The Geekorium

I’ve re-enabled comments here at The Geekorium, and imported all my old comments, so go nuts!

To import all your old comments, I used a script written by someone else, then parsed them through a dodgy PHP script I made myself to rename everything into the format my site is relying on, so there might be shenanigans with the imported comments. Please let me know if anything seems off.

That leaves me with the next question: how do I ensure I don’t get flooded with spam? I’ve had comments back on for all of 2 days, and I get a steady trickle of Pull Requests from the Staticman bot triggered by spam comments. On the Wordpress site I had Akismet turned on, which all but eliminated bad-faith for me, the way modern email clients almost never let the chaff through.

The simplest answer is the Google reCAPTCHKA¹ - the latest version doesn’t even ask you to tick the “I’m not a robot” box let alone click on thirteen boxes of street crossings. It’s a tempting solution, but it’s owned and operated by Google, and everything your users do on your website is captured for analysis. As spelled out in their documentation:

reCAPTCHA works best when it has the most context about interactions with your site, which comes from seeing both legitimate and abusive behavior.

Additionally,

reCAPTCHA learns by seeing real traffic on your site.

In a perfect world, Google would only use this data to improve the service. Maybe that’s all they’re doing, but I take my reader’s privacy seriously - more than my own - and I’m genuinely concerned what Google is doing with this enormous corpus of user data capcha’d by these little blue boxes all over the web. They’re more pervasive than Facebook logins and social buttons, and unlike the earlier version, it’s no longer training robots to recognise trains or traffic lights, it’s training computers how to recognise human behaviour.

There’s also the question of how these work if people choose to disable javascript. The theme I’m using relies on more JS than I’d like already, but at least it degrades elegantly. I’m not so sure about recapcha and I can’t find an answer on their website.

It’s looking likely I’m going to have to palm user data off to someone to determine if they’re a robot or not. I’m not happy about it, but it appears to be the price unless I’m willing to sift through dozens of spam comments a day. It wouldn’t be so bad, except Git’s policy of keeping history means that the spam I receive is attached to my site’s repo forever, even if the comment never makes it here.

My final recourse is to try something that I’m guessing won’t work for long. Staticman has a feature that checks for valid form data. The check is basic enough that the field can be present in the data as long as it’s blank. If it has a value set it immediately fails validation. I’ve set a dummy field in the form that needs to be left blank. If a ‘bot fills it in, it should get picked up and fail to submit. I’m not sure how long it will slow them down, but I’m going to give it a shot.

I’ve also disabled the form on posts older than a month, so if you want to comment, do it now!

Update: 24 hours without a spam comment. Success!

One thing that moving away from WordPress means is that I can no longer publish on the go.

I mean, I never really did, but at least I had the option. Now to post I must be in front of my PC with the Hugo software installed and a copy of my repo. I could get the repo on any computer and even install Hugo if I needed to be elsewhere, but my home computer has the key to log into my server, so I’m not making it easy on myself.

I can however, use a portable git client (I’m trying out FastHub for GitHub and write my posts on the go, then tidy and publish them later.

I’m banking on the idea that reducing the barriers to writing will increase the number of posts that get published. We’ll see.

Quick plugin plug¹

Favicons are those little icons that websites display in the address bar (or in the open tab in Chrome). They’re usually about 16 pixels square (which is tiny) but it adds a bit of professionalism to your site, and lets people figure out which site is yours if they have dozens of tabs open. You can get plugins for photoshop that will let you save files as “.ico” files so you can create a favicon.ico file. Then you can upload your file to your website and link to it and… well it’s easy, but kind of annoying to get right.

Enter Shockingly Simple Favicon:

Shockingly Simple > Favicon A simple way to put a favicon on your site. – matias s

Install and activate and follow the instructions on the configuration page. The page includes better information than I’ve provided here, and a whole bunch of ideas for creating your own favicon.

Go to it!

When I started the Geekorium (back then, just “nunnone”), I decided to do it without ads. It was a protest against the appalling punch-the-monkey type ads that were most common at the time, and something I felt proud of. My website was not made to “generate revenue”, it was a place to be me and as such I was happy to pay for it out of my own pocket. It’s sort of my only expensive hobby that Mil looks away for.

Then a year ago I briefly dabbled with putting ads on my site, then in my feeds. I never generated any money from them, and they cluttered up my site so I killed them, and I’m still happily ad free here.

But I kinda feel the pressure to have ads on my First Waves site, so I’ve done it. I feel kind of dirty, but as someone who wants to make money off of this thing called the internet, I feel it’s my duty to understand how the advertising world works. If only so one day if someone asks me to help them set it up I can do so without looking like a goob.

But I still can’t help feeling a bit dirty about it. Ads have improved a lot since the days of AOL and Yahoo “start pages” where the ads almost drowned out the useful information, but now when I visit a site that I enjoy, I still have to wade through layers and layers of ads that push the content to the side and intrude on the reading. I never want that to be the case on my sites. Advertising should always be secondary in my opinion, but is that an unrealistic ideal? My biggest concern is that the ads I have are distracting and ruin the look of the site. I realise that’s kind of the point - to draw attention to them, but I can’t help but feel like the ads have killed what little aesthetic appeal I was able to impart to the site.

I know most of my friends with websites have ads, so maybe I can guess what they’ll say. I also don’t want to accuse them of being sell-outs - it’s purely my own misgivings about advertising that make me feel a bit like I’m selling out my “principles” such as they are.

But I am curious to know what you all think? I happily pay enough of my own money to keep my Geekorium running ad free, and First Waves currently adds no extra expense, so it’s not vital to have ads. I also don’t really make anything off the ads I have at the moment, so it’s not like I’ll miss them if they go. It’s just the “cha-ching” I hear when I think about it that’s got me a bit worried I’ve gone to the dark side. I also love the idea that one day¹ I might have a few people writing articles for FW, and would love to be able to pay them to do so.

So should I keep FW ad free and uphold my vision for ad free content that people like to read? Or should I forget my concerns and happily take the cash? Should I put even MORE ads on? Ads on my Geekorium? Monetise my Twitter Feed? Actionise my synergy? What do you reckon?