WordPress CMS Platform has a unique trackback/pingback feature, connecting various WP Blogs around the world in semi-automated way, but this feature is often abused by spammers. More over, they can SPAM your blog or website comment sections without even registering or filling-out required fields, such as a valid email address. What can you do to prevent this action for good – both for all future publications/posts/pages and already published ones?
HOW TO STOP WORDPRESS TRACKBACK SPAM COMMENTS ?
Inside WordPress Admin Dashboard > Settings > Discussion settings section you will find an option near the top that is enabled by default:
However, this feature is not well documented inside WordPress Admin Dashboard (as of currently latest WP core version 4.5), and it is the source of all confusion. The important thing is that when you disable it (and you definitely should if you wish to avoid trackback spam), it is not applied to already published articles. In another words, it will only affect future content!
There is no available way to retroactively update status of all previously published posts in an easy way directly from the admin panel. If you run a fresh blog or something, this will not be an issue, of course, but if you have tons of stuff already, you will have to manually edit each and every one of them and disable the present checkbox.
HOW TO MANUALLY DISABLE TRACKBACK / PINGBACK
FOR EACH POSTED ARTICLE INDIVIDUALLY?
Here is how: go to WordPress Admin Dashboard > Posts > Edit Post and at the very bottom of your post editor under Discussion section deselect Allow trackbacks and pingbacks on this page option. If you cannot see this section at all, go to the top of that page, and click on Screen Options menu, and enable Discussion view. See below screenshot for example:
HOW TO DISABLE TRACKBACK / PINGBACK
TO ALL ALREADY PUBLISHED ARTICLES AUTOMATICALLY ?
Here’s the problem: the above manual method will be fine if you have few articles published, but what about large websites and blogs that have tons of them? Manual editing is out of the question. Period.
Now, probably, there are some plugins available on the market to do this task for you, but because it is extremely easy to do it on your own, there is really no reason for yet another plugin, at least in our case.
STEP 1: You need to access your’s website WordPress database, either via MySQL terminal, cPanel phpMyAdmin, or some alternative frontend database manager tool (Adminer, phpMinAdmin, DBNinja to name a few) and run a special MySQL Query command to update all your old posts at once.
STEP 2: In case of MySQL Terminal, you can run the query right away (STEP 3), but we assume majority of users will probably stick with phpMyAdmin, so we will cover this scenario in our next step. Once you access your particular WordPress database, switch to SQL tab inside phpMyAdmin top menu.
STEP 3: Enter the following command in the large text area:
UPDATE wp_posts SET ping_status = REPLACE(ping_status, 'open', 'closed');
STEP 4: Finally, press the GO button in the right bottom corner and wait until it finishes the task. For extremely large databases and slow servers we suggest that you use terminal and make sure to create a backup first (just a precaution, this is a benign command that should be executed fast, really).
This will disable trackback spam on all your published articles in the past, and combined with the settings from the beginning of this article, your future posts will be safe, too.
FINAL CASE: I DO WANT TRACKBACK / PINGBACK FEATURE!
WHAT SHOULD I DO TO STOP SPAM ?
Well, if you really need trackback comments in your site, there are only few options left: allow trackback comments (essentially, do nothing suggested in our article) and manually approve each and every trackback comment later. Or you can try your luck with some SPAM database-driven content filtering services, such as Akismet (official plugin available for WordPress).