Rant: wordpress & privacy – self hosted instances upload all content to their CDN servers i2.wp.com imho without consent and no possibility to delete?

06.Oct.2022

alternatives, Privacy / convenience vs surveillance / Orwell, Privacy Protection / Datenschutz / DSGVO / GDPR, wordpress

correct if wrong but…

checkout this picture, just uploaded to this self-hosted wordpress instance recently:

it “suddenly” and without consent it also exists on this server i2.wp.com, the “cool” wordpress CDN, that is supposed to speed up loading time of a blog… well… not this blog eh?

https://i2.wp.com/dwaves.de/wp-content/uploads/2022/05/S21_Ultra_Sample_Test_Photo_RawTherapie_post_processed_20220525_sky.jpg

if the user would have wanted that, instead of going self-hosting, the user could have just spared all the hazzle and used wordpress.org.

so even when the author-user deletes that image from the user’s blog… (just tested) it will be still there on https://i2.wp.com/dwaves.de/wp-content/uploads/2022/05/S21_Ultra_Sample_Test_Photo_RawTherapie_post_processed_20220525_sky.jpg

update: 3 weeks later… picture is gone.

“great” isn’t it? so much for “control over one’s data”.

“This is happening because you’re using Jetpack’s built-in Image CDN that relies on WordPress.com. If you like to disable that feature go to your Dashboard > Jetpack > Settings > Performance and toggle off the Enable site accelerator option under the Performance & speed section. You can read more about this feature here:

https://jetpack.com/support/site-accelerator/” (src)

no – this blog is NOT using jetpack site accelerator.

also the option described is not available on self hosted wordpress.

#wtf?

wordpress – a giant content “sucking up ur content and storing it forever” machine?

time for alternatives.

if the visitor Firefox -> F12 -> network checks where the parts of this blog are coming from, they are all coming from dwaves.de and not some wordpress CDN for “faster loading time”.

the only external content are the smileys: https://s.w.org/images/core/emoji/14.0.0/svg/1f61c.svg

(those evil smileys probably “report back” to wordpress… how much that article was visited… and they (probably) sell it again… to G*** and M$ and whoever is willing to pay for that data)

…ah there it is:

Privacy

…

https://wordpress.org/about/privacy/

so this is how wordpress argues, that they have “legitimate interests” to store all pictures uploaded to self-hosted wordpress instances on: ipv4.de-cix.fra.de.as2635.automattic.com (80.81.193.69)

hosted by: https://www.northdata.de/de-CIX+Management+GmbH,+K%C3%B6ln/HRB+51135

associated with:

https://www.northdata.de/deutsche+medienakademie+GmbH,+K%C3%B6ln/HRB+57192

https://www.northdata.de/7P+Business+Solutions+GmbH,+K%C3%B6ln/HRB+65133

liked this article?

only together we can create a truly free world
plz support dwaves to keep it up & running!
(yes the info on the internet is (mostly) free but beer is still not free (still have to work on that))
really really hate advertisement
contribute: whenever a solution was found, blog about it for others to find!
talk about, recommend & link to this blog and articles
thanks to all who contribute!

admin