Is Google monitoring your WordPress dashboard via Google Fonts?
Since WordPress 3.8, Google’s webfonts have been used in the core WP build, including WP Admin Panel. The fonts are not served from within WP itself, but served by Google webfonts through fonts.googleapis.com.
What does this provide Google with?
A cookie is not placed, however: When the user accesses the site, Google can collect the header data of the connection request, which includes Google’s cookies. Because of this, Google can find out if your relationship to the site is as a admin/website owner that logs onto the site, or just a “random visitor”. If your cookie ID then makes use of certain other sites, Google can connect your admin status of the site, to your Google accounts.
I have long been a happy user of the Genesis framework, but unfortunately all their themes also makes use of this. A lot of other WP themes also use Google webfonts, so when somebody visits a page on your site, Google’s servers would be called on for the font, and it could possibly provide Google some idea of how many pageviews per month your website sees. It can also cause performance issues, as Google’s servers are blocked in certain countries.
What are the other side effects of using Google Fonts?
For WP themes, you can have font fallback settings in case Google webfonts cannot be served, but it would still cause very slow load times, and some browsers do not support it (android browser is one). And good luck trying to use the WP Admin panel in countries like China where Google’s api’s are either very slow or simply cannot be connected to, in places where internet is slow, or in a local offline development environment. Although Google has a good CDN, this would certainly slow down sites anywhere whenever Google has any problems with their servers.
Google does not state that they use this for tracking, but considering the severe privacy breaches they have committed in the past, I would not trust Google to not abuse this service (check out the Criticism of Google Wikipedia entry as a primer on their shady business, if you have been living under a rock and think Google is following their “don’t be evil” motto, which is now an oxymoron to “google”).
As of WP4.1, this is still happening, and most users have no idea. Many of the WP developers are angered by this change due to the privacy issues, and are fighting against it, but WP is still using webfonts for now. I fail to understand why WP has decided to do this, since it seems to go against their course values.
Some will definitively say that this is being overly paranoid, but if you actively try to prevent Google from tracking you and spying on you, this is definitively something to be aware of. Or if you do very BH stuff, and try to stay off Google’s radar as much as possible. For users of GA/WMT, this will have no implications at all (aside from potential performance issues if there are issues with Google’s CDN).
How do I remove Google webfonts from my WP?
For now, if you don’t like the idea of using Google fonts in your backend, the best solution to opt out of having Google in your wp admin and themes is to use this plugin.
You might want to change the font settings in your template if you do not want to have google called when people visit your website. Check out this handy guide from Mailchimp about which fonts are most commonly installed on peoples computers, for a general idea of which fonts to set up as fallback fonts. There are numerous guides around the web on how to do this. For the privacy conscious, just duckduckgo it (a non IP-tracking search engine).
If you still want nicer fonts in your themes, you can learn how to use @font-face in your css, adobe has a paid service called typekit, and there are also many font plugins (I haven’t tried any of them, so I don’t have any recommendations).
This post was submitted by a guest and does not in any way represent the opinion of our website.