Security/Privacy Of Those Who Comment?

  • wpdabbler · Member ·

    If names and email addresses are required of those who comment, how is their information protected and how may it be used? What can I say or, preferably, point to, to reassure family and friends that providing their name and email address will not expose them to a flood of spam or worse?

    Also, I assume the name used does not matter, as long as the identical name is used with the same email address each time. Is that correct?

    Thank you for any assistance you may provide!

    The blog I need help with is: (visible only to logged in users)

  • kokkieh · Staff ·

    The only person who has access to the email address entered is the owner of the blog, so the only way that can cause commenters to receive spam is if you’re going to send it to them. WordPress does not send spam. You can see here which information WordPress stores from visitors to the site and how they use it: http://en.support.wordpress.com/private-user-data/
    http://automattic.com/privacy/

    The only reason for that comment setting option is to protect you, the blog owner, from anonymous comments and comment spam. If someone has to enter a name (even if it’s fake) and an email to comment, they’ll think twice about trolling your comments. Visitors can also leave comments by logging in via Facebook, Twitter and G+. You have the ability to remove restrictions so anyone can comment without logging in or providing an email. See these support docs for more information: http://en.support.wordpress.com/settings/discussion-settings/
    http://en.support.wordpress.com/who-can-comment/
    http://en.support.wordpress.com/facebook-and-twitter-comments/

  • auxclass · Member ·

    Also, I assume the name used does not matter, as long as the identical name is used with the same email address each time. Is that correct?

    To my knowledge no validation check is done unless someone is for instance a logged in WordPress.COM account (then the log-in is verified and your info is filled in to match the account) – but any name and any email as long as the email fits the format for a valid email address will work

    You can turn off the requirement to provide email address if you want as noted above and accept anonymous comments – people have mixed about that – some feel that attracts trolls – but remember if you have the comments to require moderation you can zap any trolls before they get started

  • timethief · Member ·

    Also, I assume the name used does not matter, as long as the identical name is used with the same email address each time. Is that correct?

    No they do not have to be identical.

    As kokkieh indicated this page > Settings > Discussion is where you set up defaults for comments.
    http://en.support.wordpress.com/settings/discussion-settings/

    Discussion Settings
    Other comment settings
    _Comment author must fill out name and e-mail
    _Users must be registered and logged in to comment

    Note that the prompt to submit and email address and a website URL will still appear, but providing an email address and logging in are not required, and you cannot change this so the prompt does not appear.

    You can post instructions for your visitors in a text widget if you wish to set up anonymous commenting. That’s easy to do. You copy and paste this into a text widget:

    Readers: Note that the email address and logging in prompts do appear for comments on this blog, but providing an email address and logging in are not required.

    P.S. Do be sure to set up full comment moderation ie. “An administrator must always approve the comment” because anonymous commenting is bound to increase the amount of spam your blog will receive.
    http://en.support.wordpress.com/settings/discussion-settings/#comment-moderation

  • wpdabbler · Member ·

    kokkieh, auxclass and timethief, thank you!

    I am not inclined to permit anonymous commenting, but I do not want to hold every comment for approval. Requiring a name and email address and automatically approving comments after one administrator approved comments seems a reasonable compromise. At least that is what I plan to try first.

  • timethief · Member ·

    Also note that any of these friends and family members can register a throw-away email address and use it. They don’t need to use their personal email address.

  • The topic ‘Security/Privacy Of Those Who Comment?’ is closed to new replies.