Using Goatse to Stop App Theft | The Blog of Dr. Josh C. Simmons

I've done something similar with wp-admin.php on this site, either setting it to something gross or simply leaving the request in redirect hell. I'll have to be more clever in the future.