Combatting WordPress Trackback Spam

I have blogged with boring regularity about my battles with WordPress comment spam and my ultimate defeat of it using the Authimage plugin.

This morning I was hit by a new plague (new to me anyway!), trackback spam. TrackBack spam is very similar to comment spam. The spammer sends TrackBack pings to this site, they are listed in the comments area, and they direct readers to a totally unrelated URL. Also, if listed, they increase the target site’s Google Page Rank (PR).

My first response has been to rename the wp-trackback.php file to see if this will stop this scourge. To ensure genuine trackbacks can still get through, I had to edit the reference to wp-trackback.php in the template-functions-comment.php file. This is not a foolproof solution, I realise, but I will re-assess the situation over the coming weeks and see if more drastic measures need to be taken.

Why do I have a horrible sense of foreboding?

9 thoughts on “Combatting WordPress Trackback Spam”

  1. you can block them in your htaccess with:

    RewriteCond %{HTTP:VIA} ^.+pinappleproxy
    RewriteRule .* – [L,F]

    i have a workpress plugin that does the same thing if you are interested.

  2. Cindy, thanks for the comment.

    One point to note, the RewriteRule in your code should only be used where it is the last line in the .htaccess file because of the inclusion of the L in the square brackets (the L is the code for Last rule).

    Anything after the L in the .htaccess file is ignored.

    To use the code in places other than the last line use the code:
    RewriteCond %{HTTP:VIA} ^.+pinappleproxy
    RewriteRule .* – [F]

  3. Interesting Niall – I’d be interested to hear how you get on with it. I have reservations about it because I feel it will leave comments through into the moderation queue – and I will have to go through these manually deleting them. The beauty of AuthImage, for me, is that the spam comments never make it to the moderation queue.

    And I’m on WordPress 1.2.2 not 1.5 beta.

    Let me know how it goes for you.

  4. Antonio,

    I agree with you completely, unfortunately!

    In English, we would say it is a constant game of leap-frog.

    Thanks for stopping by,


  5. I’m a little confused about Trackback spam problem. I installed Authimage after I got tired of cleaning out my comment moderation queue. Since, I haven’t gotten a single spam. But now I’ve gotten a few emails about trackbacks from the same jerk. But I don’t see that those appear anywhere on my blog. Not in the comments, of even embedded in the HTML source as meta tags or something. So, what is the problem? I’m missing the whole point. Did I disable all trackbacks accidently? I don’t know how to do a trackback, so I can’t test it. But I have had a few track backs to these post on my blog here and here. Tell me if I’m missing something.

    Oh, I did find the quotes from those trackbacks in my moderation queue. So it looks like the filtering in my “Options>Discussion” are working on trackbacks too. I use WordPress 1.2.2

  6. Richard,

    when you say you have gotten a few emails, do you mean that you are getting mails telling you that there are trackbacks in the moderation queue? Is so, that is no problem, simply delete them.

    If you are still confused, I wrote a follow-up post to this one which has more info on trackback spam read it and if you are still unsure, feel free to comment again or contact me directly.

Comments are closed.