Fall Sale! Code FALL2024 takes 25% OFF our Pro Plugins & Books »
Web Dev + WordPress + Security

Hacking WordPress: The Ultimate Nofollow Blacklist

[ Image: Death-metal rocker drunk with power ] Several days ago, I posted an article explaining how to hack your own WordPress nofollow blacklist. Immediately thereafter, I published an elaborate article focusing on automatic methods of nofollow blacklisting via WordPress plugins. In this article, I expand on the original blacklist hack by incorporating functional differentiation between commentator links, trackbacks, and pingbacks. If anything, think of this as an exercise in hacking WordPress, rewarding in and of itself, if not otherwise entirely impractical. Of course, whenever possible, you should avoid hacking the WordPress core and install a plugin instead. ;) Nonetheless, it’s so much fun to hack that we simply could not resist posting just one more article involving nofollow attributes. But alas, we really should be moving along..

The Default Function..

First, dig up the default WordPress function get_comment_author_link(), which is found in wp-includes/comment-functions.php in WordPress 2.0 and wp-includes/comment-template.php in WordPress 2.1 and 2.2. In either case, the function is identical, giving us this tasty morsel:

function get_comment_author_link() {
	global $comment;
	$url    = get_comment_author_url();
	$author = get_comment_author();

	if ( empty( $url ) || 'http://' == $url )
		$return = $author;
	else
		$return = "<a href='$url' rel='external nofollow'>$author</a>";
	return apply_filters('get_comment_author_link', $return);
}

If you have been keeping up with recent posts, this function should look very familiar: check author names for associated links and generate corresponding signature. Linked author names get a nice little nofollow tag, while unlinked names are displayed text-only. This function also generates the link for all trackback and pingback linkage. Now that we have found this gem, we are going to hack it into a lean, mean, link-differentiating machine!

The Ultimate Nofollow Blacklist..

If you have been reading me for any length of time, you know that I could really stretch this out. I could, for example, discuss every aspect of the entire process, explaining each and every functional aspect in excruciating detail. Etc., Ad nauseum, and Et al. Fortunately, I will spare you the utter agony this time, because after it’s all said and done, it all comes down to a rather elementary copy-&-paste operation. I will explain how to add names to the various lists, but after that, you are on your own. I trust everyone will make it out alive ;)

Alright, let’s get on with it. Here is the code with which we will be replacing the previously defined default function. Check it out:

// The Ulitmate Nofollow Blacklist
function get_comment_author_link() {
	global $comment;
	$url    = get_comment_author_url();
	$author = get_comment_author();

	if ( empty( $url ) || 'http://' == $url ) {
		$return = $author;
	} elseif ( $comment->comment_type == 'pingback' ) { 
		if ( $author == 'username 0' 
				|| $author == 'username 1' 
				|| $author == 'username 2' 
				|| $author == 'username 3' 
			) {
			$return = '<a href="'.$url.'" rel="external nofollow">'.$author.'</a>';
		} else {
			$return = '<a href="'.$url.'" rel="external">'.$author.'</a>';
		}
	} elseif ( $comment->comment_type == 'trackback' ) {
		if ( $author == 'username 0' 
				|| $author == 'username 1' 
				|| $author == 'username 2' 
				|| $author == 'username 3' 
			) {
			$return = '<a href="'.$url.'" rel="external nofollow">'.$author.'</a>';
		} else {
			$return = '<a href="'.$url.'" rel="external">'.$author.'</a>';
		}
	} else {
		if ( $author == 'username 0' 
				|| $author == 'username 1' 
				|| $author == 'username 2' 
				|| $author == 'username 3' 
			) {
			$return = '<a href="'.$url.'" rel="external nofollow">'.$author.'</a>';
		} else {
			$return = '<a href="'.$url.'" rel="external">'.$author.'</a>';
		}
	}
	return apply_filters('get_comment_author_link', $return);
}

After replacing (or commenting out) the default get_comment_author_link() function, you will enjoy granular control over each type of comment-author link. Sequentially, the blacklist version of the function processes commentator ($author) names that are not associated with any URL. Then, the function generates links for pingbacks, trackbacks, and commentator links, respectively. For each of these link categories, author names are checked against a blacklist. If the name is matched, a nofollow link is served; otherwise, a dofollow link is produced.

The Discussion..

As is, this code removes all nofollow attributes in commentator links, unless of course the author name happens to match one of the generic blacklisted username examples (e.g., username 0, username 1, username 2, etc..), in which case a nofollow link will be served. Of course, customizing the various links types (trackbacks, pingbacks, and commentator links) is entirely up to you.

By differentiating the various link types via our “ultimate blacklist” function, we gain control over much more than nofollow attributes. For example, it is just as easy to add CSS hooks, JavaScript functions, and even additional markup. Of course, there are many possible uses for such flexibility, including the satisfaction of an insatiable urge to hack WordPress ;)

Finally, to use the blacklist functionality made possible with this code, simply replace/edit the currently provided instances of “username n” with those that are worthy of the dreaded nofollow attribute. Also, keep in mind that it is easy to transform the “ultimate nofollow blacklist” into the “ultimate dofollow whitelist” by swapping each instance of rel="external" with its corresponding rel="external nofollow".

About the Author
Jeff Starr = Web Developer. Security Specialist. WordPress Buff.
Wizard’s SQL for WordPress: Over 300+ recipes! Check the Demo »

14 responses to “Hacking WordPress: The Ultimate Nofollow Blacklist”

  1. @DeViLnoAnGeL InFo: I am pretty sure that WordPress 2.7 applies the nofollow attribute to all commentator, pingback, and trackback links. Unless I am missing something here..?

  2. DeViLnoAnGeL InFo 2009/04/20 12:48 pm

    well except for the trackback/pingback link don’t include ‘nofollow’ relation the trackback/pingback link contain ‘external’ relation. and i want to change the relation to ‘external nofollow’ or ‘nofollow’ relation. i’m sure it in comment-template.php or wp-trackback.php that i need to change. but not sure where it is place.

Comments are closed for this post. Something to add? Let me know.
Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
Wizard’s SQL for WordPress: Over 300+ recipes! Check the Demo »
Thoughts
I disabled AI in Google search results. It was making me lazy.
Went out walking today and soaked up some sunshine. It felt good.
I have an original box/packaging for 2010 iMac if anyone wants it free let me know.
Always ask AI to cite its sources. Also: “The Web” is not a valid answer.
All free plugins updated and ready for WP 6.6 dropping next week. Pro plugin updates in the works also complete :)
99% of video thumbnail/previews are pure cringe. Goofy faces = Clickbait.
RIP ICQ
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.