Spring Sale! Save 30% on all books w/ code: PLANET24
Web Dev + WordPress + Security

Hacking WordPress: The Ultimate Nofollow Blacklist

[ Image: Death-metal rocker drunk with power ] Several days ago, I posted an article explaining how to hack your own WordPress nofollow blacklist. Immediately thereafter, I published an elaborate article focusing on automatic methods of nofollow blacklisting via WordPress plugins. In this article, I expand on the original blacklist hack by incorporating functional differentiation between commentator links, trackbacks, and pingbacks. If anything, think of this as an exercise in hacking WordPress, rewarding in and of itself, if not otherwise entirely impractical. Of course, whenever possible, you should avoid hacking the WordPress core and install a plugin instead. ;) Nonetheless, it’s so much fun to hack that we simply could not resist posting just one more article involving nofollow attributes. But alas, we really should be moving along..

The Default Function..

First, dig up the default WordPress function get_comment_author_link(), which is found in wp-includes/comment-functions.php in WordPress 2.0 and wp-includes/comment-template.php in WordPress 2.1 and 2.2. In either case, the function is identical, giving us this tasty morsel:

function get_comment_author_link() {
	global $comment;
	$url    = get_comment_author_url();
	$author = get_comment_author();

	if ( empty( $url ) || 'http://' == $url )
		$return = $author;
	else
		$return = "<a href='$url' rel='external nofollow'>$author</a>";
	return apply_filters('get_comment_author_link', $return);
}

If you have been keeping up with recent posts, this function should look very familiar: check author names for associated links and generate corresponding signature. Linked author names get a nice little nofollow tag, while unlinked names are displayed text-only. This function also generates the link for all trackback and pingback linkage. Now that we have found this gem, we are going to hack it into a lean, mean, link-differentiating machine!

The Ultimate Nofollow Blacklist..

If you have been reading me for any length of time, you know that I could really stretch this out. I could, for example, discuss every aspect of the entire process, explaining each and every functional aspect in excruciating detail. Etc., Ad nauseum, and Et al. Fortunately, I will spare you the utter agony this time, because after it’s all said and done, it all comes down to a rather elementary copy-&-paste operation. I will explain how to add names to the various lists, but after that, you are on your own. I trust everyone will make it out alive ;)

Alright, let’s get on with it. Here is the code with which we will be replacing the previously defined default function. Check it out:

// The Ulitmate Nofollow Blacklist
function get_comment_author_link() {
	global $comment;
	$url    = get_comment_author_url();
	$author = get_comment_author();

	if ( empty( $url ) || 'http://' == $url ) {
		$return = $author;
	} elseif ( $comment->comment_type == 'pingback' ) { 
		if ( $author == 'username 0' 
				|| $author == 'username 1' 
				|| $author == 'username 2' 
				|| $author == 'username 3' 
			) {
			$return = '<a href="'.$url.'" rel="external nofollow">'.$author.'</a>';
		} else {
			$return = '<a href="'.$url.'" rel="external">'.$author.'</a>';
		}
	} elseif ( $comment->comment_type == 'trackback' ) {
		if ( $author == 'username 0' 
				|| $author == 'username 1' 
				|| $author == 'username 2' 
				|| $author == 'username 3' 
			) {
			$return = '<a href="'.$url.'" rel="external nofollow">'.$author.'</a>';
		} else {
			$return = '<a href="'.$url.'" rel="external">'.$author.'</a>';
		}
	} else {
		if ( $author == 'username 0' 
				|| $author == 'username 1' 
				|| $author == 'username 2' 
				|| $author == 'username 3' 
			) {
			$return = '<a href="'.$url.'" rel="external nofollow">'.$author.'</a>';
		} else {
			$return = '<a href="'.$url.'" rel="external">'.$author.'</a>';
		}
	}
	return apply_filters('get_comment_author_link', $return);
}

After replacing (or commenting out) the default get_comment_author_link() function, you will enjoy granular control over each type of comment-author link. Sequentially, the blacklist version of the function processes commentator ($author) names that are not associated with any URL. Then, the function generates links for pingbacks, trackbacks, and commentator links, respectively. For each of these link categories, author names are checked against a blacklist. If the name is matched, a nofollow link is served; otherwise, a dofollow link is produced.

The Discussion..

As is, this code removes all nofollow attributes in commentator links, unless of course the author name happens to match one of the generic blacklisted username examples (e.g., username 0, username 1, username 2, etc..), in which case a nofollow link will be served. Of course, customizing the various links types (trackbacks, pingbacks, and commentator links) is entirely up to you.

By differentiating the various link types via our “ultimate blacklist” function, we gain control over much more than nofollow attributes. For example, it is just as easy to add CSS hooks, JavaScript functions, and even additional markup. Of course, there are many possible uses for such flexibility, including the satisfaction of an insatiable urge to hack WordPress ;)

Finally, to use the blacklist functionality made possible with this code, simply replace/edit the currently provided instances of “username n” with those that are worthy of the dreaded nofollow attribute. Also, keep in mind that it is easy to transform the “ultimate nofollow blacklist” into the “ultimate dofollow whitelist” by swapping each instance of rel="external" with its corresponding rel="external nofollow".

About the Author
Jeff Starr = Web Developer. Security Specialist. WordPress Buff.
SAC Pro: Unlimited chats.

14 responses to “Hacking WordPress: The Ultimate Nofollow Blacklist”

  1. It seems this combined with counter based acceptance method would rule. Black list the bums, and then, say, after 5 posts (or user defined), the poster’s links are changed to follow…

  2. Perishable 2007/09/22 9:07 pm

    Yes indeed, two plugins immediately come to mind: Lucia’s Linky Love and the much newer NoFollow Free, both of which are reviewed here and here. Either of these plugins provide functionality very similar to what you have described..

  3. This is great information – do you know if there is any such thing for blogger/blogspot blogs? I know, I need to switch over to WordPress, but it is just so much work and I have been trying to avoid that at all costs ;) Thanks for the informative blog!

  4. Perishable 2007/10/28 3:25 pm

    Lina,
    I have yet to dive into the vast realms of Blogger/Blogspot blogs, so I really wouldn’t know if something similar to a nofollow blacklist exists for those platforms (sorry). You may want to dig around with Google or maybe even create something yourself.. Otherwise, I wouldn’t worry too much about switching to WordPress — word on the streets is that its time is gradually coming to an end..

  5. Hi, thanks for the content really helpful, but I hesitated to read it when I see the frightening image maybe change it?

  6. Perishable 2008/01/27 7:29 pm

    Hi OMC² Design, thanks for the feedback on the article and associated image. Tell me something, do you really think it’s that “frightening”? I actually found the image quite hilarious — perhaps even a bit absurd. I do apologize for any psychological trauma invoked by the image — perhaps it remains best served to an audience more appreciative of such subtle attempts at irony.

  7. James Morris 2008/03/05 11:39 am

    You can add nofollow to all blogroll links with this plugin I made http://jmoz.co.uk/blog/wordpress-blogroll-nofollow-plugin/8

  8. Sweet! Thanks for sharing, James — will definitely check it out :)

  9. web hosting 2008/04/10 10:28 am

    First, the picture scared me a bit. Actually more than a bit, really freaked me out!

    Secondly, are there many extensions for WP for the nofollow fix?

  10. Perishable 2008/04/13 7:25 am

    Well, that’s a blatant setup if I’ve ever seen one! Sure, there are many wonderful dofollow plugins for WordPress. In fact, I even wrote a comprehensive dofollow reference article breaking it all down for you. Enjoy!

  11. Flash design 2008/04/22 11:38 am

    I’m really confused on this area. I do think that the nofollow is not the right way to do it and it ruins it for a lot of other people. However many blogs I used to read got spammed so badly.
    Super good looking blog by the way.

  12. DeViLnoAnGeL InFo 2009/04/20 11:04 am

    hi Jeff, earlier i sent you an email.
    The email is asking you about how to changing ‘external’ relation in trackback/pingback to ‘external nofollow’ or ‘nofollow’ relation in trackback/pingback on wordpress 2.7.1

    I hope you can teach me how to do this ASAP.

    Best regards,

    Zaldy Saindy Masali

Comments are closed for this post. Something to add? Let me know.
Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
USP Pro: Unlimited front-end forms for user-submitted posts and more.
Thoughts
I live right next door to the absolute loudest car in town. And the owner loves to drive it.
8G Firewall now out of beta testing, ready for use on production sites.
It's all about that ad revenue baby.
Note to self: encrypting 500 GB of data on my iMac takes around 8 hours.
Getting back into things after a bit of a break. Currently 7° F outside. Chillz.
2024 is going to make 2020 look like a vacation. Prepare accordingly.
First snow of the year :)
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.