Scott Buchanan explains one of the mechanisms by which WordPress sites are attacked by trackback spammers (circa March 2005):
e=”http://blog.mytechaid.com/archives/2005/03/09/wordpress-trackback-spam-solution/” title=”WordPress Trackback Spam Solution”>
The spam ‘bot will iteratively request “
index.php?p=[n],” where n is incremented each time. After each successful request, it will then send a trackback to “
wp-trackback.php” for entry number n.
To remedy this, Scott wrote a TB Spam Blocker plugin (downloadable from the link above) which patches viagra online pharmacy this particular hole. From the plugin’s included readme.txt:
This plugin will modify the WordPress permalink generator to include a mod_rewrite rule that blocks
direct access to wp-trackback.php. (It still allows redirected access through cruft-free URLs. Legitimate trackbacks will use the redirected URL, as that will be what appears on your blog.)
A simple fix, though as soon as the spam bots are updated to use the cruft-free trackback URLs (by crawling the site), this solution will stop working.