Elliott C. Back: Technology FTW!

Wordpress Trackback Patch (1.22)

Posted in Code, Plugins by Elliott Back on April 5th, 2005.

Since I’ve been getting a half-dozen trackback spam or more per day, I decide to code up the following to prevent botnets from placing trackback onto my blog. Just insert into wp-trackback.php immediately before the line that reads require(’wp-blog-header.php’);. The code checks the trackback for any URLs, and makes sure that at least one of them matches the IP address of the sender: very simple. Blogs sending trackback are unimpaired, because they cite their own url which resolves to the IP address of their trackback sending software:

/* Find spam urls */
preg_match(”/^(http://)?([^/]+)/i”, $excerpt, $matches);
$urls = $matches;
$urls[] = $tb_url;

/* Make sure at least one URL resolves to spammer’s IP */
$spammer = true;
foreach($urls as $url){
$host = parse_url($url)["host"];
if(gethostbyname($host) == $REMOTE_ADDR) {
$spammer = false;
}
}

/* If spammer, die */
if($spammer) die();

I don’t know if this will help, but let’s hope it does! (Update, some hours later: No TB spam yet!)

This entry was posted on Tuesday, April 5th, 2005 at 4:34 pm and is tagged with code checks, botnets, header php, excerpt, urls, ip address, tb, spam, blog. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback.

Viewing 15 Comments

 

Trackbacks

(Trackback URL)

close Reblog this comment
Powered by Disqus · Learn more
blog comments powered by Disqus