[wp-hackers] WordPress Checking Own Pingbacks - Intended Behavior?
Computer Guru
computerguru at neosmart.net
Mon Nov 19 17:15:45 GMT 2007
I only experienced it once ... but it shouldn't *ever* happen - that's the
sign of good programming :)
(FYI, the "contents" of the pingback was "which we _previously covered_ last
month" (underscore is link) - hardly "spammy" and quite common... and i've
done that before without any problems - and after)
AT any rate, the second solution is easiest and wouldn't take more than a
couple of lines to get going. I don't have time right now (have to leave the
state in a couple of hours), but I'll look into it when I get back if
necessary...
More troubling to me is the fix-for 2.5 status on that thing........ :P
On 11/19/07, Otto <otto at ottodestruct.com> wrote:
>
> On 11/19/07, Computer Guru <computerguru at neosmart.net> wrote:
> > 1) What would someone benefit by spammingy our blog with links to
> itself?
>
> Denial of Service. Hit it with enough fake pingbacks, site goes down,
> database fills up, etc.
>
> > 2) Define it to be "local" and valid
> >
> > a) the pinging post's uri is ^%YOUR_BLOG_URI%.+$
> >
> > b) pinging post's contents contain a link to yours.
> >
> > c) pinged post does not already contain link from pinging post.
> >
> > Wouldn't that do it?
>
> Seems like a heck of a long way to go when simply not writing posts
> that look like spam makes more sense. ;-)
>
> Seriously, as was pointed out before, if you disable Akismet, then
> it's not working at all. So it can't flag anything as spam then. If
> this is happening even when Akismet is disabled, then you need to look
> elsewhere for the problem. Generally speaking, I've not had Akismet
> flag any of my self-pingbacks as spam, but clearly it could happen.
> However, I'm not convinced that it's happening enough to warrant this
> kind of code change. Are we *certain* that it's Akismet doing it? I
> don't like the idea of adding a possible way for pingbacks or anything
> else to bypass the spam filters unless we're absolutely certain that
> it's necessary.
>
> > Or, a one-click way: define a new function that directly adds an
> internal
> > pingback - it can only be accessed from code, therefore pingback is
> > guaranteed to be local.
>
> I would be more receptive to this notion. Pingbacks that are
> processing to self will be recognizable by the blog URL being in the
> pinged url. Then a pingback can be added directly without the need to
> do the http request work.
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
--
Computer Guru
Director,
NeoSmart Technologies
http://neosmart.net/blog/
More information about the wp-hackers
mailing list