Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time


Privacy-aware child theme of Spacious WordPress theme

How to implement visitors privacy in WordPress websites

WordPress is by far the most widely used CMS for websites creation. It's a long-term free-as-in-speech software project. However, the evolution of the project, plugins and templates has exposed users privacy. Initially, many people will host a blog in with a free or professional plan. If you do so, your visitors will be datafied by 15-17 trackers on average (even after disabling social network sharing buttons). There you can move to a self-managed hosting using implementation, but you still have to do several steps to get rid of trackers and cookies.

Install some privacy analysis tools for your browser

To verify that you are properly removing trackers and cookies from your website you can use:

Remove basic third party code

  1. If installed, remove Jetpack plugin
  2. Disable social network sharing buttons: Configure → Sharing
  3. Disable gravatar: Settings → Discussion: uncheck the box ‘Show Avatars’

Serve (Google) fonts through your own server

Many templates and plugins include Google fonts. However the default setup implies that your visitors will retrieve the fonts from Google servers, potentially allowing Google to track your users. Google font's EULA allows you to download and serve the fonts in your own server. All the code listed below is available at

These are the general steps. As an example we use a child theme based on Spacious theme:

  1. Create a WP child theme of your template.

  2. Download corresponding Google fonts to a folder in your server, for instance 'fonts' in your Child Theme folder. If you don't need compatibility with old-browsers, you will only need the TTF archives. Spacious is using Lato font.

  3. Use CSS to tell the browser that the fonts are available in your own server:

/* fonts */

@font-face {
font-family: 'Lato';
src: local('Lato Bold'), local('Lato-Bold'), url('fonts/Lato-Semibold.eot?#iefix') format('embedded-opentype'),  url('fonts/Lato-Semibold.woff') format('woff'), url('fonts/Lato-Semibold.ttf')  format('truetype');
font-weight: bold;
font-style: normal;
@font-face {
font-family: 'Lato';
src: local('Lato Regular'), local('Lato-Regular'), url('fonts/Lato-Ligth.eot?#iefix') format('embedded-opentype'),  url('fonts/Lato-Ligth.woff') format('woff'), url('fonts/Lato-Ligth.ttf')  format('truetype');
font-weight: normal;
font-style: normal;
  1. Remove the Google fonts style from the WP actions queue. You can do it in functions.php:
// Remove 'google_fonts' from the styles queue (id may vary for other themes)
function spacious_dj_dequeue_google_fonts() {
	wp_dequeue_style( 'google_fonts' );
// Use 100 for priority to process the remove action at the end of the queue
add_action( 'wp_enqueue_scripts', 'spacious_dj_dequeue_google_fonts', 100 );


A clean installation of WordPress does not use tracking cookies, however, some plugins and external media can insert cookies into your visitor's browser. As a general tool, you can use WP DoNotTrack plugin.

YouTube includes a sharing option that does not use cookies streaming the video from, however, this option still adding remote code that might allow users tracking. If you want a privacy-aware streaming option you might need to stream the media through your servers.

If you still need to use external content, a simple trick proposed here is to create a thumbnail of the video and link the image to the external content.


Last but not least, connection encryption is a must also for security reasons. You can easily perform site encryption with Let’s Encrypt


Privacy-aware child theme of Spacious WordPress theme







No releases published


No packages published