First published on November 1, 2006
You might have the best anti-spam plugin in the world, but that won’t stop spambots from visiting your site. If you have a WordPress blog, they will hammer your wp-comments-post.php and wp-trackback.php files automatically — you might not see the spam anymore, but the bloody spambots are still bogging down your server (10% of all hits to theblog.ca are spambots!).
One possible solution is to rename the files that accept comments and trackbacks! This way, the spambots encounter a “file not found” page when they are looking for your default wp-comments-post.php and wp-trackback.php locations. This is much easier on your server and if you do it correctly, your regular visitors won’t even notice as commenting and trackback capabilities will continue to work. However, make sure you change the references to these two files in your WordPress code. For most installations, here’s what you do:
1) In your base WordPress directory, rename wp-comments-post.php to something like wp-comments-roller.php, and rename wp-trackback.php to something like wp-trackback-hockey.php.
2) Edit your WordPress files that reference these two files. For most with WordPress 2.0, this means editing one reference of wp-comments-post.php each in your theme’s comments.php and comments-popup.php files (found in the folder wp-content/themes/yourtheme/); wp-trackback.php is referenced once in comment-functions.php (this is comment-template.php in 2.1.x) and twice in template-loader.php (found in the folder wp-includes/).
If you allow registration on your site, rename wp-login.php (this type was suggested by Kent). This file is the registration file (as well as the login file) — if you rename it and give its location only to potential members (that is, don’t link to it with a big “Register here” link) not as many spambots will be able to figure out where it is. Just remember to change all references to the file in the WordPress files, including:
Note: if you’re unsure of what you’re doing, back up your files first! When upgrading, remember to do this process over again. Also, if you have Notepad++ or some other program that can search source code, use that to find any overlooked references of your renamed files.