Is WordPress SEO spying on us all? | WordPress.org

Phill Brown
(@phill_brown)

11 years, 2 months ago
Having conducted tests on several websites and server environments, it looks like WordPress SEO is tracking private data regardless of whether we want it to or not.

The allow tracking field in General Setting controls whether we want to send data to Yoast, and by default this is unchecked. Instead it appears that the yoast_tracking action is being scheduled every time the plugin loaded.

This is giving Yoast access to:
- Site URLs and names regardless of privacy settings
- Post and comment counts
- Custom post types
- Plugin installations
- Theme installations
To fix, open up <plugins>/wordpress-seo/wp-seo.php and replace lines 101-103 with:
```
if ( isset( $options['yoast_tracking'] ) && $options['yoast_tracking'] == 'yes' ) {
    require WPSEO_PATH.'admin/class-tracking.php';
} else {
    wp_clear_scheduled_hook( 'yoast_tracking' );
}
```
Please could someone else verify this?

http://wordpress.org/extend/plugins/wordpress-seo/

Viewing 1 replies (of 1 total)

Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Advisor and Activist

11 years, 1 month ago

It’s not.

The code is clearly checking to see if you’ve allowed tracking. YES, it checks on every load, but that’s how it’s supposed to work. Every load it checks, sees a no, and moves on.

Viewing 1 replies (of 1 total)

The topic ‘Is WordPress SEO spying on us all?’ is closed to new replies.

Tags

cron

In: Plugins
1 reply
2 participants
Last reply from: Ipstenu (Mika Epstein)
Last activity: 11 years, 1 month ago
Status: not resolved