Protecting Against Trackback Spam: April Website Security

Have you ever gotten a strange comment on your website, particularly on a blog post? It may have been obvious spam or something only slightly related to the subject your post was about. If so, you may have experienced trackback spam.

Trackback spam can have a negative effect on your brand image while also being hard to stop. It also clogs up your comments section and makes it frustrating for users to scroll through while reading. In some cases, it can even be dangerous. In today’s blog post, we’ll go over an in-depth explanation of trackback spam with some examples, as well as a few ways of managing and protecting against it.

What is Trackback Spam? 

On many blogs, site owners choose to allow people to post comments directly on the page as a way of sharing their thoughts. When someone posts a comment, there is often a way to tag or post a link back to the commenter’s profile or website. This allows people browsing the comments to go a particular commenter’s website or profile.

While this seems innocent enough at first glance, it’s certainly easy to start to see how people could take extreme advantage of the ability to get eyes away from your page to theirs as a means of self-promotion of their own content. Even worse, trackback spam can be sent to thousands of websites at once so that scammers can point others to a site under their control containing malicious code or selling illicit materials.

When a link is posted to a website other than your own and connects back to you, this is known as a backlink. Having backlinks on high-quality websites can help you boost your website’s rankings in search engines over time, so they can be extremely valuable to have.

Trackback spam is an attempt to game the system by getting these high-quality backlinks with little effort on that person’s part. Basically, it’s an un-welcome promotional tactic which could potentially hurt your brand perception in the long run.

Examples of Trackback Spam

If you’ve ever taken a look at comments on a blog before, chances are you’ve witnessed trackback spam in the past. It’s quite common, but it doesn’t have to be something that you put up with. Here are a few ways to spot comment spam:

  • The comment is unrelated to the article itself

  • The comment may have strange wording

  • Links in the comment itself could look unsafe or irregular

Why Does Trackback Spam Matter?

If someone wants to self-promote in others’ comments section, why should this matter to you? One answer is that it can make your website appear to be lower in quality than it actually is. Trackback spam typically has little to do with what you’re talking about in your article, so it doesn’t open any conversations for people to engage in. It may actually make others hesitant to comment or look at more of your content.

It can also hurt your ranking in search engines. If the person linking to your article has a low-quality site (which is typically the case), this will decrease the credibility of your website, ultimately sinking your rankings.

Perhaps most importantly, the sites that the link-back spammer is sending people to could be dangerous. While it’s a good general rule of thumb to never click on links that look suspicious or that you don’t trust, accidents do happen. Someone might stumble across this link while browsing your content and ultimately blame you for any problems that arise.

Preventing Trackback Spam

There are many ways to ensure that trackback spam isn’t a problem for your website. On WordPress, trackbacks can be disabled for future and past posts by changing your settings (trackbacks may also be known as pingbacks when using WordPress). There are also several applications that can help filter out spam and boost your site’s security overall. Here are a few examples:

Akismet offers a number of prices depending on the needs of your site and business. It allows you to review comments that may be potential spam before they’re posted so that you can approve or delete them. It also gives you the option to report comments that should have been marked as spam.

Plus, if you’re using WordPress, Akismet was created by the original WordPress team, so you know that everything should run smoothly.

Like Akismet, CloudTalk will filter out comments based on whether or not they’re being left by a visitor or a spam bot. It promotes itself as not needing a CAPTCHA, so visitors may find this more convenient, and it also censors words that may be seen as abusive. Plus, it reportedly only takes a few minutes to set up.

If you’re working with a smaller website or blog and need basic functionality, Spam Destroyer may just do the trick. There’s little to no setup involved, and it takes up very little space.

Alternative Options

Removing Comments

While some people enjoy allowing people to comment on their blog posts and articles, there is also a case to be made for not accepting public comments at all. The main reason for this is because it takes the potential for trackback spam out of the equation entirely.

Just like with email, although there are great automated tools to lower spam, there’s no perfect solution for stopping it completely. Some bad comments will slip through no matter what. If people can’t leave public comments in the first place, then they can’t feature their link on your website without direct permission.

Consider directing readers to your site contact form to provide feedback instead. This keeps people with something to say on your site and gives them a place to share these thoughts.

Moderation

Instead of fully removing comments completely, one thing to consider is comment moderation. Generally this is set up in a way that public comments have to be approved before they are public.

While this can help make sure that only useful, relevant and non-abusive comments make it to the public eye, it adds in the additional workload of having to approve and reject comments manually.

To Conclude

Trackback spam can be frustrating and dangerous, but there are multiple avenues for handling it. The important thing is recognizing that this is a problem for thousands, possibly millions of websites each day. Therefore, taking preventative measures before it becomes an issue is the best course of action.

At Vervology, we hold your website’s security and credibility in the highest regard. If you have questions about trackback spam or comments on your website, reach out to us.

And, if you found this article useful, consider sharing it with a colleague.