Remove Default Plugins From WordPress Install

Speaking of Akismet, you can use Akismet for FREE if you use the personal plan. It gives you an option to name the price, where you can choose to use the plugin for FREE.

Hardeep, I understand that. But as a commercial user, I am obligated to pay, and the fee is not unsubstantial – $600 a year (62.5 cents per mille – provided you max out the 80k a month).

My point is more that giving preferential standing to one product over another, and continuing to include it in every download seems a bit out of line.

The majority of WordPress users are not commerical, so having a plugin that is free for them and helps them fight spam is a great tool.

As for Dolly, she’s an example of a very simple plugin, meant to inspire people to develop their own ??

More and more wordpress is a tool used by corporate, social groups, politicians, and the like. It’s grown into a near full on CMS. The more commercial users you have, the more they will question what they are obliged to install or what is installed by default.

If you want to fight spam, wouldn’t it be better to have a default program like a captcha using the Google captcha system? I don’t see Akismet as a huge spam fighter (it lets too many bots through), as much as making people think they are protected when they really are nowhere near completely covered.

Dolly is nice, whatever… but including it in every update doesn’t really help.

Captcha’s been broken for years, and its not user friendly. The blind and deaf hate it and I can’t blame them :/

Akismet takes 90% spam out of equation for me. Spam is a part of blogger’s life, so it makes sense to have Akismet plugin.

Ipstenu, actually ReCaptcha seems to work very well, adding it onto a blog has gotten me only one or two spam comments, both non-bot real person type spams, and plenty of positive comments from users. The audio feature seems to work fine as well. It’s not perfect, but it’s not less perfect than Akismet seems to be.

Hardeep, with respect, I understand that Akismet gets rid of some spam, but really not all of it. It’s as good a plug in as some of the other anti-spam options, from recaptcha and similar tools to hardening options. My only point is that it seems unfair to give this one tool preferential status over the others, especially when it is a freemium product offered as part of a money making business. Why not have a few other anti-spam tools in every install as well?

ReCaptcha doesn’t work for people with limited eyesight and hearing. From that angle, and from the one that if you google “captcha hacked” you’ll see how many are broken, I personally cannot recommend it ever.

Akismet’s left in because it’s maintained and monitored and supported by WordPress devs. It’s… yes. It’s preferential because we KNOW it’s not going to mess things up, that it won’t slip in back doors, and it has a proven track record AND it doesn’t break themes/plugins/access 99.999% of the time.

Also Akismet has been here and in WP for … Gosh, I can’t remember when it wasn’t (so over 6 years). It’s been there before there were all these companies. It’s grandfathered in.

You can hate it, but it’s here to stay since it lets people leverage Jetpack and other features from .com as well, which a lot of people want.

Mika, I think you need to go back and re-look at ReCaptcha. It has an audio option, where users can click an audio button and hear the actual code. Generally I am seeing spam drop to next to nothing as soon as I install it, with little impact on the number or ratio of comments to posts.

Most of the rest of your answer is sort of dancing around the fact that it’s an in house project that pays the bills, so it’s left in by default. It’s just sort of annoying for more pro users to have this thing show up that you have to pay to use – and the price isn’t all that good either. There are plenty of very basic concepts (the old “what is two plus 6?” question box) that would likely give very similar results in fighting spam. Why not integrate one or more of them right into the basic product? Is the goal removing spam, or is the goal more… umm, obvious?

Mika, I think you need to go back and re-look at ReCaptcha. It has an audio option, where users can click an audio button and hear the actual code.

Yeah, I know that. You’ve never met anyone both visually and editorially impaired? ReCaptcha sucks for them. Making light of it by saying ‘they have an alternative!’ doesn’t work, because captcha is not accessibility friendly. Nor is it effective if the spammers decide to target you. You can look up the studies if you’re interested, just google ‘Captcha broken’

I danced around the rest because… well. Yes. It’s special and it’s weird and it’s grandfathered in. And that kind of what it is. You don’t have to use it, though, and you can lie and use it for free (though it’s nice that you don’t). I don’t have, and thus cannot provide, a definitive answer beyond that, and I don’t want to lie ??

Actually, I have a family member who is entirely blind, so I have plenty of experience with how they deal with (and don’t deal with) the internet. Recaptcha is not perfect, nobody is claiming it. However, it is functional. Most spammers are not going to spend the time and money to get past captcha, a few will but most will not.

The point is more this: It isn’t any less effective in dealing with spam as compared to Akismet, so it’s disappointing that something is grandfathered in while not being the optimum solution.

As for using it for free, if you have a popular site (at least popular with the spammers) you will blow past the volume levels very quickly that will make it say that you need a commercial license. The first level of license is insufficient for the most part, meaning that you have to pay on a volume level. This isn’t for a service you need, but to protect against a weakness and deficiency of how wordpress handles spam.

It’s funny. I came to realize a while back that wordpress’s problem of spam is exactly the same problem as why spam is such a problem in email: Overly permissive and easily manipulated systems, with default settings of wide open which invite, permit, and encourage spammers at all levels. The solutions generally put forward are like sandbags in a flood, a poor line of last defense for something you can’t stop.

So the real solution is changing the core function and core functionality to better serve real users and to make it less appealing to spammers. WordPress installs are too easy of a target with default settings that encourage them. As an example, allowing people to post a comment based not on the name of the post (or it’s permalink) but rather allowing them to use the postID, even if you are specifically not using postID in your blog. Ever wonder why your spam often attacks older posts? it’s because they just aim at a random low post number and fire away. Often once they have one comment accepted, they will automatically add that post number and domain onto a list and come back to spam it again and again. Even if you decline the comment or mark it as spam, as long as it gets accepted on submission, they keep coming back. They exploit a weakness in the way wordpress approaches spam to make it easy for them to spam.

Re Dolly: It’s been stated on another thread that the image manipulation features were taken out because they were only used by a minority. As (probably) and even smaller minority of people build their own plugins, what’s the rationale for keeping Dolly in?

Re Askimet: If fighting spam is so important (and I’m not saying it isn’t) and it’s something that would benefit ALL users, why isn’t there an anti-spam feature in the core?