In this article we're going to discuss how to identify cookies on a WordPress website. This is a necessary skill for compliance reasons, specifically due to the GDPR and CCPA regulations.
As the regulatory environment trends more towards enter privacy, the skill of identifying cookies on your WordPress website will become ever more mandatory.
In 2020, you want to know how to identify cookies on a WordPress website because you typically need to disclose all of them on a privacy policy. This is especially true if you operate or do business within the European Union, as you can get a pretty hefty fine if you don't comply with their GDPR regulation.
Even if you're in the states, following the best cookie practices is a good thing to do -- if you don't you could be opened up to legal liability when it comes to this.
To learn more about what cookies are, and the compliance that you need to follow, we recommend reading the official GDPR page regarding this.
incredibly, throughout the 88 pages that make up this regulation, cookies are only mentioned once. Broken down simply, it states that companies or websites can process user data as long as they receive consent, or if there is a legitimate interest.
Basically, you can use strictly necessary cookies without receiving user consent. However, you need to get user permission to use all other cookies -- This includes Google Analytics and Facebook pixel.
In our opinion, it's just good to disclose all of your cookies upfront, and request user permission to use them.
That's where the skill of identifying cookies on a WordPress website comes in handy. You need to know what your website is actually using before you can disclose them.
There are many expensive services that will try to tell you that identifying cookies on a WordPress website is a very difficult thing to do, and you should just pay them for their service. Luckily, this is anything but the truth, and it's very easy to identify cookies on a WordPress website using your built-in Browser development tools.
This article is going to be using the Chrome DevTools as an example, but keep in mind that any major browser has development tools that you can use to identify cookies.
When it comes to identifying WordPress cookies, first open up the root domain of your WordPress website. We will be using our agency website found at isotropic.co for this example.
Open chrome dev tools by right clicking on the window and selecting inspect. This will toggle the initial development tools interface that comes with the Chrome web browser. Many people consider Chrome DevTools to be the best (so we actually like the dev tools that ship with FireFox development edition more).
Once the window has opened, navigate to the application tab, and then select cookies which is a tab under storage.
Initially, and nothing will show as you need to click the little drop down arrow and select the domain that you would like to view cookies for. If you are serving cookies from a third party domain, you will see a list of multiple domains, not just your websites.
In our example, we have cookies being served from both our URL, as well as Facebook.
To identify the cookies on your WordPress website, click on the domain under the cookies tab in the Chrome DevTools.
Then, a list of all of the cookies that are being used on your WordPress website will pop up. In our example, there are four major cookies that show on our WordPress websites homepage.
You can see that we have a Facebook pixel cookie, Google Analytics cookie, and a Cloudflare cookie. the cloud flare cookie can be classified as strictly necessary, whereas the Facebook and Google cookies operating on our WordPress website are not strictly necessary.
If you're not sure what cookies are actually being listed here, you can simply search up the name in Google, and you will find tons of entries describing what the individual cookie is, and what it does period from that information, you can identify if it is a strictly necessary entry, or if you need to get user consent to use it on your side.
Keep in mind, cookies on WordPress websites can change from page to page. This means that you could have additional cookies on subpages such as a blog page or a contact page. We recommend running through the major pages and posts on your website, to identify all cookies operating in WordPress.
In fact, once the cookie viewer that comes with Chrome DevTools is open for your domain, navigating through your website will automatically update the list of cookies found. For example, when navigating to our blog post we identified two additional cookies, one for the PHP session ID and another for the Google tag manager.
If you click on the cookie in the Chrome DevTools list, you will be able to see its specific value. Additional information is shown on the table, such as the domain, the path, when the cookie expires, the bite size of the cookie, if it is only served over HTTP, the security of it, the same site protocol, and finally, the priority.
As you can see, this is an incredibly quick and easy way to identify cookies on a WordPress website, and you don't need to use any third party services that could be quite costly to do this. After identifying the cookies, you can then Work to comply with GDPR And other privacy regulations by only using strictly necessary cookies and gathering user consent for additional ones.
If you have any questions about how to identify cookies on a WordPress website, feel free to reach out in our comments section.
Need a plugin?