The WordPress traceback/pingback feature is a spam magnet for bloggers, including me. I long ago disabled the feature globally in the Discussion options. It turns out that this only affects future posts. All of the posts and pages written before it was disabled are not affected (WordPress v.3.8.1). I’m tired of moderating spam tracebacks so I looked into a way to disable the feature.
The proper way is probably to use an SQL query as described by this link:
Since that involves me remembering how to log into MySQL, the passwords, and associated commands, I wanted something a little quicker, if not dirtier. Another suggestion from the interweb was to delete the php code that handles the tracebacks and automatically generates the comments. This file is called wp-trackback.php and is in the top level WordPress directory. I can’t imagine that I’d ever want to turn this feature back on, but deleting the entire file may be overkill. A rename is probably sufficient, but I worried that this would lead to logs being filled with php errors.
My solution was to kill the script before it got anywhere. A quick perusal shows that after handling the traceback, the script uses a php die() call to exit. I simply slipped one of these in at the top of the file (wp-trackback.php, below the “<?php” initiator) and voila. Any time this script is called it dies quietly and without error. No response is returned to the traceback sender (spammer). If you want to be more creative, just below where the function trackback_response() is defined you can call that function with an error code of 1 and a message for the spammers like this:
trackback_response(1, “Go to Hell. Or Cleveland.”);
On second thought, it might be more effective if you were to explain in your message the detrimental effects of spam on communication via the internet, the associated ethical problems, and the ineffectiveness of spam advertising. Encourage them to change their ways and contribute to a healthy, open exchange of real, meaningful ideas.
I’m sure that can all be said with a few choice four letter words.
One thing to mention: editing, deleting, or renaming the wp-trackback.php file, or any other WordPress php scripts, probably won’t survive an update. The SQL method mentioned above is update-safe.