‘Cookies’ are small bits of data that enable user-specific features, but they have also become a source of privacy concerns and security risks. This is why the so-called ‘Cookie Law’ was put in place. In a nutshell, this requires user consent to be collected before using them. To meet this requirement, you’ll need a way to both block cookies and collect consent.
One of the easiest ways to do this on your WordPress website is (of course) by using plugins. There are a number of plugins available to help you stay on the right side of the Cookie Law in WordPress.
In this article, we will firstly discuss the Cookie Law in more detail, then we’ll look at whether or not WordPress sites use cookies. Finally, we’ll round up some solutions and discuss how you can set up a cookie consent notification on your website. Let’s get to it!
An Introduction to the Cookie Law
The Cookie Law is a regulation put in place to protect people’s privacy while surfing the internet. It requires websites to get informed consent from EU-based visitors before collecting any information about them via cookies. The first step of complying with the law is showing a cookie banner (also called ‘cookie notice’) on the user’s first visit to your site:
This cookie banner must also link to a cookie policy, which contains details related to the particular cookies in use on your site such as data retention time, the purposes of the cookie, the name of the third party running the cookie etc.
The next step is actually blocking the cookies prior to receiving the user’s consent, then releasing the cookies once consent has been collected. Now as you can imagine, this step is the most difficult on a technical level. Before we jump into the solutions, let’s take a look at what cookies are and whether or not you actually use them when running a WordPress site.
Cookies themselves are plain text files created and saved on a user’s computer when they visit a website. They store user-specific data, such as login credentials and temporary session information. For a real-world example, think about returning to an e-commerce site where your shopping cart still contains the items you previously added. This is because they were saved using cookies.
Overall, cookies generally make the User Experience (UX) faster and more personalized, but they can also be used in more invasive ways, such as when creating ‘behavioral profiles,’ or showing retargeting ads. Often things like this involve cookie data being shared across multiple websites or ad vendors.
WordPress itself generates two different kinds of cookies by default: for a session and for comments. The former is set when a user logs into a WordPress website and stores their authentication details. The latter contains a user’s name, email address, and URL fields to automatically fill in those sections when they leave a comment on your website.
Now consider that many plugins, widgets, add-ons such as social buttons, and external services such as analytics use cookies too, and it becomes clear the Cookie Law requirements most likely apply to you.
3 Plugins for Setting Up a Cookie Banner and Managing Cookies on Your WordPress Website
In order to comply with the Cookie Law on your website, you will need to display a cookie banner, link to a cookie privacy with all of the relevant cookie details, and block cookies until you’ve collected user consent.
Below are three of the top plugins listed in the WordPress plugin directory that you can use to make the process easier.
1. Illmenite Cookie Consent
First up, Illmenite Cookie Consent is a lightweight option for setting up a cookie banner on your website. It uses a notification bar design at the top of the web page, and only has a single setting for inputing a link to your cookie policy.
However, because this plugin simply provides a link and notification to opt-out of cookies, any implementation means it doesn’t comply with the Cookie Law (unless you’re running only exempt cookies, which likely not the case). It’s the responsibility of the site owner or data controller to block cookies until they receive user consent, which could be problematic with a bare bones solution such as this one.
What’s more, this particular plugin hasn’t been tested with more recent versions of WordPress. This could also cause an issue with security if your setup is not thoroughly vetted.
Overall, if you’re looking for a minimalistic solution and have in-house means of handling other aspects of Cookie Law compliance, this plugin could be ideal. Otherwise, read on if you’re looking for either greater customization, or a more comprehensive solution.
2. GDPR Cookie Consent Banner
Next up, GDPR Cookie Consent Banner automatically places a cookie consent box on your website. All you have to do is install and activate the plugin, which makes it pretty simple to use.
There are also a number of customization options you can employ. Like most of the other plugins included in this list, it includes the option to show your cookie notice on the first visited page only and includes the ability to set a delay time for the banner.
However, much like our previous entry, this plugin also does not block cookies directly it simply shows a banner and link. What’s more, the plugin doesn’t generate a cookie policy for you. While this plugin does have a high rating and a fair few downloads, you risk violating the law if you run anything other than exempt cookies.
3. iubenda Cookie Solution for GDPR
Finally, the iubenda Cookie Solution is the only plugin on this list which implements a fully customizable notification banner, generates a cookie policy, offers cookie blocking, and provides cookie management features including consent analytics. This makes it one of the easiest ways to make your site fully Cookie Law (and GDPR!) compliant.
In addition, this plugin includes some convenient functionality to make your life a little easier. For instance, it will automatically insert the iubenda code in the header of every page on your site, and display a clean page to users who have already provided their consent.
For meeting ePrivacy requirements and GDPR compliance, we’ve found that the iubenda Cookie Solution is the most effective all-in-one tool.
How to Block Cookies on a WordPress Website
As you may have gathered, hosting a cookie consent form on your website can help to build trust and loyalty with your visitors, while making you legally compliant as well.
Let’s go over how to set one up using iubenda Cookie Solution, as this plugin is simple to use and also offers plenty of customization options. Installing and activating the plugin happens in the usual way. After that, you can click on iubenda on the left-hand side of your WordPress admin area.
You’ll be brought to an options screen:
Below this is a large field asking for your iubenda code to activate the plugin:
To get your code, you’ll need to create an account on the iubenda website and activate the Cookie Solution. The Basic plan is free, and is a great way to get started.
Once you’ve input your code, you can move on to the additional settings. Now out of the box, the plugin automatically blocks some of the most popular scripts. However, should you need to add custom scripts not already blocked, you can use the Scripts interface.
Don’t worry if you don’t immediately understand everything, iubenda has a pretty extensive guides available for all their plugins. Once you save your changes, navigate to the front end of your site, check out how the notice looks, and tweak the result until you’re happy. For additional and extensive customization options, go to the Cookie Solution interface in your iubenda account dashboard.
Finally, the last step is adding your cookie policy to your banner. Iubenda’s plugin does give you the option to add your own custom made policy, but preparing a cookie policy on your own (or using a template) can be tricky as the cookie policy must be legally complaint.
If you’d prefer to leave it to the experts (a wise decision), iubenda dynamically creates a cookie policy for your banner at the click of a button for all Pro Plan users.
Conclusion
Having an effective way to block cookies and collect consent is an essential part of running a WordPress website. The good news is there are many solutions to choose from to help you do so.
This post has looked at three plugins for blocking cookies and collecting consent on your website. Let’s quickly recap them:
- Illmenite Cookie Consent. A lightweight solution for adding a consent banner, but one that doesn’t help you comply with the Cookie Law.
- GDPR Cookie Consent Banner. A customizable plugin with a simple setup, although it doesn’t block cookies directly
- iubenda Cookie Solution for GDPR. An all-in-one solution that helps you maintain GDPR compliance through a notification banner, privacy policy text, blocking and management features, and our top pick.
Do you have any questions about how to block cookies in WordPress? Ask away in the comments section below!
Image credit: LUM3N.
No Comments