendrame.it/ This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. kudos: Pinky_McFly from #wordpress IRC channel for help me to find out wp_login_failed function Gabriel and palash140 for answering to that question http://wordpress.stackexchange.com/a/183208 */ add_action( 'wp_login_failed', function( $username ) { $fake_known_users = array( 'admin', 'administrator' ); if ( in_array( $username, $fake_known_users ) ) { header("Location: http://www.honeypots.net/"); exit; } } );