At the end of last year BloggingTips was getting a lot of comment spam. Comment spam has thankfully reduced since then however in the last few weeks I have seen a big increase in the amount of trackback spam here (more than 30+ a day!). Trackback spam is a little more difficult to control than regular comment spam. Most are created automatically via bots and the links they use to promote their sex or prescription drugs website usually has offensive language in it so it’s important to delete it if you want to keep trackbacks on your blog (which I do).
From what I have gathered so far, the best way to do this is to rename your wp-comments-post.php file to something else as this is the file which most bots are programmed to look for. There are one or two good trackback spam plugins available, most notably Software Guides Simple Trackback Validation Plugin, however manually changing the name of your comments post file is the quickest, easiest and most effective way of dealing with this problem.
- He made a copy of my wp-comments-post.php file, which is in the the root of all WordPress installations
- He renamed this file wp-nospamcomments-post.php and uploaded it to the WordPress root directory
- He then removed all the content from wp-comments-post.php and left a message for spammers
- He then opened comments.php in my theme folder (wp-content/THEME FOLDER) and changed the following line:
[sourcecode language='html'] < form id=”commentform” method=”post” action=”/wp-comments-post.php”>
< form id=”commentform” method=”post” action=”/wp-nospamcomments-post.php”>
Everton decided to leave a message to spammers who try and use the original wp-comments-post.php file however I don’t think this is necessary as the bots are automated so no one will ever see the message. All I did was rename my wp-comments-post.php to something else and then change the reference to it in my comments.php template.
If your blog is getting a lot of trackback spam then I recommend doing this. Just remember that you will need to rename the wp-comments-post.php again when you update your blog to the latest version of WordPress.
* Thanks to Everton at Connected Internet for his step by step guide on resolving this.