Be fully GDPR and CCPA compliant through Content Security Policy.
Block cookies and unwanted external content by setting Content Security Policy. A modal will be shown on the front end to let the visitor choose what kind of resources to accept. It also adds a layer of security for your site since iframes, scripts and images from unknown domains are blocked.
Multilingual support through WPML, Polylang or probably any multilingual plugin out there since this plugin follows WordPress Coding Standards. See FAQ below on how to translate with WPML or Polylang.
New: Quickstart
New since version 1.57: Quickstart, choose common resources from a list that are automatically added to your Domains list. So, its even easier to set it up! Check, check, check and check! Updated regularly.
Screenshots
First modal, when using default colors.
Second modal, when using default colors.
Banner, when using default colors. Replaces First modal, when the setting “Do not use a modal, I want a banner.” is used.
First modal, example of customized colors.
Second modal, example of customized colors.
Banner, example of customized colors.
Activate, by default when installing, the plugin is deactivated, choose admin to test your settings before going live just to check out if everything works.
Quickstart, choose from a long list of common resources to get started super quick.
Domains, this is where you white list all the domains where you allow content to be served from.
Texts, use the default texts or write your own. This is also fully multi language supported.
Settings, cusomize it how you like it.
Colors, without knowing css or anything, customize the colors to fit your site.
Look in console to see what is blocked. In this case you’d probably like to add https://platform.twitter.com/ to Experience > Script. Or just use Quickstart and choose Twitter.
Installation
Search for Cookies and Content Security Policy under Plugins on your WordPress install or download and:
Upload cookies-and-content-security-policy to the /wp-content/plugins/ directory
Activate the plugin through the Plugins menu in WordPress
Go to Settings > Cookies and Content Security Policy
FAQ
Yes, if you set it up right.
Yes, if you set it up right.
After install, open a console (see screenshot 13) and see what is blocked by Content Security Policy. Then just go to the settings and white list all domains you want to accept.
There are three scenarios where this can happen:
In some cases cookies are cached. It could be your hosting (for example WP Engine does this), then just contact them and ask them to uncache the cookies_and_content_security_policy cookie.
In other cases it could be your cache plugin (for example Litespeed cache does this), then just review your settings. In the case of Litespeed cache, go to Cache/Excludes and exclude cookies_and_content_security_policy.
If youre using static page cache that doesnt go through php, go to Settings > Cookies and Content Security Policy > Settings and check Use meta under Advanced settings.
In English
https://oddoneout.se/en/ Transladed strings in Polylang, works in the same way with WPML
https://draftitprivacy.com/ Transladed strings in Polylang, works in the same way with WPML
In Swedish
https://oddoneout.se/ Transladed strings in Polylang, works in the same way with WPML
https://draftitprivacy.se/ Transladed strings in Polylang, works in the same way with WPML
https://draftit.se/ Multisite, also https://draftitskola.se/
https://expolon.se/ Multisite, also https://expohr.se/
https://studiocanalis.se/
https://yogajona.se/
https://handelskammaren.com/
https://sydsvenskan.minibladet.se/ Multisite https://minibladet.se/ for all sites
In Norwegian
https://draftitprivacy.no/ Transladed strings in Polylang, works in the same way with WPML
Yes.
Yes, all texts are translatable. There are 10+ languages already translated. And if you want to contribute with a translation of your own language, please do! <3 All texts on the front end can be changed directly in the admin. And if you are using WPML, Polylang, or some other multilanguage plugin, there is also support for multilanguage translations.
Make sure you have WPML String Translation installed.
Go to Settings > Cookies and Content Security Policy > Texts and save your texts.
Go to WPML > String Translation.
Search for cacsp_ (without quotes).
Click the plus sign to add translation.
If you have a string named cacsp_option_settings_policy_link, the value is a number. It is the ID of the Cookie policy page. Translate this by entering the ID of the cookie policy page in the language you are translating to.
Go to Settings > Cookies and Content Security Policy > Texts and save your texts.
In the WordPress admin bar, choose Show all languages.
Go to Languages > Strings translations.
In the View all groups dropdown, choose cookies-and-content-security-policy, and click Filter.
Translate your texts in the form.
If you have a string named cacsp_option_settings_policy_link, the value is a number. It is the ID of the Cookie policy page. Translate this by entering the ID of the cookie policy page in the language you are translating to.
Yes, there are settings for using a modal or a banner. Also you can choose if the site should be locked behind the modal or if the site should be usable without setting your preferences. You can also change the colors of everything. And if you want you can disable the css entirely and use your own.
No, but you can make your own, and in the settings you can select it and the modal wont show there so that the user can read it without accepting first.
You can add a link anywhere on your site that links to #cookiesAndContentPolicySettings and clicking that will open the settings.
Yes, but you also get them unminified and the css also comes as SASS so you can change anything.
Yes, just add the querystring ?cacsp_bypass=true to your url, when running speedtest in Gmetrix for instance. It will set a session cookie that accepts all Domains youve set.
Yes! Not all are tested, but all tested works!
These have been tested:
Divi
Beaver Builder
WPBakery Page Builder
This happens if you are using for example Bedrock by Roots.
Go to the plugins folder, and in the folder cookies-and-content-security-policy, rename the file cookies-and-content-security-policy-vars-sample.php to cookies-and-content-security-policy-vars.php. After that, change this line: $wp_load_path = /your/custom/path/to/wp-load.php; so that the path reflects your server path to wp-load.php. The value can also be relative, like ../../../../wp-load.php.
