Trackback Spam - Please Help

[loobis]

I searched on this topic and found a few things, but none of it has helped.

I'm currently getting about 10,000 Trackback Emails/Day (no joke, my webmail provider actually disabled me temporarily because I was getting such high traffic).

At this point, I want to completely disable trackbacks. I'd still like to receive comments, but I want ZERO trackbacks.

I found one thread that said to add "$serendipity['noautodiscovery'] = true;" to config_local.inc, but that didn't do anything.

I also found something that said to add this to comment.php:
if ($_REQUEST['type'] == 'trackback') die('Disabled')

But I'm not sure I put in the right spot. Actually, I'm sure I didn't, because I have 17,000 trackback emails in my bulk folder (I created a rule to move them).

Here's what I have for that section:
____________________________________________________________
} else if (!isset($serendipity['POST']['submit'])) {
echo $html_header;
if ($serendipity['GET']['type'] == 'trackbacks') {
$tbu = $serendipity['baseURL'] . 'comment.php?type=trackback&entry_id=' . (int)$serendipity['GET']['entry_id'];
$query = "SELECT title FROM {$serendipity['dbPrefix']}entries WHERE id = '". (int)$serendipity['GET']['entry_id'] ."'";
$entry = serendipity_db_query($query);
$entry = serendipity_archiveURL($serendipity['GET']['entry_id'], $entry[0]['title'], 'baseURL');
?>
<div class="serendipity_commentsTitle"><?php if ($_REQUEST['type'] == 'trackback') die('Disabled'); echo TRACKBACKS; ?></div><br />
<dl>
<dt><b><?php echo TRACKBACK_SPECIFIC; ?>:</b><br /></dt>
<dd><a href="<?php echo $tbu; ?>"><?php echo $tbu; ?></a><br /></dd>

<dt><b><?php echo DIRECT_LINK; ?>:</b><br /></dt>
<dd><a href="<?php echo $entry; ?>"><?php echo $entry; ?></a></dd>
</dl>
<?php serendipity_printTrackbacks(serendipity_fetchTrackbacks($id)); ?>

_____________________________________________________________

This isn't working, and I'd REALLY appreciate any help that anyone could provide.

Thanks.

[judebert]

Okay, first let's turn off the faucet. You were very close. Open your admin page, move the Spam Protector plugin to the top of the plugins list, and configure it. Enable the "Emergency Comment Shutdown" and save the configuration.

That should give you some breathing room to try a few other things.

Re-open the Spam Protector configuration. These options vary a little, depending on what version of the plugin you have.

• *IP Block Interval: every 3 minutes.
  *Reject any Trackback/Pingback that fails IP validation.
  *Force API comment moderation after 30 days.
  *REJECT trackbacks/pingbacks when being auto-moderated.
  *If you can handle not having any trackbacks: REJECT comments made via APIs.
  *Check trackback/pingback URLs
  *Get an Akismet key and REJECT Akismet-reported spam

Now you can turn your emergency comment block off. You should see less trackback spam.

If you *really* don't care about trackbacks, then the comment.php method works, too. The code you cited was missing its semicolon, but otherwise it was correct. Add this as the first line in comment.php after the <?php tag:

Code: Select all

if ($_REQUEST['type'] == 'trackback') die('Disabled');

As Grischa has mentioned in his previous posts, most of the trackback spams come from a virus that identifies itself as "Trackback/1.0". Excluding this user-agent in your .htaccess can *severely* reduce your received spam, and it's a lot less load on the server than doing it through Serendipity.

[loobis]

Judebert,
Thanks a lot for the response. That is great advice. I had seen the post on the htaccess file, but I wasn't too clear on it. I understand now.

I've tried that, along with the Spam Protector. I'll monitor this and see how it goes, and if I'm still getting a lot, I'll add that semi-colon to comment.php and just shut them down completely.

Thanks again.