[wp-hackers] Deprecated functions and files

Otto otto at ottodestruct.com
Wed Aug 13 14:55:59 GMT 2008


On Tue, Aug 12, 2008 at 8:40 PM, Viper007Bond <viper at viper007bond.com> wrote:
> Cookies for comments sounds nice, but then how do you handle
> ping/trackbacks?

Simple Trackback Validation:
http://wordpress.org/extend/plugins/simple-trackback-validation/

It does an IP lookup to make sure that the IP of the sending party
matches that of the website it's claiming to speak for. If that
passes, then it actually loads the external URL and looks for the link
back to the blog. If that passes, then it calls it a legit trackback
and there you go.

Fast, simple, quite effective. I have not had a false positive or
negative from it yet.


>Although I'm always open to suggestions and that cookies for comments seems
>nice enough, at least until the bots get smart enough to start using session
>cookies.

Yeah, but I figure that a spambot which a) loads the stylesheets of
the page and then b) uses cookies as well is one of those rare things
which is almost self-defeating. The whole point of mass spamming is to
get your spammy message out to tons of sites quickly. If they have to
actually load whole pages and associated files just to leave their
comments, then they quickly run into a bandwidth/speed issue.

-Otto


More information about the wp-hackers mailing list