Welcome to the new design! Please report any bugs or issues, thanks :)
Web Dev + WordPress + Security

Hacking WordPress: The Ultimate Nofollow Blacklist

[ Image: Death-metal rocker drunk with power ] Several days ago, I posted an article explaining how to hack your own WordPress nofollow blacklist. Immediately thereafter, I published an elaborate article focusing on automatic methods of nofollow blacklisting via WordPress plugins. In this article, I expand on the original blacklist hack by incorporating functional differentiation between commentator links, trackbacks, and pingbacks. If anything, think of this as an exercise in hacking WordPress, rewarding in and of itself, if not otherwise entirely impractical. Of course, whenever possible, you should avoid hacking the WordPress core and install a plugin instead. ;) Nonetheless, it’s so much fun to hack that we simply could not resist posting just one more article involving nofollow attributes. But alas, we really should be moving along..

The Default Function..

First, dig up the default WordPress function get_comment_author_link(), which is found in wp-includes/comment-functions.php in WordPress 2.0 and wp-includes/comment-template.php in WordPress 2.1 and 2.2. In either case, the function is identical, giving us this tasty morsel:

function get_comment_author_link() {
	global $comment;
	$url    = get_comment_author_url();
	$author = get_comment_author();

	if ( empty( $url ) || 'http://' == $url )
		$return = $author;
	else
		$return = "<a href='$url' rel='external nofollow'>$author</a>";
	return apply_filters('get_comment_author_link', $return);
}

If you have been keeping up with recent posts, this function should look very familiar: check author names for associated links and generate corresponding signature. Linked author names get a nice little nofollow tag, while unlinked names are displayed text-only. This function also generates the link for all trackback and pingback linkage. Now that we have found this gem, we are going to hack it into a lean, mean, link-differentiating machine!

The Ultimate Nofollow Blacklist..

If you have been reading me for any length of time, you know that I could really stretch this out. I could, for example, discuss every aspect of the entire process, explaining each and every functional aspect in excruciating detail. Etc., Ad nauseum, and Et al. Fortunately, I will spare you the utter agony this time, because after it’s all said and done, it all comes down to a rather elementary copy-&-paste operation. I will explain how to add names to the various lists, but after that, you are on your own. I trust everyone will make it out alive ;)

Alright, let’s get on with it. Here is the code with which we will be replacing the previously defined default function. Check it out:

// The Ulitmate Nofollow Blacklist
function get_comment_author_link() {
	global $comment;
	$url    = get_comment_author_url();
	$author = get_comment_author();

	if ( empty( $url ) || 'http://' == $url ) {
		$return = $author;
	} elseif ( $comment->comment_type == 'pingback' ) { 
		if ( $author == 'username 0' 
				|| $author == 'username 1' 
				|| $author == 'username 2' 
				|| $author == 'username 3' 
			) {
			$return = '<a href="'.$url.'" rel="external nofollow">'.$author.'</a>';
		} else {
			$return = '<a href="'.$url.'" rel="external">'.$author.'</a>';
		}
	} elseif ( $comment->comment_type == 'trackback' ) {
		if ( $author == 'username 0' 
				|| $author == 'username 1' 
				|| $author == 'username 2' 
				|| $author == 'username 3' 
			) {
			$return = '<a href="'.$url.'" rel="external nofollow">'.$author.'</a>';
		} else {
			$return = '<a href="'.$url.'" rel="external">'.$author.'</a>';
		}
	} else {
		if ( $author == 'username 0' 
				|| $author == 'username 1' 
				|| $author == 'username 2' 
				|| $author == 'username 3' 
			) {
			$return = '<a href="'.$url.'" rel="external nofollow">'.$author.'</a>';
		} else {
			$return = '<a href="'.$url.'" rel="external">'.$author.'</a>';
		}
	}
	return apply_filters('get_comment_author_link', $return);
}

After replacing (or commenting out) the default get_comment_author_link() function, you will enjoy granular control over each type of comment-author link. Sequentially, the blacklist version of the function processes commentator ($author) names that are not associated with any URL. Then, the function generates links for pingbacks, trackbacks, and commentator links, respectively. For each of these link categories, author names are checked against a blacklist. If the name is matched, a nofollow link is served; otherwise, a dofollow link is produced.

The Discussion..

As is, this code removes all nofollow attributes in commentator links, unless of course the author name happens to match one of the generic blacklisted username examples (e.g., username 0, username 1, username 2, etc..), in which case a nofollow link will be served. Of course, customizing the various links types (trackbacks, pingbacks, and commentator links) is entirely up to you.

By differentiating the various link types via our “ultimate blacklist” function, we gain control over much more than nofollow attributes. For example, it is just as easy to add CSS hooks, JavaScript functions, and even additional markup. Of course, there are many possible uses for such flexibility, including the satisfaction of an insatiable urge to hack WordPress ;)

Finally, to use the blacklist functionality made possible with this code, simply replace/edit the currently provided instances of “username n” with those that are worthy of the dreaded nofollow attribute. Also, keep in mind that it is easy to transform the “ultimate nofollow blacklist” into the “ultimate dofollow whitelist” by swapping each instance of rel="external" with its corresponding rel="external nofollow".

Jeff Starr
About the Author
Jeff Starr = Creative thinker. Passionate about free and open Web.
.htaccess made easy: Improve site performance and security.

14 responses to “Hacking WordPress: The Ultimate Nofollow Blacklist”

  1. Jeff Starr

    @DeViLnoAnGeL InFo: I am pretty sure that WordPress 2.7 applies the nofollow attribute to all commentator, pingback, and trackback links. Unless I am missing something here..?

  2. DeViLnoAnGeL InFo 2009/04/20 12:48 pm

    well except for the trackback/pingback link don’t include ‘nofollow’ relation the trackback/pingback link contain ‘external’ relation. and i want to change the relation to ‘external nofollow’ or ‘nofollow’ relation. i’m sure it in comment-template.php or wp-trackback.php that i need to change. but not sure where it is place.

Comments are closed for this post. Something to add? Let me know.
Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
BBQ Pro: The fastest firewall to protect your WordPress.
Thoughts
Super useful post about making custom avatars in WordPress.
Making good progress on the new bookstore subdomain here at Perishable Press. Aiming for launch early Summer :)
Playing the long game.
They have weaponized the idiots.
Good software never steals focus from the user. Even during startup.
After 10 years running my own business, I still manage schedules and tasks using old school post-it notes, sometimes simple sometimes very elaborate.
You know those sites, where you're trying to just grab a quick bit of information but the page is shifting all over the place as it loads up 3 million advertisements.