Three months ago, we released an update for Geeklog's Trackback handling that stopped Trackback spam by simply checking if the site in the Trackback URL was actually linking to your site. At least one spammer has now figured out how to circumvent that check and so it's time for the next round ...

Yet another update for Geeklog's lib-trackback.php is now available for download. This is a drop-in replacement for the lib-trackback.php of all Geeklog 1.4.0 releases (up to and including 1.4.0sr5-1).

Note: The download link was still pointing to the old file. If you downloaded it before September 15th, 2006 2 PM EDT, please download it again to get the correct version!

This new version can now also check the IP address of the Trackback against the IP address of the site in the Trackback's URL. And if those two don't match, it is most likely a spam post and can be rejected.

Please note that the interpretation of the config option $_CONF['check_trackback_link'] has changed slightly: You can now add up the values to perform more than one check:

0 = no check,
1 = check if the site links to $_CONF['site_url'] somehow,
2 = check that the site links to the exact URL the Trackback was sent to (e.g. an article on your site),
4 = new: check that the IP address the Trackback came from matches the IP address the linking site resides on

And if you want to check both the link and the IP address, you simply set $_CONF['check_trackback_link'] to 2 + 4 = 6, i.e.

$_CONF['check_trackback_link'] = 6;

(Note: Using both 1 and 2 doesn't make a lot of sense, obviously, and will be treated as if you only chose 2)

Please note that even this additional check can be worked around. So it's always a good idea to have some other defenses in place as well.

Comments (2)