Resources

Getting started

Support

Development

Topics

User Functions

Events

There are no upcoming events

What's New

Stories

No new stories

Comments last 2 weeks

No new comments

Trackbacks last 2 weeks

No new trackback comments

Links last 2 weeks

No recent new links

NEW FILES last 14 days

No new files

Welcome to Geeklog Wednesday, May 22 2013 @ 04:09 PM EDT

> >

Fighting Trackback spam, round 2

Spam
  • Sunday, September 10 2006 @ 02:55 PM EDT
  • Contributed by:
  • Views:
    17,738

Three months ago, we released an update for Geeklog's Trackback handling that stopped Trackback spam by simply checking if the site in the Trackback URL was actually linking to your site. At least one spammer has now figured out how to circumvent that check and so it's time for the next round ...

Yet another update for Geeklog's lib-trackback.php is now available for download. This is a drop-in replacement for the lib-trackback.php of all Geeklog 1.4.0 releases (up to and including 1.4.0sr5-1).

Note: The download link was still pointing to the old file. If you downloaded it before September 15th, 2006 2 PM EDT, please download it again to get the correct version!

This new version can now also check the IP address of the Trackback against the IP address of the site in the Trackback's URL. And if those two don't match, it is most likely a spam post and can be rejected.

Please note that the interpretation of the config option $_CONF['check_trackback_link'] has changed slightly: You can now add up the values to perform more than one check:

0 = no check,
1 = check if the site links to $_CONF['site_url'] somehow,
2 = check that the site links to the exact URL the Trackback was sent to (e.g. an article on your site),
4 = new: check that the IP address the Trackback came from matches the IP address the linking site resides on

And if you want to check both the link and the IP address, you simply set $_CONF['check_trackback_link'] to 2 + 4 = 6, i.e. 

$_CONF['check_trackback_link'] = 6;

(Note: Using both 1 and 2 doesn't make a lot of sense, obviously, and will be treated as if you only chose 2)

Please note that even this additional check can be worked around. So it's always a good idea to have some other defenses in place as well.

What's Related

Story Options

Trackback

Trackback URL for this entry:
http://www.geeklog.net/trackback.php/fighting-trackback-spam-2

Here's what others have to say about 'Fighting Trackback spam, round 2':

[...] http://www.tglmia.com http://www.seo-smo.net/2010/02/02/tips-to-use-twitter-for-business http://www.geeklog.net/article.php/fighting-trackback-spam-2 http://www.remember-me-gifts.com [...] [read more]

The following comments are owned by whomever posted them. This site is not responsible for what they say.

  • Fighting Trackback spam, round 2
  • Authored by:imacdonald75 on Friday, September 15 2006 @ 01:47 PM EDT
I am not sure that the file posted is the most recent one. The tar file contains files dated from June and the README doesn't mention the new settings.
  • Fighting Trackback spam, round 2
  • Authored by:Dirk on Friday, September 15 2006 @ 02:16 PM EDT

I'm afraid you're right. Somehow, the file management plugin doesn't seem to want to replace the old file when I upload the new one. I've replaced it manually now and you should really get the correct tarball now (9873 bytes instead of the 9401 of the old one).

Sorry about that - that's what you get when you don't double-check things :-/

bye, Dirk

Post a Comment

Your Name
Create Account
Allowed HTML Tags:
<p>, <b>, <strong>, <i>, <a>, <em>, <br>, <tt>, <hr>, <li>, <ol>, <ul>, <code>, <pre>, [code], [raw], [page_break], [staticpage:]InformationInformation[staticpage: id alternate title] - Displays a link to a static page using the static page title as the title. An alternate title may be specified but is not required. , [event:]InformationInformation[event: id alternate title] - Displays a link to an Event Link from the Calendar using the Event Title as the title. An alternate title may be specified but is not required. , [poll:]InformationInformation[poll: id alternate title] - Displays a link to a poll using the Poll Topic as the title. An alternate title may be specified but is not required. , [link:]InformationInformation[link: id alternate title] - Displays a link to a Link from the Links Plugin using the Link Title as the title. An alternate title may be specified but is not required. , [faq:], [forum:]InformationInformation[forum: id alternate title] - Displays a link to a forum topic using the text 'here' as the title. An alternate title may be specified but is not required. , [file:], [story:]InformationInformation[story: id alternate title] - Displays a link to a Story using the Story Title as the title. An alternate title may be specified but is not required. , [user:]InformationInformation[user: name alternate title] - Displays a link to a User using the Username as the title. An alternate title may be specified but is not required.
 

Security code
This question is for testing whether you are a human visitor and to prevent automated spam submissions.

What code is in the image?
Enter the bolded text, case sensitive!
Important Stuff
  • Please try to keep posts on topic.
  • Try to reply to other people comments instead of starting new threads.
  • Read other people's messages before posting your own to avoid simply duplicating what has already been said.
  • Use a clear subject that describes what your message is about.
  • Your email address will NOT be made public.