PHPMatters Help You Better Hosting Your PHP-based Sites
How to Block WordPress Trackback Spam and Pingback Spam

How to Block WordPress Trackback Spam and Pingback Spam

The pingback and trackback can be regarded as the linkback methods that allow you to request notifications when somebody else post links on your webpages. It is good for enabling the trackback and pingback function, for you can keep a close track of who is linking to your website by checking the links and the excerpts of contents along with the title from your comment section. However, they are also the features that attract tons of spammers for illegal or immoral activities.

As there are so many people who are struggling with the spam issues, in the following, we’d like to introduce some methods concerning about how to block WordPress trackback spam and pingback spam. Besides, if you want to learn something more about WordPress trackback and pingback, you can check this page.

How the Spam Comes From

In fact, the majority of the trackback and pingback spam is coming from some special scripts or robots that can send a large number of trackbacks and pingbacks to different websites automatically. These spam links are generally pointing to some illegal pages for scams, hackings and malicious things.

Also, there are also some other people who are sending the spam manually, with the aim to achieve their promotional goals for their web contents.

Prevent WordPress Trackback Spam and Pingback Spam

Disable this Feature Fully

If you find that almost all the trackbacks and pingbacks you receive are spam, you can simply turn off these functions completely in your WordPress sites, which disallow any link notifications from other websites.

To do this, you can login to your WordPress administrative panel and click the Discuss button under the Settings tab. Here, you can find a “Default Article Settings” area. Simply uncheck the second box as the image showed in the following.

Default Article Settings

Note that this practice can block all the trackback and pingback spam on your future posts. As for the existing posts, you have to remove them manually.

To do this, you can delete them one by one from your WordPress sites. Or, you can make use of a SQL query. For this, you should firstly log into your control panel and then enter the phpMyAdmin. Here, you can find a SQL tab. Click it and enter the following SQL query to disable trackback and pingback features of WordPress.

UPDATE wp_options SET option_value = 'closed' WHERE post_status ='publish' AND post_type = 'post';

Make Use of Hide Trackbacks Plugin

This plugin is a replacement for the disabling of the trackback and pingback feature for your WordPress site. With it, you can prevent the trackbacks and pingbacks to be published on the front-end of your comment section in case they are spam, but can still be notified as who are linking to your posts from the back-end.

There are no configurations required for this plugin. An easy install simply gets it up and running. Then, you can get the notifications as usual in your WordPress admin when some others are posting links on your site, but these links can never be checked by your readers until you think they are safe and meaningful.

Some Other Tools for the Prevention of Trackback and Pingback Spam

There are a lot of useful tools for blocking WordPress trackback and pingback spam. Almost all of them are easy to use without the need for intensive configurations.

  • Akismet – we have made an Akismet review previously, from which you can learn that this security tool automatically puts all the suspicious pingbacks and trackbacks on the moderation box for pending. This allows you to figure out who are sending you links from WordPress admin, and prevent these links from being published unless you confirm that they are risk-free.
  • Simple Trackback Validation – This plugin works in two ways. Firstly, it checks whether the links of the trackbacks and pingbacks are not actually coming from the referrer. Then, it checks whether the trackbacks and pingbacks you receive have been collected from the illegitimate source of If they are within either of these two situations, they will be marked as spam.
  • WP-SpamShield – This plugin works as a firewall to prevent the spamming links that are either from some bots or sending from humans who are spamming you. There are two levels of its priotection – the JavaScript Layer for spambots and the Algorithmic Layer for human spam. Note that the default settings of this plugin are enough for most websites. Therefore, unless you have some special requirements, the pure installation can protect you from all the trackback and pingback spams.