You may have been recently hit by several waves of Trackback spam, including a major assault over the last 24 hours. These attacks are clearly automated, sending many pings in a short period of time. Even if MT-Blacklist is effecting repelling these attacks, it can still cause problems for some. In the past few weeks, MT-Blacklist was working so hard to block all the spam that it contributed to a heavy CPU load on the server, resulting in several crashes (I have since moved to a dedicated server). So I have been looking for ways to ease the burden of MT-Blacklist. For trackback spam, one of the first things I tried was to rename my Trackback script from the default 'mt-tb.cgi', thinking maybe that's how these spammers were finding and attaching my sites. It didn't work. Within minutes, they were hitting the newly renamed script. Based on this, it seems that there must be Spam Spiders at play here, crawling the web and sending trackback spam as soon as they find trackback URLs. And since they seem to have adapted to the new name, perhaps these spiders are looking for some other pattern, perhaps the text " The Trackback URL for this entry is". I have tried changed that text on all of my blogs, but I think it might help. Instead, I decided to disguise the Trackback URL so that it would be difficult for spiders to parse and attach my sites.
MTDisguiseTrackbackURL is a mini-plugin that replaces the MT function for the <MTEntryTrackbackURL> tag that is displayed in the Trackback Listing template. MTDisguiseTrackbackURL outputs the URL using a few javascript commands, breaking up the full URL in the underlying HTML code. But as long as your visitors are using a JavaScript-enabled browser, the URL will appear the exact same way that it does now, and they can easily copy and paste the URL manually.
If you want to seem an example, view the Trackbacks page for this entry, and view source to see the JavaScript code.
Installation:
Installation is very easy:
1. Download Now:
2. Extract the DisguiseTrackURL.pl and upload it to the 'plugins' directory within your 'mt' directory.
3. That's all. Since Trackback listing pages are dynamically displayed, you don't need to rebuild anything.
As always, feedback is appreciated.
By the way, if you haven't heard yet, a critical bug has been found in the latest version of MT-Blacklist. Don't delete any blogs! Click here for more information.
Comments (15)
Nice little script, thanks :)
Posted by demonsurfer | December 14, 2004 12:09 AM
Posted on December 14, 2004 00:09
A PHP version would be awesome so we could use it with the dynamic system
Posted by Arvind | December 15, 2004 9:26 AM
Posted on December 15, 2004 09:26
Seem to be having trouble using this under 3.121.
Keep getting the error: Subroutine _hdlr_entry_tb_link redefined at lib/MT/Template/Context.pm line 961.
Posted by quack | December 16, 2004 4:53 PM
Posted on December 16, 2004 16:53
Mark--
Thanks for the plugin. I'm sure the MT community will thank you. Two
items of feedback:
1. The following quote is inaccurate: "Since Trackback listing pages are
dynamically displayed, you don't need to rebuild anything." If you're
displaying <MTTrackBackLink> without using a popup, as I do, it's
generated once upon rebuild. In this case, a full rebuild of all
Individual Archive pages is necessary to implement your plugin.
(As an aside, I think it's silly to put trackbacks in a popup, and I don't
know why so many blogs use that behavior. TrackBacks are at least as
important as comments, and probably more so—why aren't they
displayed inline by default with entries?)
2. Your plugin does not output valid HTML code by default. The outputted
<script> tag is:
<script language='Javascript'<
The W3C validator complains about this and wants a "type" attribute as
well.
For others using MTDisguiseTrackbackURL v0.5, you can make the code valid
by using this regex (using MTRegex):
<MTRegexDefine name="scriptType">s|<script
language='Javascript'>|<script language="javascript"
type="text/javascript">|gi</MTRegexDefine>
And call it this way:
<$MTEntryTrackbackLink regex="scriptType"$>
Hope that helps somebody. Thanks again, Mark.
Posted by tom sherman | January 7, 2005 4:21 PM
Posted on January 7, 2005 16:21
It's very important to note that this plugin has no effect on the output of <$MTEntryTrackbackData$> and your blog will still be vulnerable to spam, since that tag (included by default in the Individual Entry Archive template) outputs the TB URL in plaintext in the source of the HTML.
This RDF data is vital for the auto-discoverability feature of Trackbacks.
You have a couple of options:
1) Delete the above tag from your templates and lose the auto-discoverability of TB.
2) Use one of the many techniques outlined at Elise Bauer's page.
3) Try out my tb-random-rename.pl script :) It will let you automagically rename your TB script to include a random number, making you a much harder target for spammers.
Posted by tom sherman | February 5, 2005 1:17 AM
Posted on February 5, 2005 01:17
Anyone know of a bulk utility to remove these pings? I was hit with over 200 of them before I took steps. Thanks.
Posted by Peter | February 9, 2005 8:25 PM
Posted on February 9, 2005 20:25
Peter,
I believe it's much easier to mass-delete trackback spam in MT 3.x. Are you using 2.x?
Posted by tom sherman | February 17, 2005 11:59 AM
Posted on February 17, 2005 11:59
I am getting an error on rebuild of my whole site. when I have the plugin installed.
Subroutine _hdlr_entry_tb_link redefined at lib/MT/Template/Context.pm line 961
Posted by Bobby Magee | February 24, 2005 4:14 PM
Posted on February 24, 2005 16:14
Bobby,
That's not an error, it's just a warning. And it is nothing to worry about. The plugin is designed to exactly what the warning says, it redefines the _hdlr_entry_tb_link subroutine in order to disguise the link.
Posted by Mark Carey | February 24, 2005 4:17 PM
Posted on February 24, 2005 16:17
I installed this on my friends site. He doesn't have the pro version of MT just the free one. On his it give that error. On my site it doesn't give that error. Wonder if it is something related to the free MT vx Pro MT.
Either way thanks. Will install this back on my friends site.
:P
Posted by Bobby Magee | February 25, 2005 4:16 PM
Posted on February 25, 2005 16:16
The Pro version and the free version are the same.
The difference probably lies in the version or Perl or something. This "warning" is occuring in both cases, just not showing on one of them. But it "just works". ;)
Posted by Mark Carey | February 25, 2005 4:32 PM
Posted on February 25, 2005 16:32
I installed this plugin and it worked like a charm.
For 3 days. Now the spammers are back.
Posted by joey | March 9, 2005 11:27 PM
Posted on March 9, 2005 23:27
I tried this w/ MR 3.15 and got a 500 server errorT:
he web server encountered an error or misconfiguration and was unable to complete your request. If this error persists, please contact the webmaster, and inform them of the time the error occurred, and anything you might have done that may have caused the error.
Posted by Anonymous | April 19, 2005 8:12 PM
Posted on April 19, 2005 20:12
I installed it and I am still getting hammered with spam. The plugin is doing nothing for me. I bet some spammers are running javascript to get the link.
Posted by Dan Olsen | July 13, 2005 3:33 PM
Posted on July 13, 2005 15:33
Unfortunately this appears to be doing nothing with MT3.2b2
Posted by demonsurfer | July 26, 2005 5:29 PM
Posted on July 26, 2005 17:29