> i never understood why someone uses an external service for a simle discussion in a CMS
While Django/Rails indeed make it simple to implement per-article comment threads, the hard part is not the collection, storing, and display of comments. It's the fact that you're accepting content from people you don't know or trust and publishing it.
- Can people leave comments anonymously? Few blogs think this is a good idea anymore. So now you need a user identity system.
- Does that mean you're going to have your own user management just for leaving blog comments? Probably not. You don't want to have to manage password reset emails, for example. Letting someone else manage that is more sane. Someone like Facebook/Twitter/Google/Yahoo.
- So do you write integration with all of them yourself? Bleh.
- Then someone leaves a comment. Is it spam? You need integration with Akismet or a similarly powerful engine to help stem that tide. Doing it entirely manually is a huge time sink.
- But not all bad comments are spam. Some of them are ascii-art genitals. Sometimes people just use your comment thread as a soapbox for their personal crusades or get into pissing matches with each other. If you have many comments at all, you need a moderation system to prevent them from creating a hostile atmosphere that drives nice people away.
- You have to ensure that people can't use your comment form to inject a XSS attack onto your page, or exploit some security bug in your web framework to take control of your server.
So people save some sanity by just using a 3rd party blogging service entirely (Blogger, Tumblr, Wordpress.com), or embedding Disqus, or putting a link at the bottom of the post saying "Discuss on Hacker News".
Edit: added the "like social networks" example in the second bullet that was in my head but didn't get into the text.
You let it sound as if it would be such a great hazzle to setup a website, yet websites and comment sections existed for so much longer then disqus. And guess what, spam also existed back then!
Ok, i get it, people are just to lazy to do that work (but they find the time to integrate disqus...) but from my point of view they are leading me to a website i don't want to use at all. Disqus is like a hidden website embedded in the one i want to visit. The difference is that I know that and i block that. Other people use that service and might not even recognize that they are leaving their tracks on some other website they don't even know about. And in contrast to the usual ad/cookie tracking they might even leave their email address there.
And seriously... an easy to setup CMS, that has a "user identity system, optional openID, an anti spam measure like recaptcha"? Does such a feature-beast even exist amongst the quadrillion CMS that exist since the dawn of time? (<-- sarcasm)
When i go to blogger or tumblr or wordpress and leave a comment i am aware that i leave a comment on that site, and only on that site. That's a big difference. To me at least.
From my point of view the hoster of a website is somewhat responsible for my user data. He shall not send my password to some other party, or he shall not send my email to some other party, etc. Using disqus only shows that he doesn't really care to the extent i would wish my data to be handled.
Of course it is up to me to use disqus, but, as i mentioned, 99% of people wouldn't know what is happening.
> Of course it is up to me to use disqus, but, as i mentioned, 99% of people wouldn't know what is happening.
Not intending to sound ofensive nor harsh but 99% of people don't really care with what is happening.
And... as an experienced sysadmin (+15 years), I really disagree that get a VPS+Nginx+Apache+WP+MySQL+OAuth+Akismet running, and them, maintening it long term is as trivial as some Github/Tumblr pages (or a static site generator) with a pasted JS in the bottom of the theme file.
People don't really care because they don't "get" new technology. That doesn't mean you shouldn't care. One could even say that it is up to us (the tech-savy hacker news surfing sysadmins) to do the right thing.
As an experienced sysadmin you are telling me that setting up some basic blog with commenting takes a long time? Why would you even need nginx?! (or apache for that matter)
I would love to have something that includes a 3rd party thread in the article. For example, when the article gets posted to Hacker News or Reddit, then include those discussions in the article and make it part of the system. That way, I can read the article and still participate in the discussion on my favorite social network without having to open multiple windows or dance around between sites.
While Django/Rails indeed make it simple to implement per-article comment threads, the hard part is not the collection, storing, and display of comments. It's the fact that you're accepting content from people you don't know or trust and publishing it.
- Can people leave comments anonymously? Few blogs think this is a good idea anymore. So now you need a user identity system.
- Does that mean you're going to have your own user management just for leaving blog comments? Probably not. You don't want to have to manage password reset emails, for example. Letting someone else manage that is more sane. Someone like Facebook/Twitter/Google/Yahoo.
- So do you write integration with all of them yourself? Bleh.
- Then someone leaves a comment. Is it spam? You need integration with Akismet or a similarly powerful engine to help stem that tide. Doing it entirely manually is a huge time sink.
- But not all bad comments are spam. Some of them are ascii-art genitals. Sometimes people just use your comment thread as a soapbox for their personal crusades or get into pissing matches with each other. If you have many comments at all, you need a moderation system to prevent them from creating a hostile atmosphere that drives nice people away.
- You have to ensure that people can't use your comment form to inject a XSS attack onto your page, or exploit some security bug in your web framework to take control of your server.
So people save some sanity by just using a 3rd party blogging service entirely (Blogger, Tumblr, Wordpress.com), or embedding Disqus, or putting a link at the bottom of the post saying "Discuss on Hacker News".
Edit: added the "like social networks" example in the second bullet that was in my head but didn't get into the text.