YAFWTF - what good is a phone call... if you're unable to speak?



  • Please excuse the cheesy matrix reference in the title but it was the first thing that got in my mind after I experienced Yet Another Forum WTF. I'd even be so bold to say, THE forum WTF.

    After reading in the Experts Exchange thread how the site let down their sophisticated pay-content defense mechanisms if the user agent identified itself as Googlebot, I got curious and changed my user agent string via Firefox' user-agent switcher add-on. The EE experience was not really spectacular but I got a nice surprise when i wanted to post again here afterwards. The post input box was gone. That is, I could still get to the "write new post" page and saw all the other controls - except the box where I was actually supposed to enter my post.

    Maybe it's just me, but I find a forum with a bug that breaks the core functionality of the whole application somehow zen...

    In any way, it really has to do with the user agent for some reason, because after I changed it back, it worked like a charm again. I have no idea why though



  • After reading in the Experts Exchange thread how the site let
    down their sophisticated pay-content defense mechanisms if the user
    agent identified itself as Googlebot, I got curious and changed my user
    agent string via Firefox' user-agent switcher add-on. The EE experience
    was not really spectacular but I got a nice surprise when i wanted to
    post again here afterwards. The post input box was gone. That is, I
    could still get to the "write new post" page and saw all the other
    controls - except the box where I was actually supposed to
    enter my post.

    Am I missing something here? You were deliberately impersonating the Googlebot, you weren't able to post and you actually think it's a bug?

    Has it occurred to you that maybe people who run forums don't want the Googlebot being able to accidentally post messages just by following links (which is after all what it does all day)?



  • Yeah, that was my first thought too.  It seems reasonable to keep a user from posting if you know it's a bot.



  • The wtf is that they added special code for it at all.

     

    Bots won't send anything through POST. They won't even follow the crappy ajaxified buttons that this forum has.



  • Isn't it against Google's terms to show different content to Googlebot? As far as I can remember, Google's terms state that Google needs to see the site exactly as a normal guest would.



  • @Daniel15 said:

    Isn't it against Google's terms to show different content to Googlebot? As far as I can remember, Google's terms state that Google needs to see the site exactly as a normal guest would.

    Yup:

    http://www.google.com/support/webmasters/bin/answer.py?answer=66355  



  • @rbowes said:

    @Daniel15 said:

    Isn't it against Google's terms to show different content to Googlebot? As far as I can remember, Google's terms state that Google needs to see the site exactly as a normal guest would.

    Yup:

    http://www.google.com/support/webmasters/bin/answer.py?answer=66355  

    These are just guidelines, and the old expert sexchange site probably spends enough money on Google that they are not going to be de-listed!



  • @burntfuse said:

    Yeah, that was my first thought too.  It seems reasonable to keep a user from posting if you know it's a bot.

    I agree on principle (even though I think it's a WTF of its own if GET requests triggered posts) but I don't think that was the intent here. If you wanted to make your forum bot proof, what sense would it make to hide the input form from the bot? The post button was still there and it worked. I could post. The result was the quote you get if you click the "quote" button. I just could not edit the text I wanted to post. 



  • Of course, evil bots tend to impersonate regular browsers anyway. I don't know if any of them impersonate Googlebot. The Bad Behaviour anti-spam kit has a large collection of fake user-agent strings that bots use, which puzzles me. It's not hard to capture a real UA string, so how do so many people manage to screw it up and create one with glaring errors that software can then pick up on?



  • @GettinSadda said:

    @rbowes said:

    @Daniel15 said:

    Isn't it against Google's terms to show different content to Googlebot? As far as I can remember, Google's terms state that Google needs to see the site exactly as a normal guest would.

    Yup:

    http://www.google.com/support/webmasters/bin/answer.py?answer=66355  

    These are just guidelines, and the old expert sexchange site probably spends enough money on Google that they are not going to be de-listed!

    LOL!

    Sorry, I'm really tired, so I found that extremely funny...
     



  • Ive heard it actually was their domain name: www.expertsexchange.com :) later they added the dash.



  • @GettinSadda said:

    @rbowes said:

    @Daniel15 said:

    Isn't it against Google's terms to show different content to Googlebot? As far as I can remember, Google's terms state that Google needs to see the site exactly as a normal guest would.

    Yup:

    http://www.google.com/support/webmasters/bin/answer.py?answer=66355  

    These are just guidelines, and the old expert sexchange site probably spends enough money on Google that they are not going to be de-listed!

    Parley!



  • @freelancer said:

    @GettinSadda said:

    These are just guidelines, and the old expert sexchange site probably spends enough money on Google that they are not going to be de-listed!

    LOL!

    Sorry, I'm really tired, so I found that extremely funny...

    I thought everyone had seen this (or one of the zillions of sites which has copied it).

    I don't know what the original source of this list is. That just seemed like one of the cleaner sites which hosts it.


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.