Welcome to Geeklog Wednesday, June 19 2013 @ 08:20 AM EDT
We're probably not the only ones seeing a sharp increase in the amount of Trackback spam over the last couple of weeks. Trackbacks are a new feature in Geeklog 1.4.0 and we're still learning ...
So here's a first result of that learning process: A new version of the lib-trackback.php for Geeklog 1.4.0 that contains a few improvements to better fight Trackback spam:
For the Trackback speedlimit, there is a new config setting (please add that line to your config.php):
// min. time between trackbacks or pingbacks, in seconds
$_CONF['trackbackspeedlimit'] = 300;
So far, Geeklog used the comment speedlimit for Trackbacks, but you will probably want to use a much longer speedlimit in case of spam attacks (e.g. 5 minutes, as in the above example).
The speedlimit is now also checked sooner after a Trackback has been received and initiated immediately, which should further help against spam attacks.
Trackback spam rarely comes from a site that actually links back to your own site. So a huge portion of that spam can be caught automatically by checking if the referred site actually contains a link to your site or not. Again, that's a new config setting (please add that line to your config.php):
// whether to check if trackbacks actually link to us:
// 0 = don't check, 1 = check against $_CONF['site_url'], 2 = check full URL
$_CONF['check_trackback_link'] = 2;
Please note, however, that this check will take some time as it will actually try to read, i.e. download, the page referred in the Trackback and that it will also increase the load on your server. We suggest that you still try and keep your personal blacklist (in the Spam-X plugin) up to date. Geeklog will check for spam first and only check for backlinks as the last resort.
Installation is simple: Download the archive, unpack it, and replace the lib-trackback.php file on your server with the one from the archive. Then add the two new options to your config.php file (adjusting the values to your own needs, if necessary).
These changes have been backported from the current CVS version and will also be present in Geeklog 1.4.1.
Recently, I had to disable Trackback Commenting because of Spam. This site was getting slammed with a ton of garbage every hour. So, I had to turn the function off. But, thanks to the genius of Geeklog developers, we have a new securi... [read more]
Der ganze Trackback-Spam ging mir doch langsam ziemlich auf den Keks und Spam-X schafft auch nicht alles. Deswegen hatte ich mir schon überlegt einige grundlegenden Mechanismen selbst zu stricken und in meine Installation einzupflegen. Die Geeklogmache... [read more]
[...] http://www.guardian.co.uk/technology/blog/2011/feb/18/twitter-digital-media http://www.geeklog.net/article.php/fighting-trackback-spam http://dailycycle.co.uk/post/2010/01/21/Cracking-2010-entry-level-road-bikes-for-under-c2a3800.aspx [...] [read more]