Plugin Sale! Save 15% on pro plugins with discount code: FALL2020
Web Dev + WordPress + Security

Hacking WordPress: The Ultimate Nofollow Blacklist

[ Image: Death-metal rocker drunk with power ] Several days ago, I posted an article explaining how to hack your own WordPress nofollow blacklist. Immediately thereafter, I published an elaborate article focusing on automatic methods of nofollow blacklisting via WordPress plugins. In this article, I expand on the original blacklist hack by incorporating functional differentiation between commentator links, trackbacks, and pingbacks. If anything, think of this as an exercise in hacking WordPress, rewarding in and of itself, if not otherwise entirely impractical. Of course, whenever possible, you should avoid hacking the WordPress core and install a plugin instead. ;) Nonetheless, it’s so much fun to hack that we simply could not resist posting just one more article involving nofollow attributes. But alas, we really should be moving along..

The Default Function..

First, dig up the default WordPress function get_comment_author_link(), which is found in wp-includes/comment-functions.php in WordPress 2.0 and wp-includes/comment-template.php in WordPress 2.1 and 2.2. In either case, the function is identical, giving us this tasty morsel:

function get_comment_author_link() {
	global $comment;
	$url    = get_comment_author_url();
	$author = get_comment_author();

	if ( empty( $url ) || 'http://' == $url )
		$return = $author;
	else
		$return = "<a href='$url' rel='external nofollow'>$author</a>";
	return apply_filters('get_comment_author_link', $return);
}

If you have been keeping up with recent posts, this function should look very familiar: check author names for associated links and generate corresponding signature. Linked author names get a nice little nofollow tag, while unlinked names are displayed text-only. This function also generates the link for all trackback and pingback linkage. Now that we have found this gem, we are going to hack it into a lean, mean, link-differentiating machine!

The Ultimate Nofollow Blacklist..

If you have been reading me for any length of time, you know that I could really stretch this out. I could, for example, discuss every aspect of the entire process, explaining each and every functional aspect in excruciating detail. Etc., Ad nauseum, and Et al. Fortunately, I will spare you the utter agony this time, because after it’s all said and done, it all comes down to a rather elementary copy-&-paste operation. I will explain how to add names to the various lists, but after that, you are on your own. I trust everyone will make it out alive ;)

Alright, let’s get on with it. Here is the code with which we will be replacing the previously defined default function. Check it out:

// The Ulitmate Nofollow Blacklist
function get_comment_author_link() {
	global $comment;
	$url    = get_comment_author_url();
	$author = get_comment_author();

	if ( empty( $url ) || 'http://' == $url ) {
		$return = $author;
	} elseif ( $comment->comment_type == 'pingback' ) { 
		if ( $author == 'username 0' 
				|| $author == 'username 1' 
				|| $author == 'username 2' 
				|| $author == 'username 3' 
			) {
			$return = '<a href="'.$url.'" rel="external nofollow">'.$author.'</a>';
		} else {
			$return = '<a href="'.$url.'" rel="external">'.$author.'</a>';
		}
	} elseif ( $comment->comment_type == 'trackback' ) {
		if ( $author == 'username 0' 
				|| $author == 'username 1' 
				|| $author == 'username 2' 
				|| $author == 'username 3' 
			) {
			$return = '<a href="'.$url.'" rel="external nofollow">'.$author.'</a>';
		} else {
			$return = '<a href="'.$url.'" rel="external">'.$author.'</a>';
		}
	} else {
		if ( $author == 'username 0' 
				|| $author == 'username 1' 
				|| $author == 'username 2' 
				|| $author == 'username 3' 
			) {
			$return = '<a href="'.$url.'" rel="external nofollow">'.$author.'</a>';
		} else {
			$return = '<a href="'.$url.'" rel="external">'.$author.'</a>';
		}
	}
	return apply_filters('get_comment_author_link', $return);
}

After replacing (or commenting out) the default get_comment_author_link() function, you will enjoy granular control over each type of comment-author link. Sequentially, the blacklist version of the function processes commentator ($author) names that are not associated with any URL. Then, the function generates links for pingbacks, trackbacks, and commentator links, respectively. For each of these link categories, author names are checked against a blacklist. If the name is matched, a nofollow link is served; otherwise, a dofollow link is produced.

The Discussion..

As is, this code removes all nofollow attributes in commentator links, unless of course the author name happens to match one of the generic blacklisted username examples (e.g., username 0, username 1, username 2, etc..), in which case a nofollow link will be served. Of course, customizing the various links types (trackbacks, pingbacks, and commentator links) is entirely up to you.

By differentiating the various link types via our “ultimate blacklist” function, we gain control over much more than nofollow attributes. For example, it is just as easy to add CSS hooks, JavaScript functions, and even additional markup. Of course, there are many possible uses for such flexibility, including the satisfaction of an insatiable urge to hack WordPress ;)

Finally, to use the blacklist functionality made possible with this code, simply replace/edit the currently provided instances of “username n” with those that are worthy of the dreaded nofollow attribute. Also, keep in mind that it is easy to transform the “ultimate nofollow blacklist” into the “ultimate dofollow whitelist” by swapping each instance of rel="external" with its corresponding rel="external nofollow".

Jeff Starr
About the Author
Jeff Starr = Web Developer. Security Specialist. WordPress Buff.
WP Themes In Depth: Build and sell awesome WordPress themes.

14 responses to “Hacking WordPress: The Ultimate Nofollow Blacklist”

  1. Jeff Starr

    @DeViLnoAnGeL InFo: I am pretty sure that WordPress 2.7 applies the nofollow attribute to all commentator, pingback, and trackback links. Unless I am missing something here..?

  2. DeViLnoAnGeL InFo 2009/04/20 12:48 pm

    well except for the trackback/pingback link don’t include ‘nofollow’ relation the trackback/pingback link contain ‘external’ relation. and i want to change the relation to ‘external nofollow’ or ‘nofollow’ relation. i’m sure it in comment-template.php or wp-trackback.php that i need to change. but not sure where it is place.

Comments are closed for this post. Something to add? Let me know.
Welcome
Perishable Press is operated by Jeff Starr, a professional web developer and book author with two decades of experience. Here you will find posts about web development, WordPress, security, and more »
Digging Into WordPress: Take your WordPress skills to the next level.
Thoughts
Watching. Waiting. Praying.
Got all of my free WordPress plugins updated for imminent WP 5.6 in early December. Pro plugin updates currently in the works.
7G Firewall now integrated into BBQ Firewall (free version). Pro version soon ;)
macOS Big Sur update complete. So far no crazy issues. Except TextEdit, which is completely screwed up and unusable. Replaced with free BBEdit.
Got so sick of macOS’ annoying “red dot” that I had to remove System Prefs from the dock. Come on Apple you can do better.
Beginning development of an Nginx version of 7G Firewall.
Happy Birthday to Perishable Press, celebrating 15 years online! :)
Newsletter
Get news, updates, deals & tips via email.
Email kept private. Easy unsubscribe anytime.