Local Avatars in WordPress? Yes, Please

It is an age-old question. OK, well, it’s really a 10-year-old feature request, but that is age-old in software development years. Should WordPress have a local avatar system?

Let’s be honest. Most of us have kind of gritted our teeth and quietly — and sometimes not so quietly — lived with the Automattic-owned properties that are integrated directly with the core WordPress software. At least Akismet is a plugin and somewhat detached from the platform. But, avatars, a feature courtesy of Automattic’s Gravatar service, is baked deep into the platform. Users must disable avatars completely or opt into another plugin to distance themselves from it.

There are the obvious privacy concerns that some people have around uploading an image to the Gravatar service and creating an account with WordPress.com. Even aside from such concerns, regardless of whether they are warranted, new users who are unfamiliar with local avatar plugins are essentially guided to create an account with a third-party service to have one of the most basic features expected from a CMS.

Not all WordPress installs have access to Gravatar, such as within companies that use intranets. Some countries have the power to effectively block access to the service, as shown by the move China made in 2013 to block WordPress.com and Gravatar, leaving users to seek out alternatives.

The itch that many want to scratch is to simply remove Automattic-connected services from the core software. Gravatar’s inclusion in WordPress has hampered any chance of competing services gaining a foothold. To be fair, at the time of Gravatar’s initial inclusion in WordPress, there were few good options. It made sense to leverage a working solution that would get an avatar system rolling. And the notion of a globally-recognized avatar is noble — one service to control your avatar across the web. However, having that service under the control of a for-profit U.S. company will always be an issue that could potentially hold it back from being the service that the web truly needs. It will certainly always be a contentious issue in the WordPress community. Even those of us who love the software and services that Automattic offers can see the problem.

WordPress should be agnostic about what services it includes out of the box. Gravatar should be a separate plugin, even if it is bundled with core a la Akismet. Local avatars is not an insurmountable feature, and it might just be time to make the change.

While possible to build into core, it is not a simple matter of plugging in an image upload form on the user profile screen. The feature carries its own privacy concerns too. For example, uploading images currently requires certain permissions that would also provide the user with access to the entire media library. There is the question of how to deal with registered vs. non-registered users in such a system along with several other hurdles.

Recent chatter in the 10-year-old ticket and the #core-privacy and #core-media Slack channels have reignited the idea of local avatars. There is also an early spreadsheet on local avatar requirements and research.

Much of this discussion is amidst the backdrop of the WP Consent API proposal, which seeks to create a standardized method for core, plugins, and themes to obtain consent from users. Presumably, Gravatar usage would tie into this API somehow.

Matt Mullenweg, the co-founder of WordPress and CEO of Automattic, seems open to the discussion. “It’s exciting to see this older ticket picking up so much steam,” he said on the Trac ticket. However, he further pushed for a separate featured plugin that focused on broader privacy concerns.

In many ways, local avatars feel like the early days of the web in which users had to upload a custom avatar to every single website they joined. At times, it could be tedious. Gravatar solved this issue by creating a single service for people to bring their avatars along their journey across the net. However, we have seemingly come full circle in the last few years. With the passage of the European GDPR and other jurisdictions beginning to follow suit with similar privacy laws, it easy to see why there is renewed discussion around Gravatar in core.

We should have local avatars because it is the right thing to do. Provide a basic avatar upload system on the user profile screen. Beyond that, let users choose what they want by installing their preferred plugin without guiding them toward one particular service over another.

If nothing else, I’m excited about a wider discussion around local avatars in WordPress and welcome the possibility of such a featured explored via an officially-sanctioned plugin.

31 responses to “Local Avatars in WordPress? Yes, Please”

  1. One advantage of Gravatar versus local uploads………..One site I manage for someone………requires people to have an account to comment and participate.
    350,000-ish accounts.
    No login via facebook, twitter, google+, linkedin, etc…

    If each avatar of those accounts is 100kb………35GB. Just in 512×512 PNGs/JPGs.
    If you have 50kb…17.5GB.

    I am all for local and avoid third party connects (hi akismet, jetpack, google analytics)….but everything has PROs and CONs. local avatars have the above con.

      • Also you’d have the option to fall back on Gravatar (though performance-wise for a site that large, that’s not a good idea, either).

  2. I think a choice would be great. Now, its a lot harder to switch to local avatars than too remove Akismet. Giving users a choice is the fair thing to do here IMHO.

  3. In response to GDPR concerns with Gravatar there is a plugin called »Avatar Privacy« which shows a way how this could be handled:

    https://wordpress.org/plugins/avatar-privacy/

    Summary from the plugin page:
    – Self-uploaded avatars for users (and custom default images), hosted on your server.
    – Users and commenters explicitly opt-in before using gravatars.
    – Gravatar caching to ensure the privacy of your website visitors.
    – Don’t publish weakly encrypted e-mail addresses of comment authors.

  4. Gravatar in Europe is more or less a dead horse due to the GDPR regulatories. I claim that most of the European sites disabled the gravatar connection due to this. So a locally hosted avatar service would be the way to go.

  5. @Miroslav Glavic that would be easily customized, by filtering the allowed fields per user role, the same way you choose what every custom post type support.

    • The loading of an Avatar, profile pic, Gravatar, whatever you want to call it is something basic. When your site has a crap load of users and a requirement is to have an Avatar, PP, Gravatar, etc…it screws up your site specially with 35GB that adds to the size of other files (specially when a site has been around for around 15+ years. Every GB matters. I can’t block the gravatars/avatars. If we were to switch to local…size does matter.

  6. You wrote: “There are the obvious privacy concerns that some people have around uploading an image to the Gravatar service and creating an account with WordPress.com.”

    That’s quite a statement, yet without sources or supporting arguments. Could you elaborate?

    • In addition what people have already said, it can also lead to unwanted identity disclosure (MD5 can easily be brute-forced today, and the hash could link pseudonymous comments across sites, even when you don’t have a Gravatar account).

    • @pepe: It’s a service designed to show a picture of yourself. Brute forcing it doesn’t make much sense, and if you want to be anonymous, you don’t ever use your real email. Privacy is not an actual valid concern with the service.

      • I know you don’t care much about European notions of privacy, but yes, this is a valid concern as we promise never to disclose email addresses for comments and an MD5 hash does just that. (Comments can exist for a long time, so you might not even remember using a specific address.)

        Furthermore, you do not get a choice, even if you don’t use Gravatar, the MD5 hash is published by the current WordPress Core implementation. Caching or proxying (and using a better hash function for the public-facing site) can mitigate that issue, but Core currently does neither.

  7. I’d love to see this feature is merged into Core. While Gravatar is great, setting up a gravatar is not simple for normal users. If this feature is available in WordPress, we can avoid using a plugin for this and makes everything easier for users.

  8. 10 years late, but better than never

    the idea was a good one but in real world. users like to have different profile pictures on different sites

    while gravatar might be popular on WPtavern. check how many users who should know how.. uploaded personal gravatars on bbpress or buddy press forums.. what hope there ever was for ordinary users??

  9. I just hope such feature doesn’t open the gate for hackers to find away to upload malicious files

  10. This is plugin territory, putting it in core and removing gravatar would be a step backwards.

    Gravatar is an open standard standard that works for everyone. Most commenters/users are simply not going to bother uploading an avatar that is site specific.

    If you really need local avatars then there are plugins and/or buddypress

    And is you are concerned about privacy cache the avatars locally

    Local Avatars in WordPress? No, thanks

    • Gravatar is a proprietary API with serious privacy issues that cannot be fixed without abandoning the current API (even mitigation means using local caching, which for pratical purposes, is the same as “local avatars”).

      • Yes it is a proprietary solution and that makes me uncomfortable too.

        But local caching is NOT the same as local avatars. Local avatars require a user to upload on everyone site (which won’t happen). With local caching you are just copying gravatar (or Facebook or whoever) locally. So you actually get frictionless avatar without compromising privacy.

        The ideal solution is a non proprietary gravatar, with a better privacy algorithm. That would require Matt Mullenweg to donatw gravatar to wordpress.org though

  11. One of the weirdest features in WordPress: Gravatar. Maybe a revolution back then, but now it’s more a privacy concern. Random visitors don’t use it and even some editors ignore the option. So, yes please!

  12. A bit off topic … We use WordPress as our intranet platform. Very often articles are published that are written and signed by the management. However, these are published by employees.

    Is there a way to display the name of the original author in the front end and at the same time display the person who added the article in the system in the back end?

    • The simplest way is to create a user profile for the real author and assign that user as the post author.

      If that is not possible, I would create a custom field (post meta). In the backend, add the author’s name as the field. Then, on the front end, pull that value and display it instead.

        • There may very well be a plugin that’s suitable for this. I don’t know any offhand, but it wouldn’t hurt to look around. Even if a plugin doesn’t match this exact use case, it might allow you to do something that is acceptable for the project.

  13. Yeah, I’d definitely like to see local avatars added to the WordPress core at some point. Honestly, it’s always surprised me that they weren’t a thing given that pretty much every other piece of software with an account system has them, and it’s definitely something that’s more feature material than plugin material.

    Might also be worth making gravatars into a plugin instead, given how few people seem to actually make use of that feature in any real way.

    So yeah, happy to see it might be included soon enough.

Newsletter

Subscribe Via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

%d bloggers like this: