Don’t expose your email address through ActivityPub

Over the last few days I’ve seen a huge surge of posts from people federating their blogs with ActivityPub. Often combining it with the NodeInfo(2) plugin for better exposure. This is great. More followers is more better. Making it easy for your followers to find and follow you is also more better. And if they come from an external system like Mastodon is always fun and interesting.

But, NodeInfo(2) also exposes your admin email address in its meta data which is not good. So, I’ve looked through the plugins code and found it can be filtered out. As a result I’ve created a short snippet to protect your email address. Don’t expose your admin email address when using ActivityPub and NodeInfo(2) on your WordPress or ClassicPress site add this to your functions.php in your theme.

// Remove publicly visible email address from metadata
function ajdg_remove_metadata_email($metadata) {
if(isset($metadata['email'])) unset($metadata['email']);
return $metadata;
add_filter( 'nodeinfo_data_metadata', 'ajdg_remove_metadata_email', 10, 1 );
add_filter( 'nodeinfo2_data_metadata', 'ajdg_remove_metadata_email', 10, 1 );

Simple and short, this basically checks if the Metadata created is an array (list), which it normally is. Then it looks if an email listing is in there. And if so, removes it.

Leave a Reply

Your email address will not be published. Required fields are marked *

Leave the field below empty!