Generated avatars should not be shown on moderation pages.

[podz]

When moderating a lot of comments or checking the akismet queue the presence of an avatar can assist when checking for spammers. If generated avatars are shown on those pages it will increase the time to check comments and could lead to spam being inadvertently approved.

These 2 pages should not show generated avatars.

/edit-comments.php?comment_status=moderated

/edit-comments.php?page=akismet-admin

This does mean that avatar-free users who have had a previous comment approved would not have their generated avatar shown. In this case their avatar would need to be shown.

[johnbillion]

Replying to podz:

If generated avatars are shown on those pages it will increase the time to check comments

Negligable. Gravatar CDN probably has less latency then the blog server in many cases.

and could lead to spam being inadvertently approved.

Maybe, maybe not. Not a strong argument though.

Wontfixing due to negligable usefulness and lack of traction in 2 years.

[Viper007Bond]

Replying to johnbillion:

Negligable. Gravatar CDN probably has less latency then the blog server in many cases.

You're completely missing the point of this ticket. This suggestion has nothing to do with the actual generating rather that spam bots lack a Gravatar, so by removing the generated avatars you can more easily spot posts by spam bots and such.

Tickets also shouldn't be closed without a community consensus IMO.

[nacin]

I had to read this ticket five times to realize it was not the same as #13275. I imagine johnbillion read it the same way. At this point, I believe I understand it to show the mystery man (or nothing) instead of, say, a monsterID, when the email doesn't have a gravatar. That makes sense to me.

Tickets also shouldn't be closed without a community consensus IMO.

I'm all for the cleaning of stale tickets by those who have the time and drive to do so. At least a few of us read every comment, so we can jump in and handle if there's any issues or conflicting opinions.

[johnbillion]

Replying to Viper007Bond:

You're completely missing the point of this ticket. This suggestion has nothing to do with the actual generating rather that spam bots lack a Gravatar, so by removing the generated avatars you can more easily spot posts by spam bots and such.

Ah-ha, that phrases the ticket much better and in fact I agree, this sounds like a good idea.

Opposing view just for the sake of argument: If a spammer should sign up for Gravatar (all you need to do to sign up is enter your email address on gravatar.com, click the link in the email and then upload a pic) and then leaves spam comments, would this not make his comment appear more legitimate in the comment admin screen due to the presence of an avatar? Would spammers go to this length?

Replying to Viper007Bond:

Tickets also shouldn't be closed without a community consensus IMO.

This was a stale ticket with small scope and no input in 2 years. As Nacin said, several people sub to wp-trac or the comments or timeline on Trac to keep an eye on closes.

[Viper007Bond]

Personally I think we should use the Mystery Man in the admin area, regardless of the settings. The lack of Gravatar would make me think ping/trackback. The advantage of Mystery Man over generated avatars is it's easy to spot.

Replying to johnbillion:

Opposing view just for the sake of argument: If a spammer should sign up for Gravatar (all you need to do to sign up is enter your email address on gravatar.com, click the link in the email and then upload a pic) and then leaves spam comments, would this not make his comment appear more legitimate in the comment admin screen due to the presence of an avatar? Would spammers go to this length?

It is a bit of an arms race, but it makes spamming harder maybe.

[solarissmoke]

Patch is quite simple - if there is still traction for this.

[mrmist]

+1 to this. It'd make scanning through my 700 spams much easier.

Should it apply to recent comments dashboard widget, too?

[markjaquith]

This makes sense to me. Might want to update the Gravatar settings text to indicate that the option applies to the front end of the site.

[solarissmoke]

Updated the patch to include the dashboard widget and make this explicit in the settings page as suggested by markjaquith. The settings text I've added probably needs to be improved however.

[nacin]

I'm not sure we actually need to update the instructions here.

[nacin]

And also, the proposed text isn't strictly true: It only applies for the frontend for comments. We use them for post locks, revisions, the users table, etc. I think this should just be a silent enhancement — too difficult to explain otherwise.

[nacin]

In 25091:

In the admin, do not use auto-generated Gravatar images for comment authors.

This makes it easier to recognize Gravatars (or lack thereof) when moderating comments.

props solarissmoke.
fixes #7054.

[FrankSwift]

Is there anyway to disable this functionality? I tend to read my comments in admin and the generic Mystery Man makes it more difficult for me to quickly scan for familiar commenters who don't use Gravatars. I don't have problems with spam as others, so this change is actually a hindrance to me for comment reading and moderation.

[SergeyBiryukov]

Replying to FrankSwift:

Is there anyway to disable this functionality?

I've uploaded a plugin to #25764 which does that.

[FrankSwift]

Replying to SergeyBiryukov:

Replying to FrankSwift:

Is there anyway to disable this functionality?

I've uploaded a plugin to #25764 which does that.

Thanks, I'll check it out.