PureNews

PureNews is an amazingly sleek and powerful news theme with unlimited color variations.

View full feature list Check out the live demo Buy this theme today

How to combat WordPress TrackBack Spam

Posted by on 22nd Jul 2008 | 22 comments

At the end of last year BloggingTips was getting a lot of comment spam. Comment spam has thankfully reduced since then however in the last few weeks I have seen a big increase in the amount of trackback spam here (more than 30+ a day!). Trackback spam is a little more difficult to control than regular comment spam. Most are created automatically via bots and the links they use to promote their sex or prescription drugs website usually has offensive language in it so it’s important to delete it if you want to keep trackbacks on your blog (which I do).

From what I have gathered so far, the best way to do this is to rename your wp-comments-post.php file to something else as this is the file which most bots are programmed to look for. There are one or two good trackback spam plugins available, most notably Software Guides Simple Trackback Validation Plugin, however manually changing the name of your comments post file is the quickest, easiest and most effective way of dealing with this problem.

Thankfully, Everton Blair from Connected Internet wrote a very good guide on this a year or so ago. Here is what Everton did :

  1. He made a copy of my wp-comments-post.php file, which is in the the root of all WordPress installations
  2. He renamed this file wp-nospamcomments-post.php and uploaded it to the WordPress root directory
  3. He then removed all the content from wp-comments-post.php and left a message for spammers
  4. He then opened comments.php in my theme folder (wp-content/THEME FOLDER) and changed the following line:

    [sourcecode language='html'] < form id=”commentform” method=”post” action=”/wp-comments-post.php”>
    [/sourcecode]

    to:
    [sourcecode language='html']
    < form id=”commentform” method=”post” action=”/wp-nospamcomments-post.php”>
    [/sourcecode]

Everton decided to leave a message to spammers who try and use the original wp-comments-post.php file however I don’t think this is necessary as the bots are automated so no one will ever see the message. All I did was rename my wp-comments-post.php to something else and then change the reference to it in my comments.php template.

If your blog is getting a lot of trackback spam then I recommend doing this. Just remember that you will need to rename the wp-comments-post.php again when you update your blog to the latest version of WordPress.

* Thanks to Everton at Connected Internet for his step by step guide on resolving this.


Kevin Muldoon is a professional blogger with a love of travel. He writes regularly about topics such as WordPress, Blogging, Productivity and Social Media on his personal blog and provides support to bloggers at Rise Forums. He can also be found on Twitter @KevinMuldoon and .

22 comments - Leave a reply
  • Posted by David Hobson on 22nd Jul 2008

    Thanks for the tip. Trackback spam seems to trebled in recent weeks.

  • Posted by Sarah on 22nd Jul 2008

    I first changed the name of my wp-comments-post.php file about 2 years ago now. The spam was building up, even with Akismet catching most of it I'd rather it just not hit the database in the first place.

    I renamed the file but I added a Redirect 410 in htaccess for the old file, so that bots to the file would get a 410 (Gone) and possibly assume WordPress was no longer on the domain.

    Another option is also to modify one of the input names. Bots assume the names of the input fields are author, email, url and comment, so modify say 'author' to be 'authorname' and then alter this in the wp-comments-post.php file (it's right near the top) and you add an additional barrier for spam.

    The only issue with this, and of course with the renaming, is that you have to remember to do it on every upgrade. Something I forget at times!

  • Posted by Kevin Muldoon on 22nd Jul 2008

    You're completely right. I used to change a few things manually but it just makes updating more time consuming. For example, I used to make the login page more presentable and had the bloggingtips logo above it etc. However, it requires you to do it every time you upgrade.

    I definately think theres a real need for WordPress to tackle trackback spam more effectively in their stable releases. Perhaps they can use some sort of random generator whereupon the comment submission file changes every day or something.

  • Posted by Kolia Shlapak on 30th Jul 2008

    Thanks for the advice Will give a try!

  • Posted by SEO Article Scribe on 12th Aug 2008

    I learn something new every time I visit. Thanks for the great post.

  • Posted by StumbleUpon on 16th Aug 2008

    Your post makes one think! Great article. Thanks for allowing me to comment!

  • Posted by backlinks on 16th Aug 2008

    First of all congratulation for such a great site. I learned a lot reading article here today. I will make sure i visit this site once a day so i can laern more.

  • Posted by managed hosting on 29th Aug 2008

    Nice post ! Do you have somekind of subscriber box where i can subscribe to this blog?

  • Posted by Web Design on 30th Aug 2008

    Really appreciate people writing quality articles like this, many thanks!

  • Posted by increase backlinks on 8th Sep 2008

    There are numerous ways to increase your website popularity and improve your SEO but increasing backlinks is probably the best

  • Posted by Wealth and Success on 11th Sep 2008

    Your post makes one think! Great article. Thanks for allowing me to comment!

  • Posted by Armastevs on 18th Sep 2008

    Hey man nice blog, just wanted to show some love

  • Posted by Nikolay_Sl on 23rd Sep 2008

    Прикольно))

  • Posted by MM on 23rd Sep 2008

    Взял себе :)

  • Posted by mva26 on 23rd Sep 2008

    Ну жесть конечно…

  • Posted by ivan on 29th Sep 2008

    Забавно )

  • Posted by Egor on 29th Sep 2008

    дяяя….старая темка, но ми тут нету^^ даже если не по картинкам смотреть))) нету и фсё^_^

  • Posted by forum on 7th Oct 2008

    Thank you for article.

  • Posted by Kevin Muldoon on 15th Oct 2008

    Ironically, this post is being spammed very frequently too therefore comments have been removed.

  • Posted by none on 23rd Jan 2011

    so how many comments here are just spamming for some backlinks?

  • Posted by Karen on 26th Mar 2011

    Hi Kevin,
    I never really understood the idea of TrackBacks and went to Google looking for some explanation. I felt like I was getting a lot of spammy trackbacks at my blog and was wondering if there was a way to stop it. Some of the articles I read seemed to imply that TrackBacks are good for SEO for your blog. Do you find that to be the case? I can understand a legitimate TrackBack being good for my blog's traffic, but what about all the garbage that isn't related to my posts at all? Is there any possible benefit to allowing those through moderation? I can't seem to find a good answer about this. Thanks for your input.
    ~Karen

  • Posted by Prasenjit on 31st Mar 2011

    nice article.