This WordPress plugin simplifies the implementation and customization process of Cookie Control by Civic UK.
There are several license types available, including:
Community edition – Provides all of the core functionality of Cookie Control, and is of course GDPR compliant. You can use it to test Cookie Control, or if you don’t require any of its pro features.
Pro edition – Includes all of the pro features for use on a single website, priority support and updates during your subscription.
Multisite Pro Edition – Offers all of the pro features for use on up to ten websites, priority support and updates during your subscription.
Pro edition and Multisite Pro Edition support IAB (TCF v2.0).
To find out more about Cookie Control please visit Civic’s Cookie Control home page.
You will need to obtain an API KEY from Civic UK in order to use this plugin.
Cookie Control is simply a mechanism to enable you to comply with UK and EU law on cookies. You need to determine which elements of your website are using cookies (this can be done via a Cookie Audit, and ensure they are connected to Cookie Control.
Plugin Updated to support both version 8 and version 9 api keys. Read more
- Obtain an API Key from Civic UK for the site that you wish to deploy Cookie Control.*
- Upload the entire plugin folder to the /wp-content/plugins/ directory.
- Activate the plugin through the ‘Plugins’ menu in WordPress.
- Configure the plugin by selecting ‘Cookie Control 8’ on your admin menu.
- All done. Good job!
- If you already have an API Key and are wanting to update your domain records with CIVIC, please visit Civic UK
API Key Error
If you are using the free version your API key relates to a specific host domain.
So www.mydomain.org might work, but mydomain.org (without the www) might not.
Be sure that you enter the correct host domain when registering for your API key.
The recommended way of avoiding this problem is to create a 301 redirect so all requests to mydomain.org get forwarded to www.mydomain.org
This may have SEO benefits too as it makes it very clear to search engines which is the canonical (one true) domain.
Be sure that you enter the correct version for your API key
Is installing and configuring the plugin enough for compliance?
Only if the only cookies your site uses are the Google Analytics ones.
It is your responsibility as a webmaster to know what cookies your site sets, what they do and when they expire. If you don’t you may need to consult whoever put your site together.
Support for Cookie Control is available via the forum: https://groups.google.com/forum/#!forum/cookiecontrol or open a support ticket in Support
Update from previous version
Users with plugin versions prior to 1.10 (downloaded directly from civicuk.com website) should backup their data, delete the older plugin version and download the latest version from WordPress repository. Your data will remain intact, however you will have to re assign the third party cookies inside each cookie category and then save your settings. Users with version prior to 1.6 should review all settings and select values for newly created configuration options.
GOVUK consent banner is displayed the first time a service is used and persists on every page of the service until the user selects an option and updates their settings.
Read more about this pattern here https://design-system.dwp.gov.uk/patterns/consent-to-cookies
The shortcode [ccc_gov_uk_block] builds a form with all cookie category configured so that users can change their consent.
Contributors & Developers
“Civic Cookie Control” is open source software. The following people have contributed to this plugin.Contributors
Interested in development?
- Prefix all placeholders text with eg.
- Marked the required fields (under the Cookie category section)
- Added Custom Lisence product type.
- Removed some warning messages.
- Fixed Third party cookies bug.
- Fixed IE11 GOVUK Banner bug.
- PHP 7.4 Notice fixed.
- Added GOVUK Banner Layout based on this pattern https://design-system.dwp.gov.uk/patterns/consent-to-cookies.
- Bug fixes.
- Added support for TCF v2.0 Policies and Technical Specification changes to require disclosrue of storage duration (Planet49 ruling).
- Bug fixes.
- Fixed Same Site Value.
- Fixed Initial State ‘Closed’ value.
- Added support for LGPD legislation, by adding the vendors property to list vendors individually for each category.
- Added new text properties for vendors: showVendors, thirdPartyCookies and readMore
- Added outline property in the Accessibility Object to allow users to use the default browser outline.
- Added closeText and closeBackground options within the Branding Object to allow changing the styling of the “Close” button (if used).
- Added notifyFontColor and notifyBackgroundColor options within the Branding Object to allow changing the styling of notify interface (if used).
- Added fullLegalDescriptions and dropDowns properties in the iabConfig object to make the IAB view more concise.
- Added legalDescription text property for the updated IAB interface.
- Added saveOnlyOnClose property in the iabConfig object.
- Bug fix in cookie control script version.
- Update cookie control script version to latest stable version.
- Bug fix in “On load callback funtion”.
- Removed iabCMP language field.
- Removed wp_kses() from “On accept callback function” and “On Revoke callback function” inside Cookie Category.
- Changed labels text for CCPA.
- Added new ccpaConfig Fields
- Fix statement , ccpaConfig and general improvements for plugin users.
- Added overlay option within Accessibility Object to accentuate the presence of an open notification bar or panel and discourage use of the main site while these elements are open.
- Added setInnerHTML to allow HTML content within text properties.
- Removed from IAB panel the objectPurposeLegitimateInterestObject, VendorLegitimateInterest, On, Off as they are no longer used.
- Added notifyDismissButton option to hide the X close icon on the notify bar.
- Added sameSiteValue property to control the value of the SameSite flag for the CookieControl cookie.
- Added some legal texts required by IAB TCFv2.0
- Fixed Close on global change.
- Fixed same Site Cookie.
- Added Accept All settings button text.
- Plugin Updated to support both version 8 and version 9 api keys.
- Support for IAB TCF v2.0. Support for v1.1 has been dropped since it is to be depreciated by IAB at the end of March 2020; certain IAB related public methods have been removed and the iabCMP text object has been updated accordingly. It is no longer necessary to set optionalCookies when in iab mode since IAB purposes will be the first panel settings.
- Support for California Consumer Privacy Act (CCPA). – Cookie Control can work in either GDPR or CCPA mode based on the user’s location.
- Added new box option for the initialState property.
- Added sameSiteCookie property, to control whether SameSite:Strict is set to the CookieControl cookie. Setting this to false would mean Cookie Control can only work over HTTPS.
- Added acceptBehaviour property to control the behaviour of “Accept” buttons. They now default to accepting all cookies. Please note that this is different from the behaviour of v8 where only recommended cookies were accepted.
- Added locale property so that the selected locale is customisable. It still defaults to the user’s browser language.
- Added closeOnGlobalChange property so that the there is control on whether the window should close or remain open when the user accepts/rejects cookies.
- Added settingsStyle that Determines the appearance of the settings button on the notification bar.
- Added branding sub-properties that control the styling of the reject buttons
- Accessibility improvements and bug fixes.
- All apikeys now work under the following local adresses: localhost, 127.0.0.0/8, 10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12
- Added Reject Button Text for Notify bar.
- Fixed Third Party Description.
- Added top option for the initialState property, which is similar to notify but will display a bar at the top of the page ( Pro Edition ).
- Plugin updated to use CookieControl 8.3.
- Cookies field quotes fixed
- Fix error messages
- Fix notices
- Added alternative appearance styles for the notify bar’s settings button.
- Added encodeCookie property to better support RFC standards and certain types of server processing.
- Added subDomains property to offer more flexibility on how user consent is recorded.
- IAB support (TCF v1.1)
- Fix trim Api Key
- Fix some css for radio buttons
- Fix visibility tabs for Pro License
- New Restructure core files
- Redesign user interface on settings page
- Auto Check API KEY from Civic Server so you don’t have to choose manually the license type
- Fix General Bugs
- Fix php7.2 warning
- Fix necessary cookies bug
- Fix lawful basis bug
- Added alternative styles for closing the module (closeStyle property) and toggling consent to a cookie category (toggleType property).
- Improved accessibility support (accessibility property).
- Renamed initialConsentState to recommendedState so that it is more intuitive.
- Extended the branding options available.
- Simplified the module\’s Cookie Footprint, and removed the need for localStorage. Everything Cookie Control needs is now stored in a single cookie, named CookieControl.
- Automatically convert invalid cookie names from user settings to valid alternatives.
- Added onLoad callback property to execute custom code when Cookie Control is fully loaded.
- Extended public methods with saveCookie() and geoInfo().
- Fix backward compatibility for logConsent variable
- Fix bug when removing catgories and add new ones
- Fix logConsent bug
- Remove privacy link icon if url is empty
- Remove some console warnings
- Add wp session cookies to necessary cookies by default
- Bar and pop up option for pro version
- More options changing default text strings
- Statement array to add privacy link
- Multiple objects support for third party cookies
- Consent cookie expiry option added
- Third party cookies on acceptance functionality added
- Initial Release