Support

Admin Tools

#24672 Can I disable pingbacks?

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Tuesday, 15 March 2016 12:48 CDT

Monday, 14 March 2016 11:14 CDT

neticapl
My website is receiving too many pingback requests.
It's someone's intentional act. I want to block that pingbacks - is it possible via AdminToolPro?

Example od my log file below:
07:58:04.761199 IP (tos 0x0, ttl 53, id 19929, offset 0, flags [DF], proto: TCP (6), length: 237) 37.188.117.28.57428 > 50.22.11.27.80: P, cksum 0xb106 (correct), 1340229195:1340229380(185) ack 1381969314 win 29
[email protected]..)%.u.2....T.PO.FKR_-............
.*..^sY.GET / HTTP/1.0
User-Agent: WordPress/3.9.11; http://printclublondon.com; verifying pingback from 23.95.51.74
Host: partnereu.eu
Accept: */*
X-Pingback-Forwarded-For: 23.95.51.74


07:58:04.766647 IP (tos 0x0, ttl 41, id 59432, offset 0, flags [DF], proto: TCP (6), length: 233) 77.120.110.175.49153 > 50.22.11.27.80: P, cksum 0x2043 (correct), 1733070534:1733070715(181) ack 3185371373 win 115
E....(@.).o.Mxn.2......PgL.........s C.....
I.g.^sY.GET / HTTP/1.0
User-Agent: WordPress/1589; http://www.wsllpaper.com; verifying pingback from 23.95.51.74
Host: partnereu.eu
Accept: */*
X-Pingback-Forwarded-For: 23.95.51.74

and so on and so on...

Monday, 14 March 2016 12:21 CDT

nicholas
If you are using the .htaccess Maker, yes. There's the option "Block access from specific user agents" which disables access to your site based on the user agent used by the remote client. The (partial string matches for) forbidden user agents are listed in "User agents to block, one per line" below. You can simply add 
WordPress
in that list to block pingbacks.

That said, pingbacks have no effect whatsoever in Joomla!. You can simply ignore them. I think it's likely to break something trying to disable them whereas they are entirely harmless if not blocked.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Monday, 14 March 2016 16:59 CDT

neticapl
It looks like someone is trying to block my website via pingback's - I get a huge traffic because of it (is it possible?).
Anyway it works... now my website is OK. Thank You!

Tuesday, 15 March 2016 04:26 CDT

nicholas
Pingbacks in WordPress are problematic. Anyone can use them to relay traffic to a victim. That's a rather old issue (or pretty much ancient, according to other sources).

Right now you have not stopped the influx of traffic from the web to your server. What we did with the instructions I gave you above is prevent the request from reaching Joomla!. Apache still has to use up a thread, parse the .htaccess file, figure out that the request needs to be blocked and reply with an HTTP 403 Forbidden error message. In other words, these pingbacks still use up resources on your server, albeit much less.

If this is a huge issue for you (it eats up your bandwidth and your site is routinely disabled by your host) I recommend that you use CloudFlare. It's a free CDN that will absorb the additional bandwidth, block this kind of attacks and let you run your site without consuming your bandwidth because of the DDoS attack. They even have a plugin for Joomla!.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 15 March 2016 05:15 CDT

neticapl
Thank you very much.
I will use CloudFlare....

Tuesday, 15 March 2016 12:48 CDT

nicholas
You're welcome!

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!