1. I set a WordPress honeypot for brute force attacks – here’s what I learned