[wp-meta] [Making WordPress.org] #4696: Hide profiles.wordpress.org from non-logged in users

Making WordPress.org noreply at wordpress.org
Wed Aug 21 15:11:42 UTC 2019

#4696: Hide profiles.wordpress.org from non-logged in users
 Reporter:  jdembowski  |       Owner:  (none)
     Type:  defect      |      Status:  new
 Priority:  normal      |   Milestone:
Component:  Profiles    |  Resolution:
 Keywords:              |

Comment (by jdembowski):

 Replying to [comment:35 jonoaldersonwp]:
 > We're going round in circles. Let's summarise the moving parts.

 I do not like circular arguments either and I'm hoping we can stop. I get
 that we're both intractable in our positions but you are not addressing
 two points.

 1. The profiles.wordpress.org site isn't FB, Twitter or free HTML hosting.
 It's not but it is being used that way in ''amazing'' quantity by bad
 actors. That has to stop.

  2. The solution I am proposing doesn't negatively impact users in the
 community. That's the target audience for anything related to WordPress.
 It's as obtrusive as requiring a .org account to comment on a make blog,
 which is to say not obtrusive at all.

 > Having complete, accessible, rich profiles of real WordPress
 users/contributors on wordpress.org is a key part of the broader SEO
 'strategy' for the site (or, it would be, if we had such a thing). The
 profiles should be the definitive 'version' of these
 authors/users/contributors, in the context of WordPress.

 I completely disagree. See point 1 above.

 > Therefore, failing to preserve the crawlability, indexability and UX of
 current, valid profiles isn't an option.

 As it has been implemented in other places on wordpress.org already, it is
 a valid option and just as before directly addresses the problem ''as it
 did on the forum profiles''.

 > Any scenario whereby we penalize legitimate users, consumers, or Google,
 will harm the visibility and performance of the wordpress.org site, and by
 extension, WordPress' reach.

 I'm not being obtuse, but this does not penalize any legitimate users.
 Item 1 above.

 > So, any solution to the problems of:
 > 1) Automated spam ''registrations'', and;
 > 2) Automated or manual spam profile ''content'', and;
 > 2) More sophisticated, manual spam ''detection/classification
 > ...Must be dealt with in a way which doesn't:

 This next part is not mean, it is not sarcasm and I genuinely hope that no
 one takes it as that. I participate in WordPress.ORG with respect and
 there is nothing here from anyone that I think is bad, rude or anything
 like that.

 I am asking you and anyone replying to this ticket to please not expand
 this very specific issue regarding profiles.wordpress.org to a wider
 scope. I'm not trying to drain the ocean but I do want this spam venue
 closed without forbidding users from viewing and enjoying the profiles of
 legitimate users and people who have contributed.

 Please stop trying to make this issue about something else. It's only
 about profiles.wordpress.org and the spammy pages there.

 > I maintain that the cleanest first-wave solution to reduce the sheer
 volume of spam is to:
 > 1) Implement modern, invisible spam prevention techniques on the
 registration form.
 > 2) Noindex empty profiles, until they're "not empty" (details TBD).
 > 3) Run profile content submissions/updates through Akismet.
 > 4) Continue to ensure that external links on profiles have a
 ''nofollow'' attribute.
 > Following this, we may wish to review further, more nuanced processes
 for more aggressive/sophisticated/nefarious abuse which these processes
 don't catch.

 Please see above about changing the scope of this problem.

 What you are proposing does not address that though they are not bad ideas
 in a general sense.

Ticket URL: <https://meta.trac.wordpress.org/ticket/4696#comment:36>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org

More information about the wp-meta mailing list