In required cookies == bad design, I pointed out that requiring cookies just for people to view free content is a bad idea. When denying cookies means you can’t view the Website in question, this means a lot of people aren’t going to view the Website — including me, much of the time.
I gave this advice to all and sundry Website maintainers:
Maybe you should actually visit your own site on a computer you haven’t used to do so before, and deny all cookies for the site. See what happens.
If you have registered a domain name and point it at a wordpress.com Weblog account, I can already tell you what happens on some systems: it enters an infinite loop during page load. The page stays white, and the browser just starts over the page loading process repeatedly, without end in sight. I haven’t let it run long enough to see if it eventually crashes the browser (I suspect it doesn’t, but I suppose there’s a possibility, depending on browser memory management).
So . . . if you’re smart about how you manage your online life, you won’t use wordpress.com for domain hosting. Interestingly, I’ve discovered that http://cameron.blogs.foxnews.com uses wordpress.com — which might say something about the people managing blogs.foxnews.com.
I looked into what it takes for an average, non-professional Weblog user to get domain hosting at wordpress.com (I figured immediately that this probably costs money). What I discovered at the premium features page for Domain Registration and Mapping is:
If the domain isn’t registered, it will ask you for some information and then register it for you, and add domain mapping, for $15/yr.
If you already own a domain you registered somewhere else, you can map it for $10/yr.
I personally recommend against ever doing both domain registration and Webhosting through the same company. It’s best to hedge your bets (as I discovered from personal experience years ago, when a Webhost/registrar I was using basically held my domain name hostage when I wanted to switch Webhosts to someone that provided better service for less money). Unless you have a really unscrupulous registrar like GoDaddy, or something equally dodgy, your most likely problem in outsourcing domain hosting is the Webhosting service provider — and if you registered your domain through someone else, it’s trivial to switch service providers for Webhosting. If not, things might get messy.
Setting up a WordPress Weblog at my Webhost is as easy as doing so at wordpress.com, plus I have more control over the form of the Weblog, and I get to do a whole lot else with the Webhosting account too (including SSL/TLS access to POP, IMAP, and Web email accounts). Most relevantly, when someone denies cookies while visiting SOB, it doesn’t enter an infinite refresh loop.
Testing on multiple platforms shows that the infinite refresh loop manifests on some systems, and not on others. I haven’t investigated enough to know why that is. So far, it has shown up on an MS Windows Vista machine and a FreeBSD machine with Firefox, but not on MS Windows XP with Firefox or IE, nor on Debian with Iceweasel (rebranded Firefox).
With IE on Vista, refusing cookies one at a time, it eventually loads after about 20 times denying the cookie. With Opera on Vista, denying all cookies immediately, it loads. With Safari on Vista, it eventually loads (apparently all you can do for cookie handling is either deny all or accept all — not a good set of options for the security-conscious).
It has only been tested on one of each system configurations (IE+Vista, IE+XP, Fx+Vista, Fx+XP, Fx+FreeBSD, Iceweasel+Debian, Opera+Vista, Safari+Vista), so your mileage may vary.
re: email . . .
Looking at what wordpress.com offers for email addresses when hosting your domain name at a wordpress.com account, I see that the email options they offer (through Google Apps) are extremely limited. For instance, you don’t get the email addresses if you only map a subdomain (like sob.apotheon.org instead of apotheon.org itself) to the wordpress.com account. I also don’t have to let Google index all my email for search engine and targeted marketing purposes.
This little tidbit from wordpress.com’s Email and a blog on the same domain page is interesting too:
Custom urls are not supported.
So, yeah . . . just don’t do it. If you want a Weblog with your own domain (or subdomain!), don’t use wordpress.com.
If they fix the infinite refresh loop problem, it might start being worthwhile, depending on your budget, or if you only intend a very few known people who you can be sure will always accept cookies there to be able to access it anyway — but otherwise, it’s just a bad idea.