Skip to main content.
Sunday, December 18th, 2005

Logging In

Well, the consensus is that it would be best to create a new plugin from scratch, which I agree with, but the trouble is the time it’s going to take. I would want to do it right, which would take a while. I figure in the meantime that I should publish my WP-UserOnline hacks as soon as I’ve finished the documentation, which the guys can test out. It may also give them ideas for what should go in my project.

Vincent seems to think that getting visitors to register is a good idea, and that distinguishing the registered users from the casual visitors is a way to motivate people to do that. I’m not quite sure I agree with that position.

The old WP-UserOnline plugin didn’t use registered users – it used the ‘comment_author_’ cookie. If you look at my last post, you’ll see a couple of comments posted by me saying “Give me a cookie”. That’s because I was using FC4 at home, which I still haven’t set up completely, and Mozilla didn’t have a cookie stored for me. In fact, I had to post a second comment to get a cookie for when I was logged on as root, which I did to grab the bookmarks out of my WinXP partition (I haven’t finished tweaking my fstab yet, and only root can access the ntfs partitions.) I’m sure the author had a good motivation for choosing to use the comment_author_ cookie, and I’m sure it was because he didn’t expect visitors to routinely register when they go to blogs, even ones that they visit a lot. But if someone was interested enough to leave a comment, he or she got a cookie that identified them later.

That strategy isn’t perfect, but I think it’s a lot more practical than expecting visitors to register when they visit your blog. Personally, I hate registering, and I’ll only do it if it gives me a distinct advantage. Even without customizations, you can understand why someone would want to be part of the community at Slashdot or SourceForge, but do they want to do it just to see one article at the West Chester (Pennsylvania) Daily Local News, or to read and post a comment on anything less than a top 100 blog? I don’t think so. They probably arrived there from a search engine, and they don’t even know if the article or post contains the information they’re looking for. They have 2,000 other hits, so why bother? Just go back and try the next one. This is why I use the BugMeNot extension for Mozilla. Besides, do you remember what it was like to register at a WordPress site? It’s much more of a hassle than filling in your name, website if you have one, and email to post a comment. The entire WordPress registration system needs to be rewritten or bypassed. Vincent points out that he took pains to prominently position a login box in his sidebar – that’s great, but to really encourage logging in we need a cookie system where you get that little “Remember me on this computer” checkbox and an automatic login when the visitor returns.

An alternate strategy is to use a single sign-on registration system, such as MSN Passport or TypeKey, or the less rigorous identity system OpenID; all of which I have actually signed up for, but don’t necessarily like. Of the three, OpenID is less oppressive because it is open source and uses a decentralized verification system. However, it’s not for the casual net surfer – you have to have a website, and you have to be able to insert the appropriate meta tags in your root page. This is an evolving situation – website operators want to verify the identity of their visitors, but a huge founding principle of the Internet is anonymity, and lots of people just don’t want to give it up. So far, no dominant identity verification system has emerged, but I see that eventually changing. Historically, in the struggle against personal privacy and public accountability, the tide is slowly and inexorably moving towards the individual surrendering his or her freedoms. This is why I regularly read the RSS feeds from Bruce Schneier, the Electronic Frontier Foundation, and DRM News, and am a card-carrying member of the ACLU, even though I consider myself a conservative; although my definition of “conservative” falls more in along the lines of the traditional Burkean conservatism than those damned religious zealots who have tried and apparently succeeded in rewriting the definition of conservatism, at least in the United States. (Oh crap, I’ve gone on in this vein long enough that I will have to tag this post with Politics as well.)

I’m not aware of any plugins that would extend this capability to a WordPress blog. [Revision – there’s a WP OpenID plugin here – it looks a little clunky, but that was 4 months ago.] I’ll have to look. But I was thinking of something else. I’m also interested in visitor tracking – at first because I was curious (and wanted to demonstrate to my friends that I knew when they came to visit), but then because the practical considerations of running a website that attracts visitors requires that you know what draws people to you – how you are positioned in search results using terms appropriate to your interests (search engine optimization), how long visitors stay, if and where they go elsewhere on your site after that first hit, how many incoming links you have, etc. Vincent knows what I’m talking about, because he is interested in “building a community around your weblog.” Since I’m a really cheap bastard, it’s notable that of all the bells and whistles my hosting service tries to lure me with, one of the few extras I have purchased is the extended traffic reports, which also gives me access to server logs. I’ve also been trying out free web-based services, even though it slows down my pages’ load time, and delivers my personal traffic information to a company who’s corporate interests are not likely to be the same as mine. I just thrive on this information, and it affects the content I end up putting up – I am more likely to blog on a subject that I have learned draws more traffic. But I was also thinking about writing a plugin that would track my visitors for me – catching and storing the particular information that I am interested in, and giving me the detailed read outs and spiffy features on my blog for the visitors – such as a world map with pins showing where my visitors come from. I love Sitemeter’s Recent Visitors by World Map, even though it looks like an open source project rip-off, and I’ve signed up for and started using my Google Maps API key so I can play with that little toy.

So to complete the lead-in, I’m thinking about using using visitor recording and fleshing it out with something more subtle, perhaps more Machiavellian. I don’t think we can count on any significant portion of our traffic to come from registered users, no matter how attractive we make registration. Because most surfers have dynamic IP’s, we can’t track visitors on that alone. Cookies might help, but without the visitor’s cooperation, we can’t get a name to go with the cookie, even if we can get past the increasing precautions against cookies thanks to the spyware problem. We could try to match any new visitor against our record of past visitors, using not only cookies and ip addresses, but also useragent strings, ISP and geographic information looked up on the ip’s, and ephemerals such as language settings and monitor resolution. We could generate a fairly high probability of recognition after a few visits, and it’s the repeat visitors we care about. Of course we would need a good privacy policy and notifications of the fact that we’re trying to place cookies, and why. What about redirecting a suspected repeat visitor to a page set up to invite him or her to register – not in the WordPress sense, but a quick-and-easy and in-your-face way, for our own tracking and recognition purposes. But what benefit can we offer them for registering? Registering in forums is expected, and there is a recognized advantage in getting credit for what you have to say; or the alternative – the community recognizing someone who doesn’t have anything to say that’s worth listening to. (Besides, in most of them I get to put up my spinning skull and crossbones image as an avatar.) But a forum is by nature built on a sense of community – people coming together to seek answers, ask advice, share knowledge, or show off their expertise. What sense of community does a blog have? After all, it’s just a public journal, isn’t it? It’s more an interrupted monologue than a dialog. If you peel through all the layers of reasons and rationalizations for a blog to exist, does it ever come down to anything else at the very core other than a search for external validation of self? Does showing a list of names on our site do anything other than prove that we’re interesting? How do you build a community around that?

Real participatory websites have a reason for being, most of which I already described. And they’re usually not blogs, except for the top rated ones, when they are actually a discussion group set up and led by a controlling instigator. WordPress is supposed to be a blogging tool, and if you want to set up a website for, say, a local chapter of a non-profit professional organization or a high school extracurricular activity, you should probably be using some other software. (And if you know something better for either of those applications than the lumbering Mambo, please let me know!!) I don’t see a need for a chat room in a blog. Yes, I met my wife in what was essentially a chat room, but kids nowadays keep their IM client open whenever they’re on the computer, and it seems to me that a chat room is extraneous. I could be wrong – throughout the day today I kept seeing Vincent on my site, and several times I felt the urge to tell him I was working on such-and-such, or to kid him about looking over my shoulder, and I only had the options of posting a comment or contacting him through email. I guess there’s been many times I saw someone on my site and wanted to say something to them and didn’t even have their email. Unfortunately, a PHP controlled, database rooted, dynamically-generated website relies on the visitor either refreshing the page or clicking on a link to another site page to get new information. It’s kind of hard to shoot them a message that way.

I guess I sound like I’m trying to talk myself out of this, but that’s not what I mean. There are still plenty of technical challenges and learning experiences waiting for a project like this. But no matter how perfectly I could design, code and implement this, it would mean nothing if it relied on a premise that was unsupportable. You would end up with a feature that showed yourself, maybe one or two groupies, and a whole lot of Guests, even when you had high traffic. Although that might be ego-stroking for the blogger, it’s not really different, other than in style, than the existing plugin.

Posted by Greg as Politics, Programming, Society at 12:11 PST