Seems doable - my first thought would be to use an esp c6 that supports WiFi 6 and wpa3, and im sure I’ve seen some people bit bang fast ethernet from a microcontroller and bridge that to the WiFi.
My main problem is that I have wpa2 iot devices that don’t have Ethernet ports, so they won’t connect to my ssid which has 6ghz enabled and thus is forced by my router manufacturer to be in wpa3 only mode.
Either that or charging a micro transaction for loading the page. But yeah the goal is to make it cost a small amount that is insignificant to a regular user but adds up to a huge amount at the scale of a spam farm. And it’s also the same rationale behind hashing passwords with multiple rounds. It adds a tiny lag when you log in correctly but adds an insane amount of work if you’re checking every phrase in a password cracking dictionary using an offline attack because it adds up. (In the online scenario you just block them after a few attempts)