killing trackback spam

WordPress Trackback Patch (1.22) by Elliott Back:

Since I’ve been getting a half-dozen trackback spam or more per day, I decide to code up the following to prevent botnets from placing trackback onto my blog.

I’ll give it a try. I don’t care that much about trackbacks but it will be interesting to see if his methods work.


— wp-trackback.old Sun Jun 4 22:45:56 2006
+++ wp-trackback.php Sun Jun 4 22:50:04 2006
@@ -4,7 +4,21 @@
if ( empty($doing_trackback) ) {
$doing_trackback = true;
$tb = true;
– require_once(‘wp-blog-header.php’);
+/* Find spam urls */
+preg_match(“/^(http://)?([^/]+)/i”, $excerpt, $matches);
+$urls = $matches;
+$urls[] = $tb_url;
+/* Make sure at least one URL resolves to spammer’s IP */
+$spammer = true;
+foreach($urls as $url){
+$host = parse_url($url)[“host”];
+if(gethostbyname($host) == $REMOTE_ADDR) {
+$spammer = false;
+}
+}
+/* If spammer, die */
+if($spammer) die();
+require_once(‘wp-blog-header.php’);
}

function trackback_response($error = 0, $error_message = ”) {

Leave a Reply

Your email address will not be published. Required fields are marked *