Resources

Getting started

Support

Development

Topics

User Functions

Events

There are no upcoming events

What's New

Stories

No new stories

Comments last 2 weeks


Trackbacks last 2 weeks

No new trackback comments

Links last 2 weeks

No recent new links

NEW FILES last 14 days

No new files

Welcome to Geeklog Wednesday, June 19 2013 @ 08:20 AM EDT

> >

Fighting Trackback spam

Spam
  • Sunday, June 04 2006 @ 04:40 AM EDT
  • Contributed by:
  • Views:
    23,404

We're probably not the only ones seeing a sharp increase in the amount of Trackback spam over the last couple of weeks. Trackbacks are a new feature in Geeklog 1.4.0 and we're still learning ...

So here's a first result of that learning process: A new version of the lib-trackback.php for Geeklog 1.4.0 that contains a few improvements to better fight Trackback spam:

  • a separate speedlimit setting for Trackbacks
  • stricter handling of the speedlimit for Trackbacks
  • can optionally check if the site that sent the Trackback actually contains a link to your site
  • option to log rejected Trackbacks

Speedlimit

For the Trackback speedlimit, there is a new config setting (please add that line to your config.php):

// min. time between trackbacks or pingbacks, in seconds
$_CONF['trackbackspeedlimit'] = 300;

So far, Geeklog used the comment speedlimit for Trackbacks, but you will probably want to use a much longer speedlimit in case of spam attacks (e.g. 5 minutes, as in the above example).

The speedlimit is now also checked sooner after a Trackback has been received and initiated immediately, which should further help against spam attacks.

Checking for links

Trackback spam rarely comes from a site that actually links back to your own site. So a huge portion of that spam can be caught automatically by checking if the referred site actually contains a link to your site or not. Again, that's a new config setting (please add that line to your config.php):

// whether to check if trackbacks actually link to us:
// 0 = don't check, 1 = check against $_CONF['site_url'], 2 = check full URL
$_CONF['check_trackback_link'] = 2;

Please note, however, that this check will take some time as it will actually try to read, i.e. download, the page referred in the Trackback and that it will also increase the load on your server. We suggest that you still try and keep your personal blacklist (in the Spam-X plugin) up to date. Geeklog will check for spam first and only check for backlinks as the last resort.

Installation

Installation is simple: Download the archive, unpack it, and replace the lib-trackback.php file on your server with the one from the archive. Then add the two new options to your config.php file (adjusting the values to your own needs, if necessary).

These changes have been backported from the current CVS version and will also be present in Geeklog 1.4.1.

What's Related

Story Options

Trackback

Trackback URL for this entry:
http://www.geeklog.net/trackback.php/fighting-trackback-spam

Here's what others have to say about 'Fighting Trackback spam':

Recently, I had to disable Trackback Commenting because of Spam.  This site was getting slammed with a ton of garbage every hour.  So, I had to turn the function off.  But, thanks to the genius of Geeklog developers, we have a new securi... [read more]

Der ganze Trackback-Spam ging mir doch langsam ziemlich auf den Keks und Spam-X schafft auch nicht alles. Deswegen hatte ich mir schon überlegt einige grundlegenden Mechanismen selbst zu stricken und in meine Installation einzupflegen. Die Geeklogmache... [read more]

[...] http://www.guardian.co.uk/technology/blog/2011/feb/18/twitter-digital-media http://www.geeklog.net/article.php/fighting-trackback-spam http://dailycycle.co.uk/post/2010/01/21/Cracking-2010-entry-level-road-bikes-for-under-c2a3800.aspx [...] [read more]

The following comments are owned by whomever posted them. This site is not responsible for what they say.

  • Fighting Trackback spam
  • Authored by:kingsley on Monday, June 12 2006 @ 04:12 PM EDT
Nice start folks! I was just about to give up and turn off trackbacks but it seems the good guy's have a plan too. So far so good with the new settings.

-E
  • Fighting Trackback spam
  • Authored by:n4th4n on Thursday, June 15 2006 @ 07:37 PM EDT
This replacement file and settings has worked great for me, I haven't seen a single spam trackback get by as yet - but I see my SpamX log getting pretty long each day, so I must be under constant 'attack'. Are these 'bots? Are the constant submission attempts having an impact of server performance? I tried blocking the IPs, but it seems the bad guys have control of so many different computers that that is not really an option.
  • Fighting Trackback spam
  • Authored by:Robin on Monday, June 19 2006 @ 06:27 PM EDT
I would like to thank you for this update :)
After installing this I haven't seen any trackback spam for more than two weeks now.
Great job :D

---
Geeklog Polish Support Team
  • Fighting Trackback spam
  • Authored by:tingo on Tuesday, July 11 2006 @ 06:59 AM EDT
Thanks a lot! I too was also ready to give up on trackbacks, when I found this.

Post a Comment

Your Name
Create Account
Allowed HTML Tags:
<p>, <b>, <strong>, <i>, <a>, <em>, <br>, <tt>, <hr>, <li>, <ol>, <ul>, <code>, <pre>, [code], [raw], [page_break], [staticpage:]InformationInformation[staticpage: id alternate title] - Displays a link to a static page using the static page title as the title. An alternate title may be specified but is not required. , [event:]InformationInformation[event: id alternate title] - Displays a link to an Event Link from the Calendar using the Event Title as the title. An alternate title may be specified but is not required. , [poll:]InformationInformation[poll: id alternate title] - Displays a link to a poll using the Poll Topic as the title. An alternate title may be specified but is not required. , [link:]InformationInformation[link: id alternate title] - Displays a link to a Link from the Links Plugin using the Link Title as the title. An alternate title may be specified but is not required. , [faq:], [forum:]InformationInformation[forum: id alternate title] - Displays a link to a forum topic using the text 'here' as the title. An alternate title may be specified but is not required. , [file:], [story:]InformationInformation[story: id alternate title] - Displays a link to a Story using the Story Title as the title. An alternate title may be specified but is not required. , [user:]InformationInformation[user: name alternate title] - Displays a link to a User using the Username as the title. An alternate title may be specified but is not required.
 

Security code
This question is for testing whether you are a human visitor and to prevent automated spam submissions.

What code is in the image?
Enter the bolded text, case sensitive!
Important Stuff
  • Please try to keep posts on topic.
  • Try to reply to other people comments instead of starting new threads.
  • Read other people's messages before posting your own to avoid simply duplicating what has already been said.
  • Use a clear subject that describes what your message is about.
  • Your email address will NOT be made public.