Table of Contents
CookieGuard
Author: mirai-online, Revised by Fraenkiman
Description
Tip of the day:
The CookieBanner plugin can be a more discreet alternative, but does not offer the option of blocking unnecessary cookies.
CookieGuard is a FlatPress plugin that gives you full control over cookie consent and management. It adds a user-friendly admin panel for configuring essential, non-essential, and server-side cookies. Automatically detects and cleanly removes unknown or HttpOnly cookies and supports secure, HttpOnly cookie setting via a dedicated endpoint. With fast UI animations and out-of-the-box translations in 14 languages, it streamlines GDPR-compliant cookie handling for your site.
Download
Demo
FAQ:
Q: Why does CookieGuard create 2 cookies at a time?
A: Each time CookieGuard creates a cookie, two cookies with the same value but different properties are set. The reason for this is as follows:
1.) The real cookie (HttpOnly, Secure, SameSite=Lax
)
This cookie is created on the server side with the PHP function setcookie()
- it is provided with the HttpOnly
flag (JavaScript cannot read it), has the actual name (e.g. cookieguard_allowedCookies) and is intended for secure processing by the server. This ensures that nobody can access sensitive cookie data via JavaScript.
2.) The _js
cookie (JavaScript-readable)
A second cookie with the same value, but appended with _js
, is set directly afterwards - also on the server side in cookieguard_setcookie.php
or in the JS fallback (e.g. cookieguard_allowedCookies_js). This cookie is readable for JavaScript. Since HttpOnly cookies are not returned by the browser via document.cookie
, CookieGuard needs this _js
flag to reliably determine in the browser that the main cookie really exists and to check whether the user has already agreed or rejected.
Q: Is it possible to restore the default values for essential cookies?
A: Simply delete all previous entries from the input field and save the settings. The default values are then loaded from the respective language file.
Support
Please ask for help on the FlatPress Forum
Changelog:
2025-05-22 (V1.3.1)
- Endpoint updated: Whitelist of allowed cookie names added
2025-05-18 (V1.3.0)
- Fixed: Incorrect cookie pattern recognition in findUnknownCookies()
- Fixed: When unknown cookies occur, the info is not displayed correctly
- Fixed: Cookie deletion is incomplete
- Fixed: CSS contains syntax errors
- Added: Server-side setting of secure/HttpOnly cookies for HTTPS.
- Added: Comprehensive deletion logic via domains and path segments.
- Added: You can specify directly in the admin-area which cookies are server-essential or non-essential.
- Added: New, unauthorized HttpOnly cookies are recognized
- Added: in addition to EN/DE/ES the languages CS, DA, EL, FR, IT, JA, NL, PT-BR, RU, SL, TR
2022-03-12 (V1.2.0)
- Added: Reference to the privacy policy in the contact form and when commenting
2022-10-23 (V1.1.1)
- The plugin now adjusts the style to the corresponding media size
- Added: Description for Essential Session Cookies and User ID
- Added: The banner now refers to the privacy policy (dataprotection)
- Fixed: cookieguardicon is not displayed although expected
- Fixed: Banner does not stick to the top edge