Hackers frequently use commands or scripts to automatically spam WordPress websites by taking advantage of WordPress trackbacks and pingback features. With this feature, a spammer doesn’t even need to go to your website to spam your website, they could achieve this by using a command or script from a different server. So, in this post, I would show you how to stop WordPress spam comments.
What are trackbacks in WordPress?
A trackback is a notification that allows bloggers to interact with their websites. It allows a site to send notifications to an external site when you link to it in your content. For example, if you just published a new article on your website about trending technology, which includes a link to another website that contains some useful information. In this case, you could send a trackback ‘ping’ to that site, in order to get the owner’s attention. That person could then choose to approve the trackback. This would display an excerpt of your post and a link to your site in their comments section.
What are pingbacks in WordPress?
Pingbacks in WordPress is a little similar to trackback but was actually created to be a better version of trackbacks, in order to resolve some of the problems with the way trackback works. while trackbacks are sent manually, pingbacks were designed to be automatic. for example, Let’s say you have pingbacks activated on your blog, and you just published an article about trending technology also linking to the same external website as described earlier. In this case, a pingback would immediately be sent to the site you linked to, as long as the website also has pingbacks enabled. That site would then automatically check to verify that the pingback originated from a trusted site and not a spam message. if the site is set to approve comments before posting, then the site owner can decide to approve or not after verifying the source. The trackback and the pingback work in a very similar way but uses a little different communication technology.
Trackbacks and pingbacks allow blogs to notify each other that they have linked to an article on their website, but, today, hackers have managed to master a way of using these features to their own advantage to spam thousands of websites daily.
Why you might want to Disable Trackbacks and Pings on your WordPress Account!
As described earlier, today, spammers have taken advantage of this feature to hack many websites by sending illicit pings and trackbacks to different websites. when you get a trackback, it would appear in your comment section ready for moderation.
Good enough, WordPress provided an option to disable this feature which is very easy.
How to turn off Trackbacks and pingback in WordPress
1. log in to your WordPress account
2. go to Settings
3. Click on the Discussion page and then uncheck the box which reads “Allow link notifications from other blogs (pingbacks and trackbacks) on new posts“.
4. Scroll down and save.
Are you safe from spammers now? Heeyyy, Not yet!
The changes above only affect the new articles published after the changes but don’t take effect on all the old articles. To disable the trackbacks and pings on the old posts, follow the steps below;
How to Disable Trackbacks and Pings for WordPress Posts
5. Click on Posts on the left side of your WordPress dashboard
6. Then click on All post
7. then click on the Screen Options button at the top right corner.
8. Now enter 500 next to the ‘Number of items per page’ box as you can see in the image below
9. then click on apply button.
10. Your post’s list will then be reloaded, and it will now show up to 500 posts on the same page.
11. Now you need to select all posts by checking the box next to the title label as seen in the image below.
12. Then, click on “bulk action” and change it to ‘Edit’
13. Click on the “Apply” button next to it.
You would then see a bulk edit box with all posts on the selected page as seen in the image below.
14. On the right side, change the ping option to “do not follow“
15. then click on update and wait for the page to reload.
16. WordPress will then update all your old post and turn off pingbacks on all selected post.
17. if you have more than 500 posts, then you need to click on next botton as seen in the mage below, and repeat the process from step 12 downward.
Note: if your website runs into “internal server error” after clicking on “update” at step 15, then refresh the page, and go back to step step 8 and change the value to a lower number like 200 or 300 instead of 500.
Repeat the process and you see a successful message after.
We love to hear from you, comment below and share.