How to combat WordPress TrackBack Spam

By Kevin Muldoon | WordPress

Jul 22

At the end of last year BloggingTips was getting a lot of comment spam. Comment spam has thankfully reduced since then however in the last few weeks I have seen a big increase in the amount of trackback spam here (more than 30+ a day!). Trackback spam is a little more difficult to control than regular comment spam. Most are created automatically via bots and the links they use to promote their sex or prescription drugs website usually has offensive language in it so it’s important to delete it if you want to keep trackbacks on your blog (which I do).

From what I have gathered so far, the best way to do this is to rename your wp-comments-post.php file to something else as this is the file which most bots are programmed to look for. There are one or two good trackback spam plugins available, most notably Software Guides Simple Trackback Validation Plugin, however manually changing the name of your comments post file is the quickest, easiest and most effective way of dealing with this problem.

Thankfully, Everton Blair from Connected Internet wrote a very good guide on this a year or so ago. Here is what Everton did :

  1. He made a copy of my wp-comments-post.php file, which is in the the root of all WordPress installations
  2. He renamed this file wp-nospamcomments-post.php and uploaded it to the WordPress root directory
  3. He then removed all the content from wp-comments-post.php and left a message for spammers
  4. He then opened comments.php in my theme folder (wp-content/THEME FOLDER) and changed the following line: [sourcecode language=’html’] < form id=”commentform” method=”post” action=”/wp-comments-post.php”>
    [/sourcecode]

    to:
    [sourcecode language=’html’] < form id=”commentform” method=”post” action=”/wp-nospamcomments-post.php”>
    [/sourcecode]

Everton decided to leave a message to spammers who try and use the original wp-comments-post.php file however I don’t think this is necessary as the bots are automated so no one will ever see the message. All I did was rename my wp-comments-post.php to something else and then change the reference to it in my comments.php template.

If your blog is getting a lot of trackback spam then I recommend doing this. Just remember that you will need to rename the wp-comments-post.php again when you update your blog to the latest version of WordPress.

* Thanks to Everton at Connected Internet for his step by step guide on resolving this.

Follow

About the Author

Kevin Muldoon is a professional blogger with a love of travel. He writes regularly about topics such as WordPress, Blogging, Productivity and Social Media on his personal blog and provides support to bloggers at Rise Forums. He can also be found on Twitter @KevinMuldoon and .

David Hobson July 22, 2008

Thanks for the tip. Trackback spam seems to trebled in recent weeks.

Sarah July 22, 2008

I first changed the name of my wp-comments-post.php file about 2 years ago now. The spam was building up, even with Akismet catching most of it I'd rather it just not hit the database in the first place.

I renamed the file but I added a Redirect 410 in htaccess for the old file, so that bots to the file would get a 410 (Gone) and possibly assume WordPress was no longer on the domain.

Another option is also to modify one of the input names. Bots assume the names of the input fields are author, email, url and comment, so modify say 'author' to be 'authorname' and then alter this in the wp-comments-post.php file (it's right near the top) and you add an additional barrier for spam.

The only issue with this, and of course with the renaming, is that you have to remember to do it on every upgrade. Something I forget at times!

Kevin Muldoon July 22, 2008

You're completely right. I used to change a few things manually but it just makes updating more time consuming. For example, I used to make the login page more presentable and had the bloggingtips logo above it etc. However, it requires you to do it every time you upgrade.

I definately think theres a real need for WordPress to tackle trackback spam more effectively in their stable releases. Perhaps they can use some sort of random generator whereupon the comment submission file changes every day or something.

Kolia Shlapak July 30, 2008

Thanks for the advice Will give a try!

SEO Article Scribe August 12, 2008

I learn something new every time I visit. Thanks for the great post.

StumbleUpon August 16, 2008

Your post makes one think! Great article. Thanks for allowing me to comment!

backlinks August 16, 2008

First of all congratulation for such a great site. I learned a lot reading article here today. I will make sure i visit this site once a day so i can laern more.

managed hosting August 29, 2008

Nice post ! Do you have somekind of subscriber box where i can subscribe to this blog?

Web Design August 30, 2008

Really appreciate people writing quality articles like this, many thanks!

increase backlinks September 8, 2008

There are numerous ways to increase your website popularity and improve your SEO but increasing backlinks is probably the best

Wealth and Success September 11, 2008

Your post makes one think! Great article. Thanks for allowing me to comment!

Armastevs September 18, 2008

Hey man nice blog, just wanted to show some love

Nikolay_Sl September 23, 2008

Прикольно))

MM September 23, 2008

Взял себе :)

mva26 September 23, 2008

Ну жесть конечно…

ivan September 29, 2008

Забавно )

Egor September 29, 2008

дяяя….старая темка, но ми тут нету^^ даже если не по картинкам смотреть))) нету и фсё^_^

forum October 7, 2008

Thank you for article.

Kevin Muldoon October 15, 2008

Ironically, this post is being spammed very frequently too therefore comments have been removed.

none January 23, 2011

so how many comments here are just spamming for some backlinks?

Karen March 26, 2011

Hi Kevin,
I never really understood the idea of TrackBacks and went to Google looking for some explanation. I felt like I was getting a lot of spammy trackbacks at my blog and was wondering if there was a way to stop it. Some of the articles I read seemed to imply that TrackBacks are good for SEO for your blog. Do you find that to be the case? I can understand a legitimate TrackBack being good for my blog's traffic, but what about all the garbage that isn't related to my posts at all? Is there any possible benefit to allowing those through moderation? I can't seem to find a good answer about this. Thanks for your input.
~Karen

Prasenjit March 31, 2011

nice article.

Comments are closed