Recent Topics
  1. b2evolution CMS Support Forums
  2. b2evolution Support
  3. General Support
  4. [1.9.x] Is it safe to rename or remove trackback.php ?

[1.9.x] Is it safe to rename or remove trackback.php ?

1 Jun 05, 2007 01:33    

My b2evolution Version: 1.9.x

Hi all,

Today my website was almost shutting down so I started to look for the cause. I found out that those darn spammers have found my blog again. When looking into my http log while it was running I saw the following URL's being hit for about 7 times per second!


70.86.157.90 - - [04/Jun/2007:23:57:33 +0200] "POST /htsrv/trackback.php/11792 HTTP/1.0" 200 164 "http://www.goedzo.com/htsrv/trackback.php" "TrackBack/1.02"
72.249.57.36 - - [04/Jun/2007:23:57:32 +0200] "POST /htsrv/trackback.php/5200 HTTP/1.0" 200 164 "http://www.goedzo.com/htsrv/trackback.php" "TrackBack/1.02"
64.34.66.29 - - [04/Jun/2007:23:57:35 +0200] "POST /htsrv/trackback.php/19175 HTTP/1.0" 200 164 "http://www.goedzo.com/htsrv/trackback.php" "TrackBack/1.02"
72.249.25.172 - - [04/Jun/2007:23:57:34 +0200] "POST /htsrv/trackback.php/3631 HTTP/1.0" 200 164 "http://www.goedzo.com/htsrv/trackback.php" "TrackBack/1.02"
8


This didn't stop b2evolution from working, but phpd and mysqld was taking for about 99% of the CPU. In short, my site was not working at all anymore. Because I've disabled track backing on my blog I was a little surprised that this happens. To "fix" my site, i did some rigorous measures and connected with my FTP client and renamed /htsrv/trackback.php to a different file. Immediately the site was back without any problems at all. So my question actually is: "What did I break just now, and does it cause a problem somewhere?" Everything seems to be working fine, so if there are no problems, I would like to keep it this way :).

Back to top

2 Jun 05, 2007 12:21

I'd leave it that way ;)

¥

*edit*
On second thoughts, I'd actually upload an empty page so you don't end up with a shedload of errors in your logs

Back to top

3 Jun 06, 2007 01:42

I don't mind error in my logs, because it would actually stops spammers in calling the page. An empty page still sends out a valid http header instead of a 404. Also the webserver doesn't need to do anything. An empty page still needs some processing time.

Back to top

4 Jun 06, 2007 02:07

You might also try renaming the htsrv directory and seeing if the blog runs properly after that...

Rename your trackbacks.php file from whatever you renamed it to, back to trackbacks.php.

Rename the htsrv directory to something else. For example: hhttssrrvv

Edit your conf/_advanced.php file... find the line that says:

* Location of the HTml SeRVices folder.
* @global string $htsrv_subdir
*/
$htsrv_subdir = 'htsrv'; //

and rename it to:

$htsrv_subdir = 'hhttssrrvv'; //

Now see if your blog is running properly again and if you're still getting slammed by bots. If it's running properly, I would go with this method because at least then you know that the trackbacks.php file has not created any problems elsewhere by being renamed...

jj.

Back to top

5 Jun 06, 2007 15:54

Maybe one of the regulars here can explain if renamint the trackbacks.php file would do any harm, or what this file is for. I like your suggestion jibberjab, so when I notice some probs I'll try your sugeestion.

Back to top

6 Jun 06, 2007 20:14

removing/renaming the file will only affect spammers, ( and your error logs ),so... are yah worried about upsetting spammers? ;)

¥

Back to top

8 Jun 07, 2007 20:03

nims,

turning trackbacks "off" in the back office only keeps the trackback link from showing on blog pages.

spammers know that the htsrv/_trackback.php file exists and search for that DIRECTLY (which is why renaming/deleting works).

Personally, I'd delete it, as renaming (either htsrv or the file) is only a "temporary" fix ... it'll slow them down, but eventually, they'll find it again (I know ... I've tried/done both).

FWIW ... I've deleted the _trackback.php file as well (trackbacks are hardly used by real people, on our site anyway).

Only the spammers miss it! :D

Cheers,
-stk

Back to top


Form is loading...