What is a WordPress Pingback? A Complete Guide

This post may contain affiliate links. If you make a purchase through these links, we may earn a commission at no additional cost to you.

Ever logged into your WordPress dashboard, ready for a cup of tea and a look at your comments, only to find a strange, robotic-looking notification? It doesn’t come from a person, has no real comment, and simply says your post was mentioned somewhere. You’ve just met a WordPress Pingback—a ghost from the internet’s past that still haunts many of our blogs today.

For many British bloggers, these notifications are a bit of a mystery. Are they good? Are they bad? Are they some sort of spam you need to worry about?

Well, you’re not alone in wondering. Pingbacks are a relic from a simpler time online, before Twitter, Facebook, and Instagram became the town squares of the internet. They were designed to help bloggers connect, but today their role is a lot more complicated.

This is your definitive guide to understanding everything about WordPress pingbacks. We’ll explore what they are, how they work, whether they have any place in 2025, and—most importantly—what you should do about them on your own website. Grab that cuppa, and let’s unravel this digital mystery together.

Chapter 1: So, What Exactly is a WordPress Pingback?

Let’s start with the basics. A pingback is an automatic notification that appears in your comments section when another WordPress blog links to one of your posts. Simple as that.

The Simple Explanation: A Digital Hat Tip

Think of a pingback as a digital hat tip. It’s one blog automatically telling another, “Oi, nice one. I’ve just mentioned your work over here.”

Imagine you’ve written a brilliant article about the best walking routes in the Peak District. A week later, another blogger writes a post about essential hiking gear and includes a link to your article as a great example of a local trail.

The moment they hit ‘Publish’, their WordPress site sends an automatic ‘ping’ to your site. This ping shows up on your dashboard for approval, looking something like this:

[A New Pingback on “The Best Walking Routes in the Peak District”]

From: “My Top 10 Hiking Boots for British Weather” Website: someotherblog.co.uk

If you approve it, a small link will appear in your post’s comments section, showing that another site has linked to you. It was designed to be a simple, automated way of saying thanks and showing where conversations were happening.

How It Works in Practice: A Four-Step Journey

The whole process happens in the background without you having to lift a finger. It’s a clever little automated dance between two websites.

You Create a Link: You’re writing a new post and you link to an article on another WordPress blog. Let’s call your site Blog A and their site Blog B.
WordPress Sends the ‘Ping’: As soon as you publish your post, your WordPress site (Blog A) automatically sends a notification—the pingback—to their site (Blog B).
The Other Site Verifies the Link: Blog B’s website doesn’t just take your site’s word for it. It performs a quick check, visiting your post to make sure the link to their content is actually there. This is a crucial security step to stop people from spamming sites with fake notifications.
The Pingback Appears as a Comment: Once Blog B confirms the link is real, the pingback appears in their comment moderation queue, just like a normal comment. The owner of Blog B can then choose to approve it, delete it, or mark it as spam.

Pingbacks vs. Trackbacks: Spotting the Difference

You might also have heard of ‘trackbacks’. People often use the terms interchangeably, but they are slightly different beasts. A trackback is the older, manual cousin of the pingback.

Before pingbacks, if you wanted to let someone know you’d linked to them, you had to manually copy a special ‘trackback URL’ from their post and paste it into a box in your own post editor.

Here’s a simple breakdown of the differences:

Feature	Pingback	Trackback
How it Works	Fully automatic (XML-RPC protocol)	Manual (HTTP POST protocol)
What it Sends	Just a link to your post	A link and a short snippet of your text
Verification	Automatic check to ensure the link exists	No verification (this made it very easy to spam)
System	Mostly used by WordPress	Used by older blogging platforms like Movable Type

Essentially, pingbacks were invented to be a smarter, more secure, and automated version of trackbacks. While the technology still exists for both in WordPress, trackbacks are now almost entirely obsolete because they were so ridiculously easy for spammers to abuse.

Chapter 2: A Trip Down Memory Lane: Why Pingbacks Were Invented

To really understand pingbacks, we need to hop in a digital DeLorean and go back to the early 2000s. The internet was a very different place. There was no Twitter, no Facebook newsfeed, and no TikTok. The dominant form of social media was the humble blog.

The Golden Age of Blogging (Before Social Media Ruled the Roost)

Back then, the collection of all blogs was called the ‘blogosphere’. It was a sprawling, interconnected community of writers, hobbyists, and experts. Bloggers discovered each other not through algorithms, but by reading, linking, and commenting.

If you were a British food blogger in 2005, you’d have a ‘blogroll’—a list in your sidebar of other food blogs you admired. You’d link to their recipes, and they’d link to yours. This created a web of conversations.

But how did you know if someone had linked to you? You couldn’t just wait for a notification on your phone. You’d either have to stumble upon their post by chance or they would have to tell you. This is the problem that trackbacks and pingbacks were built to solve. They were the engine of the blogosphere, letting people know their work was being discussed elsewhere. It was a system built to foster community.

From Manual Trackbacks to Automatic Pingbacks

As we mentioned, trackbacks came first. They were a brilliant idea, but they had a fatal flaw: they were too easy to spam. Because there was no verification step, spammers could send thousands of fake trackbacks with dodgy links, hoping that a few unsuspecting bloggers would approve them.

The creators of WordPress saw this problem and developed the pingback as an improvement. By making the process automatic and adding that crucial verification step, they created a system that was much more reliable and less prone to abuse.

For a time, it worked beautifully. Pingbacks helped build a genuine sense of community. Getting a pingback from a well-respected blog was a badge of honour. It meant you were part of the conversation.

Chapter 3: The Big Debate: Are Pingbacks Good or Bad?

So, pingbacks were once useful. But what about today? The internet has changed dramatically. Is there still a place for this old-fashioned technology, or is it more trouble than it’s worth? Let’s weigh the pros and cons.

The Good Bits: The Case for Pingbacks

Even today, you could argue that pingbacks have a few minor benefits.

Building Bridges: A pingback is still a notification. It can alert a smaller blogger that a larger, more established site has linked to them. This can be an encouraging boost and, occasionally, the start of a professional relationship.
A Trickle of Traffic: If your pingback is approved on a popular blog, it will appear in their comments with a link back to your site. A few curious readers might click on it, sending a small amount of traffic your way.
The (Mythical) SEO Boost: Back in the day, any link was a good link. Bloggers used to see pingbacks as an easy way to get backlinks, which are a key factor in how Google ranks websites. However, this is now a myth. Modern search engines are far too smart to be fooled. They understand that pingbacks are automated, low-value links, and they carry virtually zero weight for SEO. Believing pingbacks will help your Google ranking in 2025 is like thinking a horse and cart will win the Grand Prix.

The Bad Bits: Why Most People Ditch Pingbacks

The list of downsides, unfortunately, is much, much longer.

The Spam Tsunami: This is the big one. Spammers have figured out how to automate sending fake pingbacks on a massive scale. For every one legitimate pingback you get, you’ll likely get dozens, if not hundreds, of spam ones. They’ll link to dodgy websites and clutter your moderation queue. Managing this can be a full-time job if you don’t have good spam filters in place.
The Annoying ‘Self-Pingback’: This is a particularly silly quirk of the system. When you write a new post and link to an older post on your own website, WordPress dutifully sends a pingback to itself. This means you get a notification asking you to approve a link from you… to you. It’s completely pointless and just adds another useless item to your to-do list.
A Messy Comments Section: A good comments section is a conversation between you and your readers. Pingbacks are not part of that conversation. They are robotic, sterile notifications that get in the way. A long list of pingbacks can make your site look messy and can discourage real people from leaving a thoughtful comment.

The Ugly Truth: The Security Risk of XML-RPC

This is the most serious issue, and the one that should make every website owner sit up and pay attention.

Pingbacks work using a technology called XML-RPC. Think of XML-RPC as a side door into your WordPress website. It was designed to allow other applications—like the old WordPress mobile app—to connect to your site to publish posts or manage comments.

The problem is that this side door can be exploited by hackers.

Brute-Force Attacks: Hackers can use the XML-RPC file (xmlrpc.php) to try and guess your username and password. Because it allows them to send many password attempts in a single request, it’s a much more efficient way for them to attack your site than using the normal login page.
DDoS Attacks: This is even more common. Hackers can exploit the pingback feature on thousands of innocent WordPress sites, commanding them all to send pingbacks to a single target website at the same time. This floods the target with traffic, overwhelming its server and knocking it offline. Your site could be unknowingly participating in an attack on another website.

To keep pingbacks enabled, you must keep XML-RPC enabled. For this reason alone, most modern security experts and web hosts in the UK and beyond now strongly recommend disabling XML-RPC entirely.

Chapter 4: Taking Control: How to Manage Pingbacks on Your Site

So, you’ve decided you want to take control of the situation. Whether you want to turn them off completely or just stop the annoying self-pings, WordPress gives you the options. Here’s how to do it.

How to Turn Pingbacks On or Off (The Two Important Checkboxes)

You can find the master controls for pingbacks in your WordPress dashboard.

Go to Settings in the left-hand menu.
Click on Discussion.

On this page, you’ll find two checkboxes that are relevant:

“Attempt to notify any blogs linked to from the post”: This checkbox controls sending pingbacks. If you untick this, your blog will stop sending notifications to other sites when you link to them.
“Allow link notifications from other blogs (pingbacks and trackbacks) on new posts”: This one controls receiving pingbacks. If you untick this, other blogs will no longer be able to send pingbacks to you.

To disable pingbacks completely, simply untick both of these boxes and click ‘Save Changes’. This is the setting we recommend for the vast majority of websites.

Stopping Those Pesky Self-Pingbacks for Good

If you decide to keep pingbacks active but can’t stand your site pinging itself, you have two main options.

The Easy Way (A Plugin)

The simplest method is to use a free plugin. Search for “No Self Pings” in the WordPress plugin directory. Install and activate it, and you’re done. The plugin handles everything in the background.

The DIY Way (A Code Snippet)

If you’re comfortable editing your site’s files and prefer to avoid adding another plugin, you can add a small snippet of code.

Warning: Only do this if you know what you’re doing. A mistake here could break your site. Always back up your website first.

Go to Appearance > Theme File Editor.
On the right, find and click on the file named Theme Functions (functions.php).
Scroll to the bottom of the file and paste in the following code:

/*
 * Stop self-pingbacks on this site.
 */
function no_self_pings( &$links ) {
    $home = get_option( 'home' );
    foreach ( $links as $l => $link )
        if ( 0 === strpos( $link, $home ) )
            unset($links[$l]);
}
add_action( 'pre_ping', 'no_self_pings' );

Click ‘Update File’. This code simply tells WordPress to check all outgoing pings and block any that are pointing to your own domain.

Your Anti-Spam Toolkit

Whether you keep pingbacks or not, you absolutely must have a good spam filter.

Akismet: This plugin comes pre-installed with most WordPress setups. It’s brilliant at catching spam comments and pingbacks. You’ll need to get a free or paid ‘API key’ to activate it, but it’s well worth the effort.
Security Plugins: Tools like Wordfence or Sucuri Security often include options to disable XML-RPC completely, which is the most effective way to block all pingbacks and secure your site against those specific types of attacks.

Chapter 5: The Final Verdict: Should You Use Pingbacks in 2025?

We’ve looked at the history, the technology, the pros, and the cons. Now it’s time for a straight answer. Should you be using pingbacks on your British blog today?

For almost everyone, the answer is a simple and resounding no.

Why Social Media is the New Pingback

The original purpose of the pingback—to notify another creator that you’ve shared their work—is still valid and important. But the technology has been superseded by something far more effective: social media.

Think about it. If you link to another blogger’s post, what’s more powerful?

An automated pingback that lands in their spam-filled moderation queue, which they might see in a few days.
A friendly tweet saying, “Just published a new post on sustainable gardening, featuring a brilliant tip from @username! Check it out.”

The tweet is personal. It’s public. It tags them directly, sending a notification straight to their phone. It promotes their work to your audience, and it does so in a way that builds a genuine connection. A mention on X (formerly Twitter), a tag on LinkedIn, or a share on a Facebook Page is the modern, human equivalent of a pingback.

The Verdict for New Bloggers

If you are starting a new blog in 2025, one of the first things you should do is go to Settings > Discussion and disable pingbacks.

Your time and energy are precious. Don’t waste them deleting spam and managing a system that offers no real benefit. Focus on writing fantastic content, and when you link to other people, drop them an email or a message on social media to let them know. That’s how you build real relationships.

The Verdict for Established Websites

If you have an older website that has had pingbacks enabled for years, you should seriously consider disabling them now. The primary reason is security. Leaving XML-RPC enabled is an unnecessary risk.

The tiny amount of traffic you might get from pingbacks is not worth the constant spam filtering and the potential for your site to be used in a cyber-attack. It’s a simple piece of digital housekeeping that will make your site more secure and your life as a site owner much easier.

Conclusion: Closing the Door on an Old Technology

WordPress Pingbacks were a clever solution to a real problem in their day. They helped weave the fabric of the early blogosphere, creating conversations and connections in a world before social media dominated our lives.

But the internet has moved on.

Today, pingbacks are a technology past its prime. The benefits they offer are negligible, while the downsides—endless spam, comment section clutter, and genuine security risks—are significant.

Disabling them is one of the quickest and easiest ways to clean up and secure your WordPress site. By turning off this feature, you’re not missing out on a vital tool; you’re simply closing the door on an old-fashioned system and freeing yourself up to focus on the modern, more human ways of connecting with others online.