Hi @delbono72,
Thanks for reaching out – this is actually a good question, and you were already on the correct route to the right answer!
I’d like to start with your latest sentence:
Do the plugin just replace img urls with wpcdn.mysite.com without giving access to anybody?
That is what our CDN does. You can pick an image form a third-party site that doesn’t use Jetpack (for example, Google) and serve it with our CDN:
– Google Doodle image: https://www.google.com/doodles
– Same image served by our CDN: https://i0.wp.com/www.google.com/logos/doodles/2021/ruth-de-souzas-100th-birthday-6753651837108929-2x.png
Therefore, to clarify this bit:
I’d like to know if using the CDN functionality WITHOUT wordpress.com account, lets wordpress.com site gain access to my site some way other then connecting using a wordpress.com account.
We use the same connection, with or without a WordPress.com user in place. The difference from having a WordPress.com user connected lies in the option of performing actions on behalf of the user, such as publishing posts in social networks via Publicize.
Our CDN doesn’t need this functionality and permissions to work, so it’s one of the Jetpack modules that can safely work without a WordPress.com user connected.
Last, but not least:
Would and admin credential of mine be saved on wordpress.com servers if I just connect the SITE without creating the account?
Not at all. No credentials are ever stored in WordPress.com servers, not even when a user is authenticated. When in a site-level connection, WordPress.com and the remote site share a secret token they use to communicate securely.
Hope that answers your questions!
