Why we self-host our fonts
Loading a font from a third-party CDN leaks your visitors' IP addresses. Here's what we do instead.
- #privacy
- #engineering
It’s a small thing that says a lot. Most websites load their fonts from a third-party CDN — usually Google Fonts. It feels free and convenient. But every time a visitor’s browser fetches that font, it hands a third party their IP address, user-agent, and the page they’re on. Multiply that by every page view, forever.
The fix is boring
We bundle our fonts into the site itself. They’re served from the same origin as everything else, so a visitor’s browser never talks to anyone but us.
/* self-hosted via the @fontsource npm packages — no external requests */
@import "@fontsource-variable/space-grotesk";
@import "@fontsource/space-mono/latin-400.css";
That’s the entire trick. The fonts are SIL OFL licensed, so we’re free to redistribute them, and the page paints without a single round-trip to a CDN.
Why it matters
Privacy isn’t one big feature you bolt on. It’s a hundred small defaults, each chosen the boring, honest way. Self-hosting fonts is one of them. Stripping trackers is another. The result is a site that needs no cookie banner — because there are no cookies.
If you want help doing the same for your project, that’s literally one of our services.