WordPress.org

Ready to get started?Download WordPress

Forums

Possible Trackback Spam fix suggestion? (13 posts)

  1. thepete
    Member
    Posted 9 years ago #

    This was just a thought, but if each of us changed the file name of our wp-trackback.php file (and changed all references to said file to its new name in the WP-files), would that stop trackback spam? I'm guessing that the only way the spambots know that the URI for the trackback is the trackback URI, is because it has the word "trackback" in it. I am somewhat of a n00b when it comes to programming so I may be completely wrong here.

    If this concept would work, perhaps we could see something in a future version of WP that would automate this process (at least partially). Just a thought, here.

    If that wouldn't work, could we just hide the trackback URI inside a link tag? Again, I'm new to this side of things and am a little fuzzy on how spambots work. I look forward to any thoughts/flames.

  2. Kafkaesqui

    Posted 9 years ago #

    "This was just a thought, but if each of us changed the file name of our wp-trackback.php file (and changed all references to said file to its new name in the WP-files), would that stop trackback spam?"

    This is also used to stop comment spam. It can work (as the simplest method for a spam tool to throw you a trackback would be to know the file's name instead of having to trawl for trackback URLs), but only temporarily.

    For those using custom permalinks, it would also require modifying the WordPress source, so WP knows the filename.

    As for other tricks in hiding it, those would eventually be subjected to *the trawl*.

    A good thing to keep in mind is that we may not stop spammers (short of strong comment registration, turning off trackbacks, and other stringent methods of shoring up), but we can keep ahead of them.

  3. thepete
    Member
    Posted 9 years ago #

    Then, if the process of changing the trackback link was automated inside of WP, couldn't it just be changed again? I'm just getting tired of having to delete the trackbacks from my moderation queue. Would be nice if we could at least have a way to comments/trackbacks with certain words in them or comments/trackbacks from certain IPs or authors instead of having them dump into moderation.

    Again, just some thoughts.

  4. Nick Momrik
    Member
    Posted 9 years ago #

    There are plugins out there that do just that pete.

    And with 1.5 there's a blacklist built right into WP to vaporize any comment/tb/pb with the words you specify.

  5. PaulV
    Member
    Posted 9 years ago #

    Well now it seems the spammers have moved to porn. Bloody fantastic. I actually had spam nailed with a platoon of different plugins and hacks with 1.21, now that I have upgraded to 1.5 it back and they have hit the throtle much harder this time.

    Have we actually got ONE solution for this rubbish for 1.5. I know we have the black list and the other one that nukes posts with what ever keywords are in it. But enabling registers users may only post a comment does not work as I would think it would. One still has to clean out the moderation folder every day and now because of the volume, I have turned off email notification...

    Anyone....?

    cheers
    Paul V

  6. PaulV
    Member
    Posted 9 years ago #

    Perhaps using the Robots text file in the root of WP and disallowing them access to comments?? Dont know really but putting the comments.php file in its own folder, changing the address reference to it in the other pages and

    disallow - what ever the folder name is?

    It may be crap idea as I know nothing about what I am saying but...

    just throwing stuff about here...

    cheers
    Paul V

  7. Only legitimate robots obey robots.txt. Spam bots are not legitimate robots. Your golden solution is Spam Karma: http://unknowngenius.com/blog/wordpress/spam-karma/

  8. pezastic
    Member
    Posted 9 years ago #

    I love Spam Karma for preventing spam comments, but it isn't doing diddley squat for preventing spam trackbacks.

  9. PeterStephens
    Member
    Posted 9 years ago #

    "A good thing to keep in mind is that we may not stop spammers (short of strong comment registration, turning off trackbacks, and other stringent methods of shoring up), but we can keep ahead of them."

    Commenters on my site must be members, and I've turned off pingbacks and trackbacks. But I still get spam on 1.5. Any ideas?

  10. joeedmon
    Member
    Posted 9 years ago #

    Try Refer Karma. I haven't used it yet, but it should be modifiable to be used with trackbacks. The reason I haven't used it yet is because it hasn't been an issue since I into my .htaccess file.

  11. Referrer Karma does not protect trackbacks, nor does it protect comments. Its original intent was to keep your statistics and logs free of referrer spam. It only blocks certain referrers from visiting your site. As such, it will also block some spam bots. I would recommend Referrer Karma, as it has cut my spam from 80+ per day to 3 at most, but keep in mind that it does not protect comments and trackbacks directly.

  12. joeedmon
    Member
    Posted 9 years ago #

    Referrer Karma will actually help out with trackbacks. You can include RK on your trackback page, and any other PHP page that you want protected. If a computer is flagged by RK as a spammer then RK will block the IP for whatever time you have set up. This has nothing to do with what type of page is being accessed. It is just tracking behavior and making a decision based on that.

    The blocking occurs in the .htaccess file so your whole site is protected for the time period, regardless of the spammer's entry point. It started out as a way to keep logs clean and is actually much more useful. Also check out this article by Tom Raftery.

  13. lokjah
    Member
    Posted 9 years ago #

    ref karma hasnt done a thing to help my recent refs, the logs say it blocked attempts yet they all show up in my recent refs stats..

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.