stop trackback spam on Wordpress blogs
I’ve found the Wordpress plugin Trackback Validator being effective. It simply checks whether my blog entry is really referenced in the page trackbacking – that’s what you should expect in legitimate trackbacks and what spammers often don’t do. Trackbacks missing that reference are immediately marked as spam.
As I let myself notify about new comments and Wordpress treats trackbacks as such, I receive emails with an excerpt of the spam-text. The plugin doesn’t surpress them. Annoying.
So, here’s a workaround for Apache to deny posting by clients with known User Agent strings:
BrowserMatch "^\-$" is_a_robot
BrowserMatch "^Jakarta" is_evil
BrowserMatch "^libghttp\/1" is_evil
<Directory />
<LimitExcept GET>
Order deny,allow
Deny from env=is_evil
Deny from env=is_a_robot
</LimitExcept>
</Directory>
Follow me on Twitter