Straight from WP DoNotTrack’s page on wordpress.org:
WP DoNotTrack stops plugins and themes from adding 3rd party tracking code and cookies to your blog to protect both your visitor’s privacy, your own security (in the admin-pages) and offering performance gains (limiting requests executed in the browser to render your pages).
This plugin can be useful if you want to:
- make your WordPress blog/ site honour visitors who request not to be tracked, even if the 3rd parties you include do not (conditional privacy)
- stop tracking by 3rd parties for all your visitors (absolute privacy)
- protect your blog from rogue plugins that dynamically add malicious code to your wp-admin pages (security)
- limit the number of external servers that are called from your blog (performance)
- make your blog more compliant with the EU Cookie Law as implemented in a.o. the UK and Holland (with other EU countries to follow) using conditional privacy
WP DoNotTrack uses (a slightly modified) version of jQuery AOP to catch and inspect elements (images, iframes and scripts) that are about to be added to the DOM and renders these harmless if the black- or whitelist say so. You can block 3rd party tracking for all you visitors, or just for those that have navigator.doNotTrack set to “1” or based on a browser cookie.
The “forced” and “SuperClean” modes use WordPress’s output buffering to change the HTML slightly (“forced”) or thoroughly (“SuperClean”). SuperClean uses Simple HTML DOM Parser to filter unwanted 3rd party code from the HTML.
Feedback is welcome; see info in the faq for bug reports/ feature requests and feel free to rate and/or report on compatibility on wordpress.org.
You can find the most recent WP DoNotTrack information on this here blog. Feel free to ask questions or provide me with feedback in the comments on this page.
Heey,
found out about the wordpress stats injecting quantserve only today, so I immediately tried your plugin.
It does kill of the quantserve cookie for my blogs ๐ Yay ๐
However I noticed that the js file from stats.wordpress.com ( http://stats.wordpress.com/e-201247.js ) makes a call to quantserve wich loads in another js file.
Any way of blocking this to ? I’d love to keep using wordpress stats, but quantserv tracking is a very big no-no to me.
Glad you like my little plugin Gijs. Just did a quick test on your site, and I don’t see quantcast when requesting the homepage, cfr. test result here?
yep, you’re right ๐ I guess yslow was showing some cached results or something the like ๐
Looks like it’s working perfectly ๐ Allready installed the plugin on a bigger site that I administer
I have donottrack installed on my wordpress site and have jetpack stats as well. I am using the ghostery chrome plugin to check for the tracker. Last night I finally got a page loaded that only showed google analytics and wordpress stats. Today the edge.quantserve.com cookie is back. I checked my settings–block for all, superclean, blacklist.
Am I doing something wrong? It killed the quantcast on the admin page but not the blog page. I have dumped the cached pages and I still have this garbage coming through. Thanks for the help.
Hi Ken; This is probably cloudflare-related. another user had issues with wp donottrack when using cloudflare, and was able to solve them by disabling “Rocket Loader” and/or “Auto Minify”.
Thanks for pointing me in the right direction Frank.
One of the things that we want to be big on is offering more privacy to users who visit anything we offer.
Perhaps a silly question but do you have plans to continue updating this plugin for a while? So many good plugins seem to die and site owners must abandon them. I love this idea and am hoping you’ll maintain it for a while.
Thanks.
absolutely ๐
Great plugin but there are some problems when using the plugin on a SSL enabled WordPress site.
Google Chrome, for example, interprets javascript:void(0) as unsecure content.
interesting Kalle! Any more specifics, next to the javascript:void(0) issue?
This is a relatively known problem with Google Chrome and some IE versions.
These browsers are considering javascript:void(0) as unsafe content for some kind of reason.
This problem arise in donottrack.js and the following code:
function aop_around(myTarget, myMethod) {
aop.around( {target: myTarget, method: myMethod },
function(invocation) {
if ((typeof(invocation.arguments[0].src)==='string')&&((invocation.arguments[0].tagName.toLowerCase()==='script')||(invocation.arguments[0].tagName.toLowerCase()==='img')||(invocation.arguments[0].tagName.toLowerCase()==='iframe'))&&(invocation.arguments[0].src!=='javascript:void(0)')) {
if (sanitizer(invocation.arguments[0].src)===true) {
invocation.arguments[0].src='javascript:void(0)';
}
}
return invocation.proceed();
}
);
}
Would be great if it is possible to change the code to fix this unsafe content problem.
I have used a temporary solution by changing
invocation.arguments[0].src='javascript:void(0)';
toinvocation.arguments[0].src='#';
Good to know Kalle. I’ll be sure to look into this when working on a new version.
Sorry. My last suggestion generated a JavaScript error.
Try to updated
invocation.arguments[0].src='javascript:void(0)';
to the followinginvocation.arguments[0].src='';
Now everything seems to work correctly.
Please update plugin!! i use the extension in firefox not sure if its made by same peoeple but you should definately tweak it to latest trentds and release a new Version!! it would be a hit
Last Updated: 184 days ago
Requires WordPress Version: 3.2 or higher
Compatible up to: 3.4.2
I’m afraid there’s no relation between WP Donottrack and a Firefox extension Josh.
Does this also prevent wesbite owners having Google adsense from working properly?
Well, website owners could indeed blacklist (block) or whitelist (allow) http://www.googleadservices.com. So yes, WP DoNotTrack can (purposely or by mistake due to misconfiguration) impact the way AdSense works. Does that answer your question?
Hi, great plugin! Gets rid of that pesky quantcast injection.
Anyway, I’m not really tech-savy and I have a question regarding your plugin.
I’m going to apply for Google Adsense soon and was wondering if running this plugin would cause a rejection. Is there anyway to allow the adsense scripts to run while WP DoNotTrack is running, thus preventing a rejection when I apply?
You said something about whitelist/blacklisting. If I use the black-list option, will Google Adsense run normally if I make sure it isn’t added into the list? Or does WP DoNotTrack automatically block it?
Basically, how do I ensure that I get approved for Google Adsense and stay approved while running WP DoNotTrack?
Thanks for the clarification. Sorry if I sound like an idiot. I’m still new to this stuff, haha.
by default wp donottrack functions in blacklist-mode and should allow all adsense to pass.
hope this helps,
frank
Several WordPress plugins serve this tracking code called b.scorecardresearch.com … which sometimes seems to slow down page loading.
Examples of plugins that introduce this tracking code:
http://wordpress.org/plugins/share-this/ (ShareThis)
http://wordpress.org/plugins/outbrain/ (outbrain)
http://wordpress.org/plugins/nrelate-related-content/ (nRelated Related Content)
… and many others that I won’t list (seems to be a popular tracking code).
The opt-out page is on:
http://www.scorecardresearch.com/optout.aspx
I tried blocking “scorecardresearch.com” with DoNotTrack plugin, but alas, no luck.
Hi fruityoaty; not sure, can’t see scorecardreasearch.com on your site, cfr. this webpagetest.org test?
It’s alright, I removed the plugin (outbrain) that was introducing the tracking code. Problem solved. Thanks for looking into it, though. No worries. ๐
Does this comply with the new California Do Not Track requirements?
No idea what the California DNT requirements entail I’m afraid Teaneedz.
I guess item 5 is the pertinent one here : http://leginfo.legislature.ca.gov/faces/billNavClient.xhtml?bill_id=201320140AB370
Sites collecting PII in California must disclose if they honor DNT signals and how so.
Your plugin stops 3rd party cookies and respects a browser’s Do Not Track setting – is that correct?
Are all first party cookies excluded from this?
Thank you.
Well, it can stop 3rd party assets (javascript, images, iframes) from being loaded. If those assets are blocked, no cookies will be set. WP DoNotTrack will not stop 3rd party cookies from being set if the assets are allowed to be loaded (example; if you have youtube on your site, youtube/ google cookies will be set).
indeed, you own site domain is automatically included in the whitelist and (off course) is not on the blacklist either.
Hi,
Thank’s for your plugin, i use it but i just discover it cause problem in AMP validation then i desactivate it.
Hope you’ll find solution
change the mode from “forced” to “normal” and all will be well Dom ๐
Perfect, it’s work.
Thank’s a lot !
Hi. Wordfence is reporting that the plugin has been removed from the repository. Are you still maintaining it? Do you feel it is still safe to use?
Thanks
It has indeed been removed. I am still using it myself, but I must admit the code is sub-par and it _should_ be rewritten from scratch focusing on allowlists & CSP, but I’m afraid I lack the time to do so …