How to Add a GDPR Cookie Banner to a WordPress Website?

If your WordPress site gets traffic from the EU or UK, a GDPR compliant cookie banner isn’t optional; it’s a legal requirement. And while the compliance part sounds intimidating, setting it up doesn’t have to be.

Using WebToffee’s Cookie Consent plugin, you can add a fully compliant cookie banner to your WordPress site without touching a single line of code. Display accept and reject options, collect explicit user consent, block cookies before consent is given, and stay on the right side of GDPR — all from your WordPress dashboard.

Once the plugin is active, head to the Cookie Consent menu, enable the banner, set your consent law to GDPR, and configure settings like geo-targeting and IAB TCF support. You can also customize the banner’s layout, colors, and content to match your site’s design before publishing it.

This guide walks you through the entire setup, from installing the plugin to fine-tuning the banner appearance — so your site is GDPR cookie compliant by the time you’re done.

A cookie banner is a popup that appears when a user visits your website for the first time, informing them that your site uses cookies and other trackers. It explains what data is being collected, why it’s collected, and gives users clear choices to accept, reject, or customize their cookie preferences.

One important thing many site owners miss: a cookie banner shouldn’t just inform users about cookies — it should also block all cookie scripts from running until the user actually gives consent. Displaying a banner while cookies are already firing in the background doesn’t count as compliance.

Cookie consent banners became standard practice with the rise of global privacy laws. The General Data Protection Regulation (GDPR) introduced by the European Union set strict rules on how websites must handle personal data and obtain user consent. Because GDPR is considered one of the toughest privacy laws globally, websites with visitors from the EU are required to display a compliant cookie banner and secure explicit consent before storing cookies.

A cookie banner is mandatory if your site receives visitors from the EU, UK, or other regions with active privacy laws. Here’s why:

• GDPR and ePrivacy require it: If you target EU/UK users and your site uses profiling cookies or trackers for personalized ads (which most sites do), a compliant cookie banner is non-negotiable.
• Third-party widgets count too: Even if you think your site doesn’t use tracking cookies, social sharing buttons, embedded videos, and comment widgets can silently install cookies.
• US state laws apply as well: If you receive traffic from California, your cookie notice should include a “Do Not Sell My Personal Information” opt-out link under CCPA.
• Fines are real: Millions of euros in GDPR fines have been issued to companies that failed to obtain proper cookie consent. Small sites aren’t immune.

Follow these steps to create a GDPR compliant cookie banner for your WordPress website.

Step 1: Install WebToffee Cookie Consent Plugin for WordPress

WebToffee’s GDPR Cookie Consent plugin is a Google-certified CMP solution for WordPress websites. It helps you comply with EU GDPR and US state laws. With this plugin, you can manage cookie compliance with IAB TCF and Google Consent Mode integrations built right in.

After purchasing the plugin, download the plugin zip file from the My Account section. You’ll also receive an email with the download link.

To install:

1. Open your WordPress dashboard and go to Plugins > Add New Plugin.
2. Click Upload Plugin and select the downloaded zip file.

Click Install Now, then Activate the plugin.

Step 2: Configure the GDPR Cookie Banner Settings

Go to Cookie Consent from your WordPress sidebar menu, then open the Cookie Banner settings page.

Here’s what to configure:

1. Under Consent Law, select GDPR.
2. Check the Enable cookie banner checkbox.
3. Set Geo-targeting to EU Countries & UK — this ensures the banner only appears for visitors from those regions.
4. If your site displays third-party ads, enable IAB TCF 2.2 and configure the related settings. If you don’t run third-party ads, you can skip this.
5. Expand the Show advanced settings dropdown:
   • Enable the Reload page upon user consent checkbox.
   • Optionally, choose pages where the banner should be hidden.
   • Set how long user consent remains valid before it’s requested again.

Once done, move to the next step.

Then, proceed to the next step.

Step 3: Choose a Layout for the Cookie Banner

Go to the Layout tab and choose a Banner style for the cookie notice. You can also choose a style for the Preference Center — this is the panel users see when they want to manage or update their cookie preferences.

Step 4: Customize the Cookie Banner Appearance

Switch to the Content & Colors tab to personalize your banner:

• Edit the title and content text for the cookie banner.
• Set colors for the text, buttons, background, and border.

• Next, expand the Revisit Consent menu and enable the Revisit consent button. This adds a persistent button on your site so users can come back and modify their preferences at any time — a requirement under GDPR.

• Finally, click Update settings to save everything.

Your GDPR cookie banner is now live on your WordPress website.

Setting up a cookie banner is one thing — making sure it’s actually GDPR compliant is another. Use this checklist to verify your implementation covers all the bases.

• Inform users about cookie usage in simple, clear language
• Provide auto-translation based on the visitor’s preferred language
• Categorize cookies based on their purposes (necessary, analytics, marketing, etc.)
• Allow visitors to accept or reject cookies by category
• Display both Accept and Reject buttons on the banner
• Allow users to close the banner without providing consent
• Automatically block third-party cookies until the user grants consent
• Add links to your Privacy Policy and Cookie Policy
• Allow users to withdraw or modify their consent preferences at any time
• Ensure the banner is responsive across all screen sizes

WebToffee’s GDPR Cookie Consent plugin is a complete cookie compliance tool for WordPress websites. It helps you comply with major privacy laws like GDPR and CPRA for using cookies on your site. You can create a cookie consent notice and collect implicit or explicit consent from your visitors.

The plugin scans and identifies third-party cookies on your website and automatically adds them to your cookie list. It blocks those third-party cookies until the user gives consent, and supports granular controls so visitors can partially consent based on cookie categories.

Geo-targeting is built in, so EU users see a GDPR-compliant banner while US visitors see one that aligns with applicable state laws. The plugin is also compatible with popular multilingual plugins and comes with out-of-the-box translations for 10 languages.

Every website owner dealing with visitors from the EU needs to take GDPR compliance seriously. The fines for violations are steep, and regulators have made it clear that consent must be real — not buried in fine print or pre-checked boxes.

If you haven’t set up a compliant cookie banner yet, now’s the time. WebToffee’s GDPR Cookie Consent plugin makes it straightforward — install, configure, and you’re covered. Make sure your site also has a solid privacy policy and cookie policy in place.

You might also be interested in our article on the best GDPR plugins for WordPress. Have questions? Drop them in the comments below.