Hi,
this is not question about whonix but in any case, maybe you can find the right answer, I tried to google it and I could not find it: how to stop my site to fingerprint visitors. I use wordpress, I suppose javascript is responsible for this problem.
I used tor to visit my own site and I got the warning:
This website … attempted to extract HTML5 canvas image data, which may be used to uniquely identify your computer.
Should Tor browser allow this website to extract HTML5 canvas image data?
tor developers explain to block it, but I am the owner of website and I want to stop such fingerprinting of my visitors. I don’t have any idea how to stop it.
Second, so your question is actually how to remove canvas image based fingerprinting from your wordpress page, have I understood that right? In that case, this forum is the wrong place to ask, I’d recommend a wordpress focused forum for this, as I can only guess, if you haven’t placed this form of tracking consciously, that it simply is a part of the standard WP configuration…
Hi, thank you for your answer, I am afraid anywhere I ask, people will say: I don’t know. I suppose also it is wordpress or installed theme. I don’t think author of this theme is at the level of taking care about privacy, he is still beginner in making theme for wordpress, but I like it, it is responsive, and clean minimalist design. I can’t edit theme, I think design will be ruined if I remove javascript. I will have to leave it to the visitors to block this canvas fingerprinting…
I have my own VPS with web & email server, but iRedMail installed by default making statistics/analytics, I will check how to remove any IP logging. I use already forced ssl/https. I don’t use CDN, I don’t trust to any big company, every bigger business is connected with the Gov, businessmen don’t want to conflict with the NSA. I checked now and there are no stored cookies when I visit my website. I will check if design will be damaged if I disable javascript. but tor mailing list already just answered to block this fingerpriting, they didn’t offer any solution how to stop website to do it. they just close topic and that’s all, they think it is not hacking and some big problem than people should just block it.
just setup a small WP installation to test, without any kind of theme, this seems to be par for the course with WP by default. The only thing I can recommend in that case, is to look for an alternative, or even better, code the page yourself. However I can understand why both might not be an option.