block hacker

I'm sure there is a better way to do the following. My aim was to stop a hack attempt at the very start, so in routes, at the very top, I have

Code:

$sUrl = strtolower(uri_string());
if(str_starts_with($sUrl,'wp-')  || str_starts_with($sRUrl,'admin')  || str_starts_with($sUrl,'view-')   || str_starts_with($sUrl,'misc/')){
    // definite hacker - set default controller to Controllers/Home which shows simply "Site Under Construction"
    $routes->get('(:any)',$sHackerController );
    $routes->post('(:any)', $sHackerController);
    $routes->put('(:any)', $sHackerController);
    $routes->delete('(:any)', $sHackerController);
    service('auth')->routes($routes);
    return;
}
// and then come the proper routes

what is the right way to do this?
thanks, Bill