• Work
  • Capabilities
  • Culture
  • Work
  • Capabilities
  • Culture
  • News and Insights
  • Careers
  • Connect
Subscribe to the PMG Newsletter

Brands are investing ever more in Amazon Advertising. Get the best practices to optimize your campaigns. Learn more

31 October, 2011

Pingback Killer

Posted by Christopher Davis

Pingbacks are a way for blog/web authors to learn when someone links to them. Essentially, they are an API call from one site to another. If I link to a site in a post on my WordPress blog, it will send an XML-RPC request to the linked site and a pingback is created.

The thing about pingbacks is they suck.

Most often ping backs are used for spam: they’re a way for a spammer to get links in your comment section by linking to your site. They don’t even have to build a bot to go submit comments, just put a link in their posts.

I dislike pingbacks so much that I decided to kill them with a brand new WordPress plugin, Pingback Killer.

Pingback Killer was originally built for a client, but we decided to release it so other folks could benefit from it.

What Pingback Killer Does

  • Remove the X-Pingback header WordPress sends
  • Causes called to bloginfo( 'pingback_url' ) or get_bloginfo( 'pingback_url' ) to return an empty string
  • Hijacks the default_ping_status and default_pingback_flag to return false/zero – evaluation of those boolean options will never return true
  • Completely disables the pingback.ping XML-RPC call
  • Removes all the rewrite rules that end with /trackback/

Read on to find out how Pingback Killer does all this, or you can simply download and install the plugin from the WordPress repository.

1. Removing the X-Pingback Header

You can filter the headers WordPress sends with the wp_headers filter hook. Pingback Killer does this.

PHP
1
2
3
4
5
6
7
8
9
10
<?php
add_filter( ‘wp_headers’, ‘pmg_pk_filter_headers’, 10, 1 );
function pmg_pk_filter_headers( $headers )
{
    if( isset( $headers[‘X-Pingback’] ) )
    {
        unset( $headers[‘X-Pingback’] );
    }
    return $headers;
}

2. Taking bloginfo( ‘pingback_url’ ) off the table

Like almost every WordPress core fuction, get_bloginfo comes with a filter hook. In this case, it’s bloginfo_url.

PHP
1
2
3
4
5
6
7
8
9
10
<?php
add_filter( ‘bloginfo_url’, ‘pmg_pk_kill_pingback_url’, 10, 2 );
function pmg_pk_kill_pingback_url( $output, $show )
{
    if( $show == ‘pingback_url’ )
    {
        $output = ”;
    }
    return $output;
}

3. Hijacking Options
get_option and update_option both come with hooks to control what gets saved for an option or gets sent back. You can use those hooks to filter the content. __return_false and __return_zero are both WordPress core functions that do exactly what their names say: return false and 0 respectively. They’re useful for disabling things, just like we’re doing here.

PHP
1
2
3
4
5
<?php
add_filter( ‘pre_update_default_ping_status’, ‘__return_false’ );
add_filter( ‘pre_option_default_ping_status’, ‘__return_zero’ );
add_filter( ‘pre_update_default_pingback_flag’, ‘__return_false’ );
add_filter( ‘pre_option_default_pingback_flag’, ‘__return_zero’ );

4. No More XML-RPC

Every XML-RPC callback function has an action hook called xmlrpc_call. You can hook into it and stop WordPress from continuing by calling wp_die if the XML-RPC server is processing a pingback.

PHP
1
2
3
4
5
6
7
8
9
10
11
12
13
<?php
add_action( ‘xmlrpc_call’, ‘pmg_pk_kill_xmlrpc’ );
function pmg_pk_kill_xmlrpc( $action )
{
    if( ‘pingback.ping’ === $action )
    {
        wp_die(
            __( ‘Pingbacks are not supported’ ),
            __( ‘Not Allowed!’ ),
            array( ‘response’ => 403 )
        );
    }
}

5. Cleaning Up Rewrite Rules

Rewrite rules are filtered only when they get rebuilt (doesn’t happen often). But when it does happen, you can hook into rewrite_rules_array and filter out anything that ends with trackback.

PHP
1
2
3
4
5
6
7
8
9
10
11
12
13
<?php
add_filter( ‘rewrite_rules_array’, ‘pmg_pk_filter_rewrites’ );
function pmg_pk_filter_rewrites( $rules )
{
    foreach( $rules as $rule => $rewrite )
    {
        if( preg_match( ‘/trackback/?$$/i’, $rule ) )
        {
            unset( $rules[$rule] );
        }
    }
    return $rules;
}

Keeping it Simple

Pingback Killer is a very simple plugin. There are no options pages. Just install it, turn it on, and enjoy the lack of spam pingbacks. We already have this in use on several client blogs and this one.

 

apidevDevelopmentpingbackwordpress

 

Previous
Next

Latest White Papers

  • Why Voice Matters: Identifying the Latest Opportunities in Voice Search
  • eSports Advertising and How Brands Can Get in the Game
  • Navigating the Amazon Ecosystem
  • See all White Papers

Featured Posts

  • Breaking New Ground at PMG with WeCollective
  • Getting Started with Digital Marketing in India
  • 5 Things to Know About Generation Z
  • Being Your Authentic Self in the Workplace
  • Using Social to Build Buzz

Categories

  • Content
  • Creative Design
  • Data Analytics
  • Development
  • Display
  • Industry News
  • Local
  • Mobile
  • Paid Search
  • PMG Culture
  • SEO
  • Social Media
  • Structured Data
  • Video

Fort Worth (HQ)

2845 W. 7th Street
Fort Worth, TX 76107

Austin

301 Congress Ave.
Ste 220
Austin, TX 78701

Dallas

3102 Oak Lawn Ave.
Ste 650
Dallas, TX 75219

Los Angeles

520 Broadway
Santa Monica, CA 90401

London

14-16 Great Chapel St.
London
W1F 8FL

Follow Us

Subscribe to the PMG Newsletter
© 2018 PMG Worldwide LLC. All Rights Reserved.
  • Privacy
  • Contact
  • (817) 420-9970
PMG uses cookies to analyze traffic, and personalize content and ads. We also share information about your use of our site with social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services. You may view our cookie policy for more details.AcceptDecline