TrackbackValidator

Validates TrackBacks when they are posted.

This plugin implements a simple method for preventing TrackBack spam.  It simply fetches the URL passed in the TrackBack ping and scans it for a link to the entry the TrackBack was posted to.  If no such link is found, then the conclusion is that this TrackBack is spam and it is rejected.

Note that there are two options for this plugin.  The first is an option to exclude links to the same host as your blog from validation.  The second is to check the ping URL for links to the entry base directory, in addition to the entry permalink.  Effectively, this means that URLs that link the the entry permalink, the comments page, or a file uploaded to the entry will all pass validation.  Without this, only links to the “official” permalink will pass.

The idea for this plugin comes from the paper “Taking TrackBack Back (from Spam)” by Gerecht et al. from Rice University.  The paper is available at http://seclab.cs.rice.edu/proj/trackback/papers/taking-trackback-back.pdf

Close