Spam Wars: Part 3 – WordPress

with No Comments

Lately I have been seeing an increase in trackback spam. Trackback spam is generated by programs that are trying to get a link on your site (from your site to their site) by claiming they have a link to your site – when they don’t.

To be honest, I do not want to be giving trackback links to most people.

The way trackbacks work is – another site that is actually linking to your post in their blog – a related site – writes a blog entry about your site. It generates a trackback link, from your site to their’s…

It sounds all nice and neat and civilized!

However, there are programs out there that report they have linked to you, when they have not. They are attempting to get you to link to them! That would increase their ranking on the SERP (Search Engine Results Page).

Just like with all spam (comment spam, email spam) the goal is to get people to click on links to visit their site.

In truth, the only trackbacks I want to grant are to:

  1. Sites that are related to the my post topic; and
  2. Sites that actually have a link to my site; and
  3. Sites that have really written about my page!

Anyone who does not meet all three of these conditions, I do not want to link to.

Bot Psychology 101

In Spam Wars: Part One of this series I addressed what Spam is.
In Spam Wars: Part Two I started to define Bot Psychology 101 – understanding how Bots are actually programed in order to defeat them. Here is a little more about Bot Psychology 101 – as it applies to trackback spam.

Most of the spam trackbacks are from sites that do not even link to my site! They are generated automatically and sent to any blog they can find. It would be highly unusual if a trackback without a link to my site would be about my post topic at all!

Likewise, a real trackback would come from the server hosting that domain name. Most trackback spam comes from different computers – literally spam generators!

Spamology 101

If Bot Psychology 101 is the study of how Internet Spam Robots “think” – then Spamology 101 is the study of how to eliminate Spam – most of which comes from Spam Bots… In short, Spamology is how to defeat Spam Bots.

A Logical Math

In Spam Wars: Part Two I told you about a great plugin called “Math Comment Spam Protection”. As good as it worked – I was still getting a number of Spam Bot spams.

Combining Ammunition!

I also told you about “Spam Wars: Combining Ammunition!” Using more than one idea. Bot Psychology 101 revealed to me that most Bots do not waste their time and bandwidth accessing your site. Bots just send the answer (comment spam) to you from their Bot.

So I am writing / testing a Spamology plugin that looks to see if the comment originated at my server, or somewhere else! I want to get to a place, where posting of comments always starts with a download of my website page! Now that would cripple a Bot!

I have a few more things I want to change before I post about this plugin. But I have eliminated something like 99.99% of content spam with these two plugins working.

Spamology: TrackBacks

Nontheless, I still had a minor problem with TrackBack Spam.

Michael Woehrer, the German who wrote the Math Comment Spam Protection Plugin, I featured in Spam Wars: Part Two, also wrote the Simple Trackback Validation Plugin you can Download From WordPress Here!

Simple Trackback Validation Plugin performs a simple but very effective test on all incoming trackbacks in order to stop trackback spam.

How It Works!

When a trackback is received, this plugin…

  1. Checks the IP address of the trackback sender to see if it is equal to the IP address of the webserver that the trackback URL is referring to.

    This reveals almost every spam trackback (more than 99%) because Spam Bots that spammers use, are usually not running on the same machine of their customers.

    Real trackbacks usually come from the server hosting the website that is linking to you.

  2. Then the plugin retrieves the web page from the URL in the trackback. If there is no page link to your blog, the trackback is spam.

    Most trackback spammers do not set up custom web pages linking to the blogs they attack, so this simple test will quickly reveal spam.

    Likewise, bloggers who abuse trackbacks by sending them with their blog software or webservices, without having a link to your post, will also be stopped.

    Real trackbacks begin with a post on a blog that has a link to your post on your website.

This plugin reduced my TrackBack Spam to Zero – On 24 websites!

Death of Spam

These three, low overhead, lightweight plugins have basically been the death of spam on my 24 sites with blogs.

  1. Spamology 101
  2. Math Comment Spam Protection
  3. Simple Trackback Validation

Leave a Reply