Linux 软件免费装
Banner图

Kipphard GDPR Web Fonts

开发者 kipphard
更新时间 2026年7月10日 21:22
PHP版本: 7.4 及以上
WordPress版本: 7.0
版权: GPLv2 or later
版权网址: 版权信息

标签

privacy webfonts gdpr google fonts dsgvo

下载

0.4.3 0.4.4 0.4.5

详情介绍:

Kipphard GDPR Web Fonts is an honest audit tool for WordPress sites. It fetches the HTML your site actually delivers and detects external requests that transmit personal data — such as IP addresses — to third-party servers, including Google Fonts, Google Analytics, YouTube embeds, Google Maps, Gravatar, reCAPTCHA, Facebook Pixel, Hotjar, and common JavaScript CDNs. The plugin groups findings by risk level with clear, actionable recommendations. Several common issues can be fixed directly through the plugin settings without touching code. What this plugin does: What this plugin does NOT do: This plugin is not a cookie-banner overlay and does not claim automatic GDPR compliance. The scan is static: requests triggered dynamically by JavaScript after page load may not appear in the delivered HTML and will therefore not be detected. A complete privacy audit additionally requires browser developer tools or a specialised service. This plugin does not replace legal advice. Use it to identify and reduce external requests; have a lawyer or data-protection officer review your specific situation. About the Google Fonts ruling: On 20 January 2022 the Munich Regional Court I (LG München I, Az. 3 O 17493/20) ruled that embedding Google Fonts without visitor consent violates the GDPR because the visitor's IP address is transmitted to Google servers in the USA. This plugin helps you detect and remove such requests. Hinweis (DE): Dieses Plugin ist ein ehrliches Datenschutz-Analyse-Werkzeug für WordPress-Seiten. Es scannt das gerenderte HTML auf externe Anfragen (Google Fonts, Analytics, YouTube, Gravatar u. v. m.), die personenbezogene Daten an Dritte übertragen, und bietet direkte Schnell-Maßnahmen. Die Benutzeroberfläche ist auf Deutsch verfügbar.

安装:

  1. Upload the kipphard-gdpr-webfonts folder to /wp-content/plugins/, or install it from the Plugins screen in your WordPress admin.
  2. Activate the plugin through the "Plugins" menu in WordPress.
  3. Go to GDPR Webfonts → Dashboard and click "Start scan".
  4. Review the results, then go to GDPR Webfonts → Settings to enable the desired quick fixes.

屏幕截图:

  • The settings page: quick-fix toggles (remove Google Fonts, disable WordPress emojis, replace Gravatar locally).

升级注意事项:

0.4.0 Renamed to Kipphard GDPR Web Fonts; full-site scanning for everyone; unique prefixes. 0.3.0 Shared admin design system for a consistent look. No functional changes.

常见问题:

Does this plugin make my site automatically GDPR-compliant?

No. This is an audit tool, not a compliance overlay. It shows you which external requests your site makes and provides recommendations, but the actual work — hosting fonts locally, obtaining consent, replacing services — has to be done by you or your development team. When in doubt, consult a data-protection professional or lawyer.

How many pages are scanned?

All of them: the scan covers your homepage plus every published page and post. Very large sites are capped at 200 URLs per run — a performance safeguard, not a feature limit.

Is any data sent to external servers during a scan?

No. The plugin fetches your own URLs internally over HTTP and analyses the returned HTML locally. No data is transferred to any third party.

Why does the scan not detect all external requests?

The plugin analyses the HTML that your server delivers on initial load. Requests triggered later by JavaScript (for example on scroll or click) are not visible in the static HTML and are therefore not detected. For a complete picture, also check your browser's Network tab.

Why does removing Google Fonts need WordPress 6.9?

Removing a font reference that a theme has hard-coded into its templates, or written as an @import rule inside a <style> block, means rewriting the finished HTML page. WordPress 6.9 introduced a standard way for plugins to do that — the template enhancement output buffer — and this plugin uses it rather than opening an output buffer of its own, which is unreliable when several plugins do it at once. On WordPress 6.4 to 6.8 the quick fix still removes Google Fonts stylesheets that were enqueued through WordPress (the common case) and the preconnect / dns-prefetch hints. Hard-coded <link> tags and @import rules are left in place; the scan report continues to list them so you can remove them from your theme by hand.

Why is Google Fonts classified as "High risk"?

On 20 January 2022 the Munich Regional Court I (LG München I, Az. 3 O 17493/20) ruled that embedding Google Fonts without visitor consent violates the GDPR, because the visitor's IP address is transmitted to Google servers in the USA without a legal basis. This plugin flags that risk and lets you remove the external requests entirely.

The scan fails or returns no results. What can I do?

Make sure your site is reachable from itself — no "coming soon" mode, no HTTP authentication. The plugin fetches your own URLs internally over HTTP. Also verify that the PHP dom and libxml extensions are available on your server.

更新日志:

0.4.5 0.4.4 0.4.3 0.4.2 0.4.1 0.4.0 0.3.0 0.2.0 0.1.0