How to combat WordPress TrackBack Spam
At the end of last year BloggingTips was getting a lot of comment spam. Comment spam has thankfully reduced since then however in the last few weeks I have seen a big increase in the amount of trackback spam here (more than 30+ a day!). Trackback spam is a little more difficult to control than regular comment spam. Most are created automatically via bots and the links they use to promote their sex or prescription drugs website usually has offensive language in it so it’s important to delete it if you want to keep trackbacks on your blog (which I do).
From what I have gathered so far, the best way to do this is to rename your wp-comments-post.php file to something else as this is the file which most bots are programmed to look for. There are one or two good trackback spam plugins available, most notably Software Guides Simple Trackback Validation Plugin, however manually changing the name of your comments post file is the quickest, easiest and most effective way of dealing with this problem.
Thankfully, Everton Blair from Connected Internet wrote a very good guide on this a year or so ago. Here is what Everton did :
- He made a copy of my wp-comments-post.php file, which is in the the root of all Wordpress installations
- He renamed this file wp-nospamcomments-post.php and uploaded it to the Wordpress root directory
- He then removed all the content from wp-comments-post.php and left a message for spammers
- He then opened comments.php in my theme folder (wp-content/THEME FOLDER) and changed the following line:
< form id=”commentform” method=”post” action=”/wp-comments-post.php”>
to:
< form id=”commentform” method=”post” action=”/wp-nospamcomments-post.php”>
Everton decided to leave a message to spammers who try and use the original wp-comments-post.php file however I don’t think this is necessary as the bots are automated so no one will ever see the message. All I did was rename my wp-comments-post.php to something else and then change the reference to it in my comments.php template.
If your blog is getting a lot of trackback spam then I recommend doing this. Just remember that you will need to rename the wp-comments-post.php again when you update your blog to the latest version of WordPress.
* Thanks to Everton at Connected Internet for his step by step guide on resolving this.
Written by Kevin Muldoon from Blog Themes ClubPosted on July 22nd, 2008 and filed under WordPress
Do not forget to subscribe to our RSS feed for updates
21 Responses to “How to combat WordPress TrackBack Spam”
Author comments are in a darker gray color for you to easily identify the posts author in the comments
Trackbacks
-
[...] Hopefully, I now have it under control thanks to BloggingTips.com. [...]
Comments are closed.
Comments are closed since this post is older than 30 days. However, you can continue this discussion in our popular Blogging Forums
Sponsors
Blogging Tips Newsletter
Sign up to the Blogging Tips Newsletter for Free today and get a free ebook!
Webmaster Corner
A collection of top Wordpress themes, Web hosting and resources available to web site owners.
|
Thanks for the tip. Trackback spam seems to trebled in recent weeks.
I first changed the name of my wp-comments-post.php file about 2 years ago now. The spam was building up, even with Akismet catching most of it I’d rather it just not hit the database in the first place.
I renamed the file but I added a Redirect 410 in htaccess for the old file, so that bots to the file would get a 410 (Gone) and possibly assume WordPress was no longer on the domain.
Another option is also to modify one of the input names. Bots assume the names of the input fields are author, email, url and comment, so modify say ‘author’ to be ‘authorname’ and then alter this in the wp-comments-post.php file (it’s right near the top) and you add an additional barrier for spam.
The only issue with this, and of course with the renaming, is that you have to remember to do it on every upgrade. Something I forget at times!
You’re completely right. I used to change a few things manually but it just makes updating more time consuming. For example, I used to make the login page more presentable and had the bloggingtips logo above it etc. However, it requires you to do it every time you upgrade.
I definately think theres a real need for WordPress to tackle trackback spam more effectively in their stable releases. Perhaps they can use some sort of random generator whereupon the comment submission file changes every day or something.
Thanks for the advice Will give a try!
I learn something new every time I visit. Thanks for the great post.
Your post makes one think! Great article. Thanks for allowing me to comment!
First of all congratulation for such a great site. I learned a lot reading article here today. I will make sure i visit this site once a day so i can laern more.
Nice post ! Do you have somekind of subscriber box where i can subscribe to this blog?
yes its at the top right hand side of the sidebar
http://www.bloggingtips.com/feed/.
Really appreciate people writing quality articles like this, many thanks!
There are numerous ways to increase your website popularity and improve your SEO but increasing backlinks is probably the best
Your post makes one think! Great article. Thanks for allowing me to comment!
Hey man nice blog, just wanted to show some love
Прикольно))
Взял себе
Ну жесть конечно…
Забавно )
дяяя….старая темка, но ми тут нету^^ даже если не по картинкам смотреть))) нету и фсё^_^
Thank you for article.
Ironically, this post is being spammed very frequently too therefore comments have been removed.