SafeFonts

SafeFonts helps you comply with GDPR by hosting fonts locally and avoiding third-party requests, with seamless Gutenberg integration and CSS variables support.

If you need to host custom fonts locally on your WordPress site for performance, privacy, or GDPR compliance, SafeFonts makes it simple with advanced security validation, automatic integration with the WordPress block editor, and CSS variables for custom CSS usage.

Compatible With

Block Editors:
* WordPress Gutenberg Block Editor
* WordPress 6.5+ Font Library
* Full Site Editing (FSE) Themes

Need Page Builder Integration?
SafeFonts Pro adds seamless support for 14 integrations: Elementor, Bricks, Beaver Builder, Divi, Oxygen, Brizy, Builderius, Astra, GeneratePress, Kadence, Blocksy, Kadence Blocks, Spectra, and GenerateBlocks with zero configuration.

Why Choose SafeFonts?

🔒 Security-First Approach
* Magic byte validation for all font files
* MIME type verification
* File hash checking
* Configurable file size limits
* Protection against malicious uploads

⚡ Fast & Lightweight
* Custom database storage for instant queries
* Designed to minimize impact on page load speed
* Optimized font delivery
* Works with any theme or page builder

✅ Gutenberg Integration
* Automatic integration with block editor typography
* WordPress 6.5+ Font Library support
* Works with all blocks that support typography
* No configuration needed

🎨 CSS Variables Support
* Automatic CSS variables generation for all fonts
* Use var(–safefonts-font-slug) in custom CSS
* Works with any theme or builder supporting CSS custom properties
* Dedicated CSS Reference page with comprehensive documentation

🎥 Quick Start Video

Watch this quick tutorial to see how easy it is to upload and use custom fonts in WordPress.

🎯 Simple Upload Process
* Individual font file uploads (.woff2, .woff, .ttf, .otf)
* Specify font family, weight, and style
* Visual font previews in admin
* Drag-and-drop ready interface

⚡ Performance Optimization
* Font preloading support for faster page loads
* Automatic preload tag generation:
* User-selectable fonts for preloading (Settings tab)
* Best practice: Preload 1-2 critical fonts only
* Reduces flash of invisible text (FOIT)
* Improves Core Web Vitals scores

🌍 GDPR Compliant
* Local font hosting
* No external font requests—fonts are served entirely from your WordPress installation
* Complete data privacy
* Suitable for GDPR-compliant sites

Perfect For

• Privacy-conscious websites requiring GDPR compliance
• Sites that need custom or premium fonts
• Agencies managing multiple client sites
• Anyone wanting better control over typography
• Performance-optimized websites

How It Works

1. Upload Fonts: Go to SafeFonts menu and upload your font files
2. Configure Details: Set font family name, weight (100-900), and style (normal/italic)
3. Use Everywhere: Your fonts automatically appear in:
   • Gutenberg block editor typography settings
   • CSS variables for custom CSS (check CSS Reference page)
   • WordPress 6.5+ Font Library
4. That’s It! Fonts are served locally with optimal performance

Getting Google Fonts

Download Google Fonts from these sources:

• SafeFonts Web Font Downloader – convenient bulk download tool
• Google Fonts GitHub – official repository
• Google Webfonts Helper – third-party download tool

Once downloaded, upload the font files (.woff2, .woff, .ttf, .otf) through SafeFonts > Upload tab.

Need more features? SafeFonts Pro offers bulk ZIP imports, page builder integration, and advanced font management. Learn more

Supported Font Formats

• WOFF2 (recommended – best compression)
• WOFF (broad browser support)
• TTF (TrueType fonts)
• OTF (OpenType fonts)

WordPress 6.5+ Font Library

If you’re using WordPress 6.5 or higher, SafeFonts automatically integrates with the native Font Library in the Site Editor, giving you a unified font management experience.

Developer Documentation

Template Functions

SafeFonts provides helper functions for developers:

safefonts() - Get the main plugin instance
safefonts()->font_manager->get_fonts() - Get all fonts from database
safefonts()->font_manager->get_fonts_by_family() - Get fonts grouped by family

Hooks & Filters

Filters:
* upload_mimes – SafeFonts adds font MIME types automatically

Database Structure

Table: wp_chrmrtns_safefonts
* id – Font ID
* font_family – Font family name
* family_slug – Sanitized family slug for folder names (v1.1.0+)
* font_style – normal or italic
* font_weight – 100-900
* file_path – Relative path to font file (includes family folder v1.1.0+)
* file_hash – SHA-256 hash for integrity
* file_size – File size in bytes
* mime_type – Validated MIME type
* created_at – Upload timestamp
* updated_at – Last update timestamp

Architecture

SafeFonts uses modern PHP namespaces and PSR-4 autoloading:
* Chrmrtns\SafeFonts\Core – Main plugin class
* Chrmrtns\SafeFonts\FontManager – Font validation and management
* Chrmrtns\SafeFonts\Admin\AdminInterface – Admin UI

Support

For support, feature requests, or bug reports, please visit:
* GitHub
* Website

Privacy Policy

SafeFonts does not collect, store, or transmit any personal data. All font files are stored locally on your WordPress installation. No data is sent to external services.

Automatic Installation (Recommended)

1. Go to Plugins > Add New in your WordPress admin
2. Search for “SafeFonts”
3. Click Install Now, then Activate
4. Go to SafeFonts in the admin menu to start uploading fonts

Manual Installation

1. Download the plugin zip file
2. Go to Plugins > Add New > Upload Plugin
3. Choose the zip file and click Install Now
4. Click Activate Plugin
5. Go to SafeFonts in the admin menu

First Steps After Installation

1. Upload Your First Font: Go to SafeFonts > Upload tab
2. Fill in Font Details: Enter font family name, select weight and style
3. Upload File: Choose your font file (.woff2 recommended)
4. Use in Gutenberg: Your font now appears in block typography settings
5. Check CSS Reference: Visit SafeFonts > CSS Reference to see your CSS variables and implementation details

1. 

   SafeFonts admin interface - Upload and manage fonts

2. 

   Font upload form with security validation

3. 

   Installed fonts list with previews

4. 

   Settings page for file size and type configuration

5. 

   System information and WordPress 6.5+ compatibility check

6. 

   Fonts automatically available in Gutenberg typography settings

7. 

1.1.9

• NEW: CSS variables output for all fonts – enables manual font selection in custom CSS and builders supporting CSS custom properties
• NEW: CSS Reference page – comprehensive documentation for CSS variables, Gutenberg classes, and implementation details
• FIX: Auto-regeneration now works correctly for both single plugin updates and bulk updates
• FIX: CSS regeneration hook now properly detects updates from all update methods

1.1.8

• NEW: Manual CSS regeneration button in Settings page for refreshing fonts.css when needed
• NEW: Automatic CSS regeneration after plugin updates to prevent font display issues
• IMPROVEMENT: fonts.css automatically regenerates when plugin is updated via WordPress auto-update or manual update

1.1.7

• FIX: WordPress Font Collection registration now uses correct data structure with font_family_settings wrapper, resolving Site Editor JavaScript errors
• FIX: Font families now include proper fallback categories (serif, sans-serif, monospace, cursive, fantasy) in Font Library
• IMPROVEMENT: Enhanced compatibility with FSE themes and Site Editor font management

1.1.6

• MAJOR: Full prefix refactoring – all PHP elements now use chrmrtns_safefonts_ prefix for better namespace isolation
• NEW: Per-weight font preloading – select specific font weights instead of entire families
• NEW: File format display in preload UI – shows WOFF2, WOFF, TTF, OTF for each weight option
• FIX: WordPress Plugin Check 1.7.0 compliance – all variables properly prefixed
• FIX: Database query security – table names now properly escaped using %i placeholder
• FIX: Form field prefix mismatch – preload settings now save correctly
• IMPROVEMENT: Automatic migration from old safefonts_ prefix to new chrmrtns_safefonts_ prefix
• IMPROVEMENT: Collapsible font family sections in preload settings for better organization
• IMPROVEMENT: Enhanced uninstall.php with proper variable prefixing
• Technical: Constants renamed (SAFEFONTS_* → CHRMRTNS_SAFEFONTS_*)
• Technical: Function renamed (safefonts() → chrmrtns_safefonts())
• Technical: Options migrated (safefonts_version → chrmrtns_safefonts_version, etc.)
• Technical: New FontPreloader class extracted from Core for better code organization
• Technical: CSS class names remain safefonts- for backwards compatibility
• Security: All SQL queries now use WordPress 6.2+ $wpdb->prepare() with %i for table identifiers
• Security: WordPress minimum requirement bumped to 6.2 (required for %i placeholder support)

1.1.5

• CRITICAL FIX: Migration now runs automatically on plugin update (no longer requires deactivate/reactivate)
• NEW: Bulk delete functionality – select multiple fonts and delete them at once with “Select All” option
• NEW: Font format display – shows WOFF2, WOFF, TTF, or OTF badge in fonts list for better visibility
• Fix: Font previews now display correctly in admin area (fonts.css properly enqueued)
• Fix: Folder structure migration triggers on version change, not just activation
• Fix: CSS file regeneration after migration ensures fonts display immediately
• Fix: Browser cache issues with admin CSS/JS files using file modification timestamps
• Improvement: Version check system ensures migrations run once per version upgrade
• Improvement: Enhanced fonts list UI with checkboxes for individual selection
• Improvement: Cleaned up font list layout for better readability (removed grid conflicts)
• Technical: Added check_version_and_migrate() method that runs on plugins_loaded hook
• Technical: Added handle_bulk_font_deletion() AJAX handler for bulk operations
• Technical: CSS cache-busting using filemtime() for instant updates

1.1.4

• Fix: Fonts now display correctly in Gutenberg editor iframe preview
• Improved: Added add_editor_style() support for block editor content area
• Enhancement: Fonts now visible when editing posts/pages in Gutenberg

1.1.3

• Fix: Font previews now display correctly in admin area
• Improved: Enqueue fonts.css in admin for proper font preview rendering
• Enhancement: Fonts now visible in SafeFonts > Fonts admin page preview

1.1.2

• Fix: Fonts now display correctly in Gutenberg block editor
• NEW: Generate .has-{slug}-font-family CSS classes for Gutenberg typography controls
• NEW: Intelligent font fallback detection (serif, sans-serif, monospace, cursive)
• Fix: Database migration now properly adds family_slug column for users upgrading from v1.0.x
• Improved: Enhanced error handling for font uploads with detailed error messages
• Improved: Better directory writability checks before file operations
• Technical: Added PHPCS ignore comments for legitimate direct filesystem operations

1.1.1

• Fix: Use wp_upload_dir() instead of hardcoded WP_CONTENT_DIR for better compatibility
• Fix: Ensures proper upload directory detection across all WordPress configurations
• Compatibility: Addresses WordPress.org plugin review guidelines

1.1.0

• NEW: Font family folder organization – fonts now stored in dedicated family folders (e.g., /roboto/, /open-sans/)
• NEW: Added family_slug column to database for faster family-based queries
• NEW: Automatic migration on plugin update – existing fonts moved to family folders seamlessly
• NEW: Automatic cleanup of empty family folders when last font is deleted
• IMPROVED: Admin UI – Font weight badge now uses yellow color instead of red to avoid confusion with delete button
• IMPROVED: File path handling – relative paths now include family folder structure
• Technical: Database schema version bump for migration support

1.0.9

• Fixed: Removed manual load_plugin_textdomain() – WordPress.org handles translations automatically
• Improved: Help & Documentation page now uses CSS tabs for better organization and navigation
• Improved: Cleaner tabbed interface without long scrolling page
• Added: Translation support with POT file (translatable strings ready)
• Added: Full internationalization (i18n) support for translators

1.0.8

• Added: Gutenberg block editor integration – uploaded fonts now appear in font picker dropdown
• Added: register_fonts_with_editor() method to inject fonts into editor settings
• Improved: Fonts automatically available in typography controls for all blocks
• Technical: Uses block_editor_settings_all filter to register custom font families

1.0.7

• Improved: Keyboard accessibility – Upload button now fully accessible via Tab navigation
• Added: ARIA labels for better screen reader support on upload and delete buttons
• Added: Explicit tabindex on upload submit button for consistent keyboard navigation
• Added: Enter key handler for upload button to ensure keyboard submission works
• Improved: Delete buttons now have descriptive ARIA labels including font family name

1.0.6

• Fixed: Critical – File extension detection now uses original filename instead of temporary upload path
• Fixed: Font uploads were failing because temp files (like /tmp/phpXXXXXX) have no extension
• Improved: validate_font_file() now accepts original filename parameter for accurate validation
• Improved: import_single_font() method signature updated to handle original filenames

1.0.5

• Fixed: MIME type validation now accepts all common font MIME type variations
• Fixed: Corrupted or empty allowed_types settings are now automatically repaired
• Improved: Better error messages that specify exact validation failure (extension or MIME type)
• Improved: MIME type arrays now include application/octet-stream for broader compatibility
• Added: Automatic detection and repair of misconfigured settings

1.0.4

• Fixed: Critical – Font upload directory (assets/fonts/) was not being created during refactoring
• Fixed: Incorrect CSS file paths pointing to assets/fonts/css/ instead of assets/css/
• Fixed: Font uploads now work correctly after plugin activation
• Added: Security files (.htaccess, index.php) to fonts directory
• Improved: Directory creation logic in activation hook

1.0.3

• Fixed: Database table name now includes vendor prefix (chrmrtns_safefonts) to prevent conflicts
• Fixed: Database table not being created on plugin activation
• Improved: Better namespace consistency throughout codebase
• Updated: Developer documentation with correct table name

1.0.2

• Fixed: WordPress 6.5+ Font Library validation error when no fonts installed
• Added: Extra safety check before registering empty font collection
• Improved: Better error handling for edge cases

1.0.1

• Added: Top-level admin menu (moved from Settings submenu)
• Added: Link to SafeFonts.com in upgrade notice
• Added: MIME type filter for font uploads
• Fixed: Font upload validation issues
• Improved: Better admin menu organization for future expansion

1.0.0

• Initial release
• Individual font file uploads (woff2, woff, ttf, otf)
• Security-focused validation (magic bytes, MIME types, file hashing)
• Custom database storage for performance
• Automatic Gutenberg integration
• WordPress 6.5+ Font Library support
• Font preview in admin interface
• Configurable file size limits
• Multiple font weight and style support