02.20.05
One Way to Fight Trackback Spam
I’ve been using SpamKarma to fight comment spam on this blog, and it’s exceeded all of my expectations—thus far, it has caught every attempt at comment spam while yielding absolutely no false positives. My only complaint is that it has no real effect on trackback spam: there is experimental support for trackback spam filtering, but it hasn’t worked for me. One particular spammer has hit me once an hour, every hour, all day today.
But I managed to find, via this post on BloggingPro, a link to a trackback host verification plugin for WordPress. It compares the IP of an incoming trackback to the URL linked in the trackback, and if they don’t match, it puts the trackback in the moderation queue. Since most spammers submit their trackbacks from open proxies, and not from an actual working weblog, this should be enough to eliminate the vast majority of trackback spam. Pretty slick—makes one wonder why this isn’t a standard feature in every weblog system that accepts trackbacks.
The site the plugin is on is in German, but the plugin itself is in English. To install, just download the plugin file, change the extension from phps to php, and drop it in your plugins directory (from the WordPress root directory, it’s at wp-content/plugins/). Then, from the WordPress root, open up wp-includes/functions.php, find the function definition for trackback_response, and comment out the last line, die(); (that is, change it to // die();). Finally, go to the Plugins page in your WordPress control panel and activate the Trackback Host Verification plugin.
MichaelD Said:
February 21, 2005 at 12:48 pm
thanks for that find! Hopefully that will eliminate the problem or at least make the spammer look for easier prey. Not that I wish that on anyone though!
Jim Said:
October 25, 2006 at 9:56 am
I haven’t seen any more on your experiences with this plugin. Efficacious, useless, or somewhere in between?