DEV Community

Discussion on: Is it safe to use Disqus for my Blog?

supunkavinda profile image
Supun Kavinda

Truthfully, I don't really know whether I have about commenters' credential. Should it remain anonymous, or should it be identifiable? Safety (of both client and server) should be the first concern.

Usually, logins/SSO for comments are used by websites that already have an authentication system. For example, take X company that provides a service for 1000 users. To allow those users to comment on their blog, they will need to ask them to signup for Disqus, Hyvor Talk, or whatever commenting platform. If they set up SSO, they can allow those users to use their accounts on their main platform. (Users love it - so do companies)

Self-hosting or using a hosted solution is completely personal preference :)

Thread Thread
patarapolw profile image
Pacharapol Withayasakpunt

What do you think of requiring email, and possibly generating Gravatar?

Actually, Gravatar has its own problem -- dev.to/gajus/stack-overflow-is-lea...

Thread Thread
developertharun profile image
Tharun Shiv Author

My personal opinion is, requiring login will prevent bots from spamming your website.

Thread Thread
supunkavinda profile image
Supun Kavinda

Hyvor users can set their profile picture. For guest commenters, there's a bunch of avatars to select.

You see Gravatar everywhere on the web, because of WordPress. However, I don't think we'll use it because

  1. There is a lot of large databases for md5 reverse lookups.
  2. The default picture when the email is not found isn't appealing (I don't know if it's possible to change the default)

And, we don't want to require emails. It's completely up to the owner of the website (can be changed in the console).