Trackback spam

· blogging ·

I'm under a bit of a torrent of Trackback spam at the moment. It's particularly nasty content, and — as yet — very difficult to block without blocking Trackbacks totally. So that's what I've done; until someone comes up with a counter-attack, I've turned Trackbacks off. In fact, I've also changed the permissions on wp-trackback.php to 700 so that it can't be executed.

It still doesn't stop me being notified of the trackbacks, and I still have to delete them manually from the moderation queue. Unfortunately, they seem to be emanating from a huge number of possibly zombied computers, so you can't even block the IP addresses in an .htaccess file. Sigh.