How to Automatically Block Cookies Using the GDPR Cookie Consent Plugin
The GDPR Cookie Consent plugin allows you to block the scripts of the cookies that are added through the plugin until the users give their explicit consent by clicking on the Accept button. The scripts will not be rendered on the website if users ignore the cookie bar or click on the Reject button denying the consent to the use of the cookies on the website.
But in some cases, the scripts of certain cookies may be added from the theme or through some other plugins of the website. These scripts cannot be blocked by clicking on the Reject button of the cookie notification bar since the scripts are not rendered through the GDPR Cookie Consent plugin. However, our plugin has a functionality to automatically block the cookies from the following third-party scripts:
- Google Analytics
- Facebook Pixel
- Google Tag Manager
- Hotjar Analytics
- Google Publisher Tag
- Youtube Embed
- Vimeo Embed
- Google Maps
- AddThis Widget
- ShareThis widget
- Twitter Widget
- SoundCloud Embed
- SlideShare Embed
- LinkedIn Widget
- Instagram Embed
- Pinterest Widget
- Google Adsense
- Hubspot Analytics
- Matomo Analytics
- Google Recaptcha
To automatically block the scripts of the cookies installed by these services using the GDPR Cookie Consent plugin, go to GDPR Cookie Consent > Script Blocker > Scripts tab. This will take you to the Manage Script Blocking page as shown in the screenshot below.
For e.g, let’s say your website uses Hotjar Analytics to track how the user uses your website. To ensure that the Hotjar cookies are not installed unless the users have given explicit consent, make sure that the toggle button corresponding to Hotjar is enabled.
Alternatively, you can also choose to add the scripts(in the head/body section) via the Cookie List, especially scripts corresponding to services not listed under the Script Blocker.
By default, all the scripts in the script blocker are in an enabled state. When the script blocker is turned on, the cookie scripts will be automatically blocked. But for the users to have control over whether or not to render the scripts on the website, the scripts are assigned a category.
To autoblock scripts of plugins, move on to the Script Blocker >Plugins section. It will allow you to manage automatic script blocking for your website. The following three plugins are currently supported for auto-blocking.
- Official Facebook Pixel
- Smash Balloon Instagram Feed
- Smash Balloon Twitter Feed
Plugins marked inactive are either not installed or activated on your website. Enabled plugins will be blocked by default on the front-end of your website prior to obtaining user consent and rendered respectively based on consent.
If you wish to disable automatic script blocking for any of these plugins, you can do so by simply toggling the button against the respective plugin.
You may assign any of the predefined categories or create new categories from GDPR Cookie Consent > Cookie Categories. One can also change the script’s default cookie category if required.
If the script blocker is in an enabled state, the scripts of the cookies installed by the above-mentioned cookies are blocked automatically on the website until the users give their consent. If the user rejects, all the scripts are blocked by the plugin.
Refer How to check if a cookie script is blocked to know more on it.
The GDPR Cookie Consent plugin allows you to give the users granular control over the categories of the cookies that they want to accept or reject. When using the Script blocker functionality, the user still gets to choose whether or not they want to the website to install these cookies into the website. The below screenshot shows how the users can enable or disable the cookies from the front end.
To do this, categories have to be assigned to each of these scripts of the cookies in the Automatic script blocker. You may also change the assigned categories in the script blocker page.
The important thing to remember is that there should be a cookie assigned to the category as well for the category to appear in the Settings popup. Also, if there is no cookie assigned to the category in the script blocker, the scripts will not be rendered at all when clicked on the Accept button. For example, if you assign the category Analytics to the scripts of Google Analytics, you must have a corresponding cookie with the same category in the Cookie List. If there is no cookie created in such a manner, the said category will not appear in the front-end popup.
If the toggle button for any of the scripts is disabled, the scripts for these cookies will not be blocked and the users will not have the option to enable or disable the categories of assigned to the automatic script blocker.
However, if the scripts related to these cookies have been added to the GDPR Cookie Consent within the head scripts or body scripts area, and the scripts are not added anywhere else on the website, you don’t necessarily have to enable the corresponding scripts in the Manage Script blocking page. The scripts added through the plugin will only be added only when the user gives their consent.
In cases when the geo IP feature is enabled, that is the cookie bar is only visible for the visitors from the European Union, the scripts are loaded all the time for the visitors other than that of the EU, even if the automatic script blocker is enabled.
For the scripts of the cookies that are not added through the plugin and not automatically blocked by the plugin currently, we recommend that they only are added to the plugin in order to be rendered only when the user gives their consent. For example, if the scripts for the AdSense cookies are added through the theme of the website, it will not be blocked by the plugin when the users do not consent to it. Since at the moment, the scripts for AdSense are not automatically blocked by the plugin yet, the scripts should be added through the plugin to make the website comply with the GDPR Cookie Law.