Avoiding Blog Comment Trackback Spam

Check out my new guide for starting a blog to learn how to go about properly creating your own blog.

It’s been a while since the last blogging tips post around here. Now that I have more time for blogging again, I figured I should revive this series.

As I thought about it more, there were still a bunch of topics I could cover to help out my blogger friends. There is just so much to learn when you launch a blog and try to build it up. I might as well pass on more of the stuff I’ve learned so far.

Check out some of the previous posts from this series:

This week I’ll be providing some tips to avoid spam. When we have limited time to run our blogs, the last thing we want to do is let spammers waste our time. In particular you’ll learn how to avoid blog comment trackback spam.

Blocking Blog Comment Trackback Spam

When another blog links to your blog, an automatic trackback or ping is sent to your blog in the form of a comment. Originally this was intended as a way to link together posts that are a reaction to the original post.

Unfortunately spammers found ways to fake this and send trackbacks to countless blogs. The majority would likely delete or block those trackbacks, but it will slip through the cracks on some. If enough slip through the cracks, it would be an easy automated way to get a bunch of links.

So how do we prevent wasting time deleting each faked trackback?

Easiest Method – Block All Trackbacks

Obviously this strategy only works if you don’t care about receiving legitimate trackbacks. Personally I like to get notifications when another blog links to mine. So I prefer to leave trackbacks turned on.

To turn them off, in your wordpress dashboard go to ‘Settings’ in the sidebar. Then in the expanded menu, select ‘Discussion’. From that screen you can turn off all trackbacks by unchecking the 2nd item labeled: Allow link notifications from other blogs (pingbacks and trackbacks). Be sure to scroll to the bottom of the page and click ‘Save Changes’.

Moderately Easy Method – Install a Plugin

To automatically block most of your trackback spam, you can install a plugin called Simple Trackback Validation.

This plugin will check to see if the trackback ip is the same as the website it references. Also it will double check if the page actually links to your blog. Installing this plugin will block the less advanced spammers effectively.

Advanced Method – Blocking via .htaccess

If you’ve got a particularly sneaky spammer targeting your blog, the plugin above may not properly block their trackbacks. In those cases they are often including fake links to your blog in their code.

There is a way to block these spammers too. It is a bit more difficult for the less technically inclined bloggers. So this strategy isn’t for everyone.

First you will need to connect to your blog via FTP. If you’re not sure how to do that, you might want to stick to just using the plugin above. In your main blog directory (normally /public_html/), there will be a file at the top of the list called .htaccess. Download that file and open it with notepad. If you’ve never dealt with an .htaccess file it may be best to save a backup before making changes. Doing something wrong in your .htaccess file can prevent your entire blog from loading.

At the bottom of the file, insert code like this:

Order deny,allow
Deny from
Deny from spammerswebsite.com
Deny from

In this list you can have as many ‘Deny from’ lines as you need. You can either block the spammer’s ip address or their domain name. As different websites start sending faked trackbacks, you simply add them to this list.

Currently I have 7 ips/domains that I’m blocking with this method. Since doing so, I did somehow receive 1 trackback from one of those sites. As they had been sending daily faked trackbacks, that’s still an awesome success rate. In fact, between denying spammers with htaccess and the Simple Trackback Validation, that was the only trackback spam I’ve received lately.

I’m not positive, but I think this htaccess trick would also work for regular comment spam. That is if the spammer is always coming from the same ip or always trying to link to the same website.

Does anyone else have other strategies to avoid trackback spam? How many of you just turned off trackbacks completely to avoid the nonsense?

Photo Source