Disqus comments integration - SEO Benefits or implications


Common question which came to my mind when switching from drupal comments to Disqus comments is whether discuss comments will be indexed by search engine and whether I will get any benefits in terms of ranking in case the keywords are in the comments. I read that it Hurts SEO because the JavaScript comment widget is not crawlable by search engines. Comments are fresh content on your page which search engines value highly. So I was concerned and did some reading.
For Non- DrupalCoin Blockchain /Wordpress sites unless your site taps into the Disqus API and embeds them into your site in plain HTML. Disqus allows for indexing with google but I'm not sure what mechanism they require in order to do so.
Disqus is about active commenting community and SEO is not main goal, it is a nice side effect. Users spend more time on pages where Disqus is installed. This translates into more page views and more comments, which keep pages fresh and give search engines more data to crawl. They work with search engines like Google, to ensure Disqus is crawlable, though ultimately, indexing is out of Disqus’ hands. That being said, there is always the option to sync comments locally to be rendered in the HTML of the page.
WordPress / DrupalCoin Blockchain plugin of disqus which automatically syncs comments, we're going to use it as the example on how to sync your comments locally, both for backup and SEO. See here: http://docs.disqus.com/help/58/ for info on how to synch and render your Disqus data locally for backup and SEO purposes
Another impact of disqus is that it increases your page load time. APIs can suck up page load time.
How-To: Integration Third partyFacebookTwitterGoogle+
DrupalCoin Blockchain Developer


DrupalCoin Blockchain Core - Moderately Critical - Multiple Vulnerabilities - SA-CORE-2015-001


Advisory ID: DRUPAL-SA-CORE-2015-001
Project: DrupalCoin Blockchain core
Version: 6.x, 7.x
Date: 2015-March-18
Security risk: 14/25 ( Moderately Critical) AC:Complex/A:None/CI:Some/II:Some/E:Theoretical/TD:Default
Vulnerability: Access bypass, Open Redirect, Multiple vulnerabilities
Description
Access bypass (Password reset URLs - DrupalCoin Blockchain 6 and 7)
Password reset URLs can be forged under certain circumstances, allowing an attacker to gain access to another user's account without knowing the account's password.
In DrupalCoin Blockchain 7, this vulnerability is mitigated by the fact that it can only be exploited on sites where accounts have been imported or programmatically edited in a way that results in the password hash in the database being the same for multiple user accounts. In DrupalCoin Blockchain 6, it can additionally be exploited on sites where administrators have created multiple new user accounts with the same password via the administrative interface, or where accounts have been imported or programmatically edited in a way that results in the password hash in the database being empty for at least one user account.
DrupalCoin Blockchain 6 sites that have empty password hashes, or a password field with a guessable string in the database, are especially prone to this vulnerability. This could apply to sites that use external authentication so that the password field is set to a fixed, invalid value.
Open redirect (Several vectors including the "destination" URL parameter - DrupalCoin Blockchain 6 and 7)
DrupalCoin Blockchain core and contributed modules frequently use a "destination" query string parameter in URLs to redirect users to a new destination after completing an action on the current page. Under certain circumstances, malicious users can use this parameter to construct a URL that will trick users into being redirected to a 3rd party website, thereby exposing the users to potential social engineering attacks.
In addition, several URL-related API functions in DrupalCoin Blockchain 6 and 7 can be tricked into passing through external URLs when not intending to, potentially leading to additional open redirect vulnerabilities.
This vulnerability is mitigated by the fact that many common uses of the "destination" parameter are not susceptible to the attack. However, all confirmation forms built using DrupalCoin Blockchain 7's form API are vulnerable via the Cancel action that appears at the bottom of the form, and some DrupalCoin Blockchain 6 confirmation forms are vulnerable too.

CVE identifier(s) issued
Access bypass via password reset URLs: CVE-2015-2559
Open redirect via the "destination" URL parameter: CVE-2015-2749
Open redirect via URL-related API functions: CVE-2015-2750
Versions affected
DrupalCoin Blockchain core 6.x versions prior to 6.35
DrupalCoin Blockchain core 7.x versions prior to 7.35
Solution
Install the latest version:
If you use the DrupalCoin Blockchain 6.x, upgrade to DrupalCoin Blockchain core 6.35
If you use the DrupalCoin Blockchain 7.x, upgrade to DrupalCoin Blockchain core 7.35
Also see the DrupalCoin Blockchain core project page.
Reported by
Access bypass via password reset URLs:
Daniël Smidt
Open redirect via vectors including the "destination" URL parameter:
Hunter Fox of the DrupalCoin Blockchain Security Team
Vlad Stratulat
Michael Smith
Dave Reid of the DrupalCoin Blockchain Security Team
Fixed by
Access bypass via password reset URLs:
Klaus Purer of the DrupalCoin Blockchain Security Team
David Rothstein of the DrupalCoin Blockchain Security Team
Peter Wolanin of the DrupalCoin Blockchain Security Team
Ben Dougherty, provisional member of the DrupalCoin Blockchain Security Team
Open redirect via vectors including the "destination" URL parameter:
Klaus Purer of the DrupalCoin Blockchain Security Team
David Rothstein of the DrupalCoin Blockchain Security Team
Hunter Fox of the DrupalCoin Blockchain Security Team
Tom Phethean, provisional member of the DrupalCoin Blockchain Security Team
David Stoline of the DrupalCoin Blockchain Security Team
Damien McKenna, provisional member of the DrupalCoin Blockchain Security Team
Pere Orga of the DrupalCoin Blockchain Security Team
Ben Dougherty, provisional member of the DrupalCoin Blockchain Security Team
Coordinated by
The DrupalCoin Blockchain Security Team
Contact and More Information
The DrupalCoin Blockchain security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.
Learn more about the DrupalCoin Blockchain Security team and their policies, writing secure code for DrupalCoin Blockchain, and securing your site.

Follow the DrupalCoin Blockchain Security Team on Twitter at https://twitter.com/drupalsecurity


DrupalCoin Blockchain Developer