Select theme:

Trackback Spam

penalites advanced

Definition

A spam technique that sends fake WordPress trackbacks to obtain automatic backlinks from other blogs.

Trackback Spam exploits WordPress's trackback feature, a mechanism originally designed to notify a blog when another blog cites it. When blog B cites an article from blog A, a trackback is automatically sent to blog A, which then displays an excerpt and a link to blog B in its comments. Spammers hijack this mechanism by sending fake trackbacks to thousands of blogs, simulating a citation that does not exist. If the target blog automatically accepts trackbacks (WordPress's default configuration), a return link is created without any human intervention. This technique was massively used between 2005 and 2015 before most blogs disabled trackbacks. Tools like ScrapeBox and dedicated scripts automate mass trackback sending. The best protection is to completely disable trackbacks in WordPress settings (Settings > Discussion > Uncheck 'Allow link notifications from other blogs').

Trackback spamming Trackback SEO spam Trackback abuse WordPress trackback spam

Key Points

  • Exploits WordPress's inter-blog notification feature
  • Fake trackbacks generate automatic links if accepted without moderation
  • Most modern blogs have disabled trackbacks by default
  • The definitive protection is completely disabling trackbacks in WordPress

Practical Examples

Mass trackback attack

A spammer sends 20,000 trackbacks to WordPress blogs in one day. Blogs with automatic trackback display a return link to the spammer's site in the comments, generating hundreds of instant backlinks.

Detection by the owner

A blogger discovers 200 trackbacks awaiting moderation, all from sites unrelated to their content. They disable trackbacks, delete the spam, and add the IPs to their blacklist.

Exploiting old blogs

A black hat specifically targets blogs abandoned since 2010 that still have trackbacks enabled by default. These blogs are unmoderated and spam links remain in place indefinitely.

Frequently Asked Questions

Go to Settings > Discussion and uncheck 'Allow link notifications from other blogs (pingbacks and trackbacks) on new articles'. For existing articles, use a SQL query in the database or a plugin like Disable Comments to disable them in bulk.

Trackback is semi-manual and sends a content excerpt, while pingback is fully automatic and verifies that the link actually exists in the source article. Pingbacks are harder to fake because WordPress verifies the actual presence of the link.

Go Further with LemmiLink

Discover how LemmiLink can help you put these SEO concepts into practice.

Secure your blog against trackback spam Get natural citations with NinjaLinking

Last updated: 2026-02-07