I have successfully locked down comment spam using several diff techniques that work for me. Over the weekend, like a few others I was hit by the magazine trackback spammer.
Though im messing with a few things to nip that potential problem in the bud -- another quick and dirty method occurred to me:
Since spammers know the name of the default files, wp-comment, wp-trackback, etc.. why not remame wp-trackback.php to something unique.. I renamed the file, and found the only 2 references to it (within functions.php and template-functions-comment.php) and changed those. A quick test to see if it worked resulted in a 404 (obviously not what I wanted)
I guess my question is why didnt that work? The RDF autodiscovery is what takes care of finding the trackback URL, and as long as ive renamed the file and any ref's to it to the same thing.. it *should* work, yes?
Has anyone else done this successfully? If so i would be interested in knowing exactly what they did.
thanks a ton!
wordpress 1.2.2 Mingus btw