User Functions


There are no upcoming events

What's New

Stories last 2 weeks

No new stories

Comments last 2 weeks

No new comments

Trackbacks last 2 weeks

No new trackback comments

Links last 2 weeks

No recent new links

Downloads last 2 weeks

No new files

Welcome to Geeklog Saturday, December 10 2016 @ 11:32 am EST

Fighting Trackback spam

  • Contributed by:
  • Views:

We're probably not the only ones seeing a sharp increase in the amount of Trackback spam over the last couple of weeks. Trackbacks are a new feature in Geeklog 1.4.0 and we're still learning ...

So here's a first result of that learning process: A new version of the lib-trackback.php for Geeklog 1.4.0 that contains a few improvements to better fight Trackback spam:

  • a separate speedlimit setting for Trackbacks
  • stricter handling of the speedlimit for Trackbacks
  • can optionally check if the site that sent the Trackback actually contains a link to your site
  • option to log rejected Trackbacks


For the Trackback speedlimit, there is a new config setting (please add that line to your config.php):

// min. time between trackbacks or pingbacks, in seconds
$_CONF['trackbackspeedlimit'] = 300;

So far, Geeklog used the comment speedlimit for Trackbacks, but you will probably want to use a much longer speedlimit in case of spam attacks (e.g. 5 minutes, as in the above example).

The speedlimit is now also checked sooner after a Trackback has been received and initiated immediately, which should further help against spam attacks.

Checking for links

Trackback spam rarely comes from a site that actually links back to your own site. So a huge portion of that spam can be caught automatically by checking if the referred site actually contains a link to your site or not. Again, that's a new config setting (please add that line to your config.php):

// whether to check if trackbacks actually link to us:
// 0 = don't check, 1 = check against $_CONF['site_url'], 2 = check full URL
$_CONF['check_trackback_link'] = 2;

Please note, however, that this check will take some time as it will actually try to read, i.e. download, the page referred in the Trackback and that it will also increase the load on your server. We suggest that you still try and keep your personal blacklist (in the Spam-X plugin) up to date. Geeklog will check for spam first and only check for backlinks as the last resort.


Installation is simple: Download the archive, unpack it, and replace the lib-trackback.php file on your server with the one from the archive. Then add the two new options to your config.php file (adjusting the values to your own needs, if necessary).

These changes have been backported from the current CVS version and will also be present in Geeklog 1.4.1.


Trackback URL for this entry:

Recently, I had to disable Trackback Commenting because of Spam.  This site was getting slammed with a ton of garbage every hour.  So, I had to turn the function off.  But, thanks to the genius of Geeklog developers, we have a new securi... [read more]

Der ganze Trackback-Spam ging mir doch langsam ziemlich auf den Keks und Spam-X schafft auch nicht alles. Deswegen hatte ich mir schon überlegt einige grundlegenden Mechanismen selbst zu stricken und in meine Installation einzupflegen. Die Geeklogmache... [read more]

[...] [...] [read more]

The following comments are owned by whomever posted them. This site is not responsible for what they say.

  • Fighting Trackback spam
  • Authored by:kingsley on Monday, June 12 2006 @ 04:12 pm EDT
Nice start folks! I was just about to give up and turn off trackbacks but it seems the good guy's have a plan too. So far so good with the new settings.

  • Fighting Trackback spam
  • Authored by:n4th4n on Thursday, June 15 2006 @ 07:37 pm EDT
This replacement file and settings has worked great for me, I haven't seen a single spam trackback get by as yet - but I see my SpamX log getting pretty long each day, so I must be under constant 'attack'. Are these 'bots? Are the constant submission attempts having an impact of server performance? I tried blocking the IPs, but it seems the bad guys have control of so many different computers that that is not really an option.
  • Fighting Trackback spam
  • Authored by:Robin on Monday, June 19 2006 @ 06:27 pm EDT
I would like to thank you for this update :)
After installing this I haven't seen any trackback spam for more than two weeks now.
Great job :D

Geeklog Polish Support Team
  • Fighting Trackback spam
  • Authored by:tingo on Tuesday, July 11 2006 @ 06:59 am EDT
Thanks a lot! I too was also ready to give up on trackbacks, when I found this.