Disqus and their WordPress integration are a joke (#E18F1)

There, I said it. I did use stronger wording in the first revision, though.

In no particular order:

Disabling the plugin and re-enabling breaks the comment integration. The three comments made via Disqus are still available on their page, they can still be exported to an XML file that cannot be imported anywhere, but they don’t show up here. That’s a fundamental no-go. It’s broken if it cannot do that. I will not enter a vendor lock-in when my benefits are ads over which I have no control or paying 132 bucks a year.

The Disqus plugin settings menu is utterly pointless if something goes wrong. It either does not even show that something is amiss, or it says “hey, there’s an error”. Thanks, very helpful. There’s no way to check the validity of the individual settings (public key, secret key, admin access token and the duplicate (or not?) site secret key).

Re-installation via plugin creates new secret keys. That’s great, except for the fact that the keys are specified here: https://disqus.com/api/applications/<application number>/ and are read-only. But wait, maybe it does trigger the key reset feature on that page? Nope, it doesn’t. Keys are still the same, it just creates an invalid one for the new site installation. Or maybe it tries to, but never reaches the Disqus servers?

Debugging that layered nonsense is close to impossible for the average Joe. When hitting the manual comment sync button repeatedly, there’s not much going on (according to the website). The network debugging tools in your browser however show that https://www.wanhunglo.com/wp-json/disqus/v1/sync/comment is pestered by some en.disqus-admin.bundle.3.0.21.min.js with POST data – and gets a HTTP 500 back. Why the fuck isn’t that shown in the user interface? And how does that file name match the 3.0.22 plugin version?

Googling a bit yields someone recommending setting up access on the above API page (but one click deeper, like on the page name itself while on another duplicate Disqus account page that just leads to your very own website). Standard is “read, write”, but should be “read, write, manage forums”. I’m not even sure if that sets the page or user permissions, but even with everything enabled, there’s no visible change on the plugin pages.

Well, maybe the local WordPress installation is at fault here. One test page for API functionality is https://wanhunglo.com/wp-json/disqus/v1/sync/status, and it states an HTTP 401 “You must be logged in and have admin permissions for this resource.”. So it’s working in general but doesn’t offer any useful information to simple HTTP requests. Alright, the other recommended page is https://wanhunglo.com/wp-json/disqus/v1/sync/webhook. That one yields an empty page. And looking at the network debugger, it’s more like a silent HTTP 404. However, loading nonsense addresses like https://wanhunglo.com/wp-json/disqus/v1/sync/webhooks does yield true 404s with a message: {"code":"rest_no_route","message":"No route was found matching the URL and request method.","data":{"status":404}}. The fuck, WordPress, the fuck?

Probably time to set define('WP_DEBUG', true); in the WordPress config. Well, aside from a message indicating that FORCE_SSL_ADMIN is placed too late in the file, not much going on. I even had doubts if it’s really logging to the wp-content/debug.log file (I fixed the SSL thing first), but it is. Even the full debugging setup of
define('WP_DEBUG', true);
define('WP_DEBUG_LOG', true);
define('WP_DEBUG_DISPLAY', true);

does nothing, since, well, it’s messing up something in the backend that doesn’t get logged. There’s also no PHP errors, no Apache errors, and the general access logging is a bit bland:
www.wanhunglo.com:443 - - [06/Jun/2022:02:46:44 +0200] "POST /wp-json/disqus/v1/sync/comment HTTP/2.0" 500 1260 "https://www.wanhunglo.com/wordpress/wp-admin/admin.php?page=disqus" "Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0". Yes, we already know it’s a 500, and Mozilla is too lazy to run patched 91.9 ESR browsers with an updated user agent.

Since the plugin does pick up a number of comments previously synced from the local installation to Disqus plus all Disqus-only comments as well (“Progress: Syncing 0 of 9 comments”), I think that’s all I can do. It does connect fine, it just won’t sync. And I’m not going to set up wireshark on a server that I do not own to figure out stuff that the original developers don’t even know or care about.

If Disqus “free” shoves advertising down your throat, I expect it to work properly. In that case, universal access to their service is key and they business model is getting everybody onboard to sell ads and maybe do unethical things with the collected comments and associated metadata.

If Disqus costs (at least) $132 annually, I very much expect it to work and to be documented for Jane Doe to install and somewhat troubleshoot it. Since, if it isn’t, nobody will renew their subscription or come to that crazy decision in the first place. They aren’t German State Television with a guaranteed paying customer base for life – people will leave.

The WordPress plugin homepage speaks volumes about the current state of the software:

This plugin hasn’t been tested with the latest 3 major releases of WordPress. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

it says on the top. Last updated “one year ago” it says on the right hand side. And the comment section features one of those posts roughly every month:

We are a paying customer and would like to know when the plugin will be updated to support the latest version of WordPress.

(that dude addressed the 5.9 release – I’ve updated to 6.0 yesterday, by the way)

Well, the overall plugin rating is as expected:

Must have had their heyday back when they also powered big sites like Engadget – and choked on their success, greed and subsequent bad business decisions just like Engadget, now part of the winning team over at AOL/Yahoo :lol:

To summarize: This is horse shit. Disqus is now removed again, got a one-star review and sorry guys, your three comments are lost. I made a mistake moving to Disqus and got wpDiscuz set up now to replace it. That one keeps comments local again, but does implement a captcha verification and/or support for 3rd party login services so that commenting should be accessible to almost everyone again while simultaneously keeping out the good ol’ spam bots. Testing now – maybe leave a spammy comment for me to moderate :twisted:

Notify of
:mrgreen:  :neutral:  :twisted:  :arrow:  :shock:  :smile:  :???:  :cool:  :evil:  :grin:  :idea:  :oops:  :razz:  :roll:  ;-)  :cry:  :eek:  :lol:  :mad:  :sad:  :suspect:  :!:  :?:  :bye:  :good:  :negative:  :scratch:  :wacko:  :yahoo:  :heart:  B-)  :rose:  :whistle:  :yes:  :cry2:  :mail:  :-((  :unsure:  :wink: 
Inline Feedbacks
View all comments