This plugin hasn’t been tested with the latest 3 major releases of WordPress. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

Mirror Gravatar

Description

Locally mirror commenters’ Gravatars and serves them from your site, rather than loading them from gravatar.com on each page load.

This has several effects:

  • If most of the comments on a post have no gravatar, those turn into one load of a shared image, instead of one for each comment, that happens to return the same “mystery” image.

  • You will be serving more (small) images.

  • gravatar.com no longer has a web-bug on your blog that is loaded by each viewer. Instead of being loaded at every page view, the gravatar is loaded just once, on the server-side, at the time each new comment is posted.

    Gravatar is owned by WordPress, and their privacy policy says that they don’t monetize that info, but hey, corporate policies change, and subpoenas exist.

  • The user’s Gravatar profile is saved along with their comment, viewable by admins even if they later change or delete it from gravatar.com.

  • If someone changes or deletes their Gravatar, your site continues displaying the image that was their Gravatar at the time that they last posted.

  • If a commenter’s URL looks like a link to a Mastodon profile, this plugin will attempt to mirror the Mastodon avatar instead.

  • Additionally: when commenting, a live preview of the Gravatar tracks the contents of the “Email” field.

Security and Privacy

Though WordPress enables Gravatars by default, using them at all might be considered a privacy risk for your blog commenters. Gravatars expose an MD5 hash of the email address of each commenter, which has been shown to be vulnerable to attacks. A sufficiently-motivated attacker can probably translate that MD5 back into an email address.

This plugin does not, at least, make that any worse.

Screenshots

  • A copy of the user's gravatar.com profile is saved with the comment.
  • A live preview of the Gravatar when commenting.

Installation

  1. Upload the mirror-gravatar directory to your /wp-content/plugins/ directory.
  2. Activate the plugin through the “Plugins” menu in WordPress.
  3. Make sure the directory /wp-content/plugins/mirror-gravatar/ is writable by your web server.

Reviews

There are no reviews for this plugin.

Contributors & Developers

“Mirror Gravatar” is open source software. The following people have contributed to this plugin.

Contributors

Translate “Mirror Gravatar” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.0

  • Created

1.1

  • Also mirrors Mastodon avatar images, if the commenter’s URL is of the form “https://example.com/@username”