Hey, everyone. Sort of an unusual post here, but I figured at least some of you might be interested. I have put significant time and energy into some updates to this old WordPress site focused on improving user privacy and limiting third party trackers. This was not trivial, especially for someone like me who has limited knowledge about web site and web server management. I did this on my volition, and there weren’t any unusual privacy issues with the site before. In fact, it was probably already better on privacy than your average ad-supported website. But I wanted to see if I could completely eliminate third-party trackers so your visit to this site is not sending the tech giants free data. I got close. You’re tracked probably thousands of times a day on the web, but I wanted Seattle Bike Blog to be one less. Here are some recent changes:
Switched from Google Analytics to Matomo for site use statistics
Google Analytics is by far the most popular tool for keeping track of users and their behavior on your site. When I created this site in 2010, there was no question that installing Google Analytics was the obvious move if I wanted to better understand how many people were visiting the site, which posts were performing well and how people were finding our posts. However, using this service requires sending your data to Google for storage and analysis. This happens to you constantly as you surf the web. But why am I giving a large and creepy advertising company like Google your data for free? It may be the norm, but that doesn’t make it right. I just wanted to know which posts you all like! So it was quite difficult, but I have installed my own web statistics server and removed the Google tracking code.
Switched from reCAPTCHA to Turnstile
Similar to Google Analytics, reCAPTCHA also sends user data to Google. It is also really annoying. So I have switched to CloudFlare’s Turnstile service, which should be better for user privacy. It does feel a bit like I’m switching from one web giant to another here, but browser tracker detection shows no trackers while using Turnstile. So it at least feels like a step in the right direction. And you should also never again need to click all the pictures of bicycles or traffic signals when posting a comment or logging in. That alone makes the move feel worth it, at least for now. This should also improve site accessibility. I’ll keep an eye out for other options (and I’m open to your suggestions).
No major network ads
I have experimented from time to time with network ads like Google Adsense and other services (most of which also run Google Adsense). But I have officially decided that it is not worth it. I don’t like how those ads clutter the site and frankly make it ugly. Making my site ugly is my job! But in addition to being ugly and distracting, these ads and the code used to load them include all kinds of creepy trackers. Since the beginning, Seattle Bike Blog has hosted its own ad server and has never sold your data.
This reminds me, advertising on Seattle Bike Blog is a great way to promote your business while also supporting local bike news!
Removed social media sharing buttons and limited embedded media
In recent months, I scoured the site for social media widgets and embeds. This is why the sidebar no longer contains the @SeaBikeBlog Twitter feed. I also removed the Facebook embedded widget years ago. My goal is to reduce how often social media companies can track Seattle Bike Blog users. The biggest exception to this rule is embedded posts or videos. Both YouTube and Twitter offer cookie-free embed options, and I have started using those. I will also prefer embedding a Mastodon post (which does not include any trackers) rather than a Tweet if I have the choice. Social media companies are still getting some data whenever the media loads, but it should at least not include a tracking cookie. Older posts will still have standard embeds, though. However, I will still be embedding media, especially videos, since it is much nicer to be able to watch videos without needing to leave the site.
Changed my spam detection
I am not sure this is really a big advancement in site privacy, but I am no longer using the Akismet spam comment detection system, which handled spam detection off-site. I don’t really want to say here what I’m using now in case the bots are listening, but I am mostly sure that the spam filtering now happens on my own server (I can’t lie, I don’t fully know how spam detection works lol). I primarily did this to have more control over spam control because Akismet was tagging all the comments originating from Mastodon as spam and there was no way to whitelist it.
By the way, did you know Seattle Bike Blog is a federated ActivityPub instance? This means you can directly follow my posts by searching for and following @tfooq from any account on the fediverse, including Mastodon. Replies to posts will be automatically posted as a comment on the blog. Unfortunately, the WordPress ActivityPub software is still quite limited (for example, comment replies are not yet posted as replies on Mastodon). I’ll keep updating the plugin, so hopefully more features will be added soon.
Feel safe disabling your ad blocker
So if you use an ad blocker, you should feel reasonably safe disabling it on Seattle Bike Blog. The only difference you should notice are a handful of unobtrusive ads from local businesses that support the site. It helps me sell more ads if the ad view numbers are healthy.
Thank you for reading! And if you notice any bugs, please let me know.
Comments
2 responses to “Some blog updates, including better web privacy”
Thank you for making a great site even better! I’ve disabled my ad blocker ;)
Thanks, Tom. I appreciate reducing the data collection and hording. While it is generally harmless, it could be hacked and used in bad ways.