This plugin hasn’t been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

This plugin has been closed and is no longer available for download.



Cookillian makes it easier to comply with the EC Cookie Directive (EU Cookie Law), which affects the United Kingdom on May 25th 2012 and other European countries.

Cookillian will automatically detect if a visitor is located in one of the countries defined by you – likely the countries affected by the EC Cookie Direcitve – and will optionally disable any cookies that are set from within WordPress or a 3rd party plugin. The user will then be presented with an fully customizable alert about cookies, and given the option to opt in or out of using cookies.

It will also collect basic information about any cookies set from within WordPress or 3rd party plugins, allowing you to add a description and whether the cookie is required for the website to operate. If the cookie is required, Cookillian will allow it to be set regardless if the visitor has opted in or out. Using a shortcode, a full description of the cookies used by the website can be presented to the visitor to assist with compliance and/or privacy notices.

If the visitor allows for cookies (either through opt in or a visitor outside the countries specified), then additional Javascript can be included at the website’s header and/or footer, allowing the inclusion of, for example, Google Analytics. This allows for better control over 3rd party cookies.

With the included statistics, you can see how many visitors have decided to opt in, out or ignore the cookie alert per country, for each month of the year.


  • Selective alerts based on the visitor’s originating country
  • Support for both “Explicit” and “Implied” consent
  • Attempts to remove cookies either before or after a visitor has opted out (selectable)
  • Optional JavaScript loading if cookies are permitted
  • Automatic alerts, or manually displayed using a WordPress filter, API or shortcode
  • Fully customizable alert text and styling
  • Support for Cookie-based PHP Sessions
  • Define cookies that are required for the operation of the website
  • Automatic collection of cookies used by the website
  • Automatic rendering of details about cookies using shortcodes
  • Support for geoPlugin geolocation service
  • Support for CloudFlare geolocation HTTP headers
  • Support for MaxMind geolocation database or Apache module/NginX GeoIP module
  • Backup geoloaction service, should the default geolocation service fail
  • JavaScript and PHP API
  • Statistics to track the impact of the EC Directive
  • Debug mode for web development and testing
  • Supports caching plugins, such as WP Super Cache
  • Support for the DNT/Do Not Track browser headers (
  • Dashboard widget for quick overview of the statistics, and if new cookies have been detected

Visit the official website for more details.


  • The default alert dispalyed to visitors
  • Statistics to track compliance impact


  1. Upload the contents of the ZIP file to the /wp-content/plugins/ directory
  2. Activate the plugin through the Plugins menu in WordPress
  3. Access the plugin via Settings -> Cookies menu

Additional help is provided via the Help tabs within the plugin


  • PHP version 5.3 or better
  • WordPress version 3.3 or better

A browser with Javascript enabled is highly recommended. This plugin will NOT work
with PHP versions older than 5.3.


Help, it’s broken! What do I do now?

If something does not appear to be working as it should, search the support forum or write a new topic that describes the problem(s) you are experiencing. I will do my best to provide a solution as soon as possible.

I have a PHP version older than 5.3, can I make it work?

This plugin makes use of many features introduced in PHP version 5.3, and an attempt to make it work with older versions of PHP is equivalent to a complete rewrtie of the plugin.

Many hosting providers are already providing PHP 5.3+ to their customers, and others allow for an easy upgrade. Also consider that PHP 5.3 was first released in 2009 and fixes many bugs and security issues, and support for PHP 5.2 was stopped in 2010.

How can I upgrade to PHP version 5.3?

This depends. If you have your very own server, then this is Operating System specific and you will need to consult its documentation on how to upgrade. Most commonly in Linux environments this consists of running apt-get, yum or pacman from the CLI.

If you are using a web hosting provider, then you need to contact the provider regarding this. Some can move your website to a different server with a newer version of PHP 5.3, while others make it as simple as adding/changing a line in the .htaccess file or a setting in the control panel. For example:

  • 1&1 Webhosting: Add AddHandler x-mapp-php6 .php to the .htaccess file
  • OVH: Add SetEnv PHP_VER 5_3 or SetEnv PHP_VER 5_TEST to the .htaccess file
  • GoDaddy Linux Shared Hosting: Add AddHandler x-httpd-php5-3 .php to the .htaccess file
  • GoDaddy 4GH Hosting: Visit GoDaddy’s Hosting Control Center -> Content -> Programming Languages
  • HostGator: Add Action application/x-hg-php53 /cgi-sys/php53 and AddHandler application/x-hg-php53 .php to the .htaccess file
  • Bluehost: Add AddHandler application/x-httpd-php53 .php to the .htaccess file (Note: may require a support request/ticket to enable PHP 5.3)
Will this plugin make my website entirely compliant?

The plugin is to assist with compliance, but it may not be a full-stop solution.

For example, this plugin will stop WordPress and any other WordPress plugins you’ve installed from setting a cookie. But, if there’s Javascript used on your website, they may still set cookies that are beyond the control of Cookillian. Google Analytics is probably the most common one, but other things like Share on Facebook or Share on Twitter buttons could set their own cookies.

That’s why there’s the option within the plugin to include JavaScript in the header/footer if the visitor has agreed to receiving cookies – you’d need to remove that JavaScript from your website, and add it to the plugin option instead.

Cookillian will also list which cookies it has detected (including ones set by JavaScript). There are also extensions for browsers that will help you see which cookies have managed to get past Cookillian. Google Chrome users can use the Developer Tools from the Menu bar as well.

If you have any cookie that are required for your website to operate, ie., a cookie that stores products placed in a shopping cart, you can set these in the plugin’s Cookies page as well.

The alert has disappeared after I clicked “No”, how do I get it back?

You can reset your preference by adding ?cookillian_resp=2 to any URL of your website, such as Naturally, you can add this as a link on, for example, the Privacy Policy page to make it easier for visitors.

How do I know if it is working?

On the Settings page, under the heading Advanced Options near the bottom, you have the option to enable Debug Mode. For logged-in users, this will cause the alert to be displayed at all times, which allows you to see where it will be located.

Enabling the Debug Mode also provides you with extra information when using the JavaScript console. The console can be viewed with Firebug, or the browser’s Developer Tools.

The alert is not displaying at all, help!

The alert is not shown if:

  • The visitor is logged in as a WordPress user (with any role), or
  • The visitor is not in one of the defined countries, or
  • The visitor already explicitly opted in/out, or
  • The browser support the “Do Not Track” (see option, and enabled it.

If the alert is still not being displayed, enable the Debug Mode as described above.

How do I change where the alert is displayed?

First you need to set Show Alert to Manually on the Settings page. In its simplest form, you can use a WordPress shortcode [cookillian alert] in a post or page, which will be replaced by the alert if neccesary.

For slightly more complex use, you insert <?php cookillian_insert_alert_block(); ?> in the desired location of your theme.

How do I change the appearance of the alert?

You can use your own CSS styling through by choosing Custom for the Alert Styling on the Settings page. The alert is wrapped in a .cookillian-alert class (also when added manually), providing the background and border colors. The alert heading is in an .alert-heading class and the Yes and No buttons in .btn-ok and .btn-no respectively. If your CSS styling does not appear, you may need to add !important to your styling.

When I click on “Privacy Policy”, nothing happens

On the Settings page, you will need to modify the Alert Text by replacing the hash sign (#) within the <a href="#"> HTML tags to the actual URL of your Privacy Policy (and the “More Information” link).

I’m using a caching plugin and after a while the alert stops showing. Why?

Cookillian uses a security token for its AJAX requests, which are valid for up to 24 hours. If a page is cached beyond this time, the security token (stored on the cached page) will be invalid and Cookillian can no longer perform AJAX requests. For this reason, it is recommended to cache pages for less than 24 hours.

WP Super Cache includes a Garbage Collector, checking cached pages at set intervals for cached pages that have expired. It has a minor issue, where the Garbage Collector will be reset when saving other settings, so you may have to double-check the Garbage Collector is still called at the correct intervals.

How can I translate Cookillian to my own language?

A generated .PO (.POT) file called default.po is included in the plugin’s resources directory, generally wp-content/plugins/cookillian/resources/l10n. It can be translated using tools such as POEdit or manually in a text editor. Simply save the translated .PO and generated .MO file using the locale code (ie., within the same directory, and Cookillian will automatically use it if the WordPress language is set to that locale.

If you wish to share the translations with other users of Cookillian, feel free to e-mail the translation to and I’ll be happy to include it with the next release, along with a credit by-line for your hard work.

Contributors & Developers

“Cookillian” is open source software. The following people have contributed to this plugin.


Translate “Cookillian” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.


1.2 (November 4 2013)

  • Fixed: WordPress ‘wordpress_test_cookie’ as well as ‘wordpress_*’ set to a required cookie in all circumstances, to avoid accidental lock-outs
  • Fixed: TLD not always correctly determined, causing a the cookie opt-in/out cookie not to be set
  • Changed: Removed AJAX NONCE check at the public side

1.1.18 (June 25 2012)

  • Added: Option to periodically scrub cookies, to help capture JavaScript cookies
  • Fixed: Optional JavaScript was not called when cookies were still permitted (“delete after” option)
  • Changed: Additional web-crawler checks
  • Changed: Added AJAX handlers to default alert opt-in and out buttons, where supported
  • Changed: Implemented Noah Sloan’s writeCapture to accept a wider range of legacy Javascript (Google AdSense)

1.1.13 (June 10 2012)

  • Added: Option to limit the amount of new cookies Cookillian will detect (30 by default)
  • Fixed: Issue where wp_print_script action was called more than once, causing Ajax code to override objects (Pf4wp)
  • Fixed: Minor bug in statistics, where the most recent entry could not be collapsed
  • Fixed: Issue where Firefox/Mozilla prefetch “feature” interfered with implied consent detection
  • Fixed: On PHP installations where mb_ functions are not available, fall back to a different method
  • Changed: Detected cookies now include the User Agent details, which is displayed on the Cookies page when Debug Mode is enabled

1.1.7 (June 2 2012)

  • Added: The option for asynchronous AJAX initialization
  • Added: Two new JS API events (cookillian_load and cookillian_ready) and JS API function (insertString())
  • Added: Collapsible months on the Statistics page
  • Fixed: No longer permit statistics to be added beyond the count of shown alerts
  • Fixed: Regression bug that prevented the “More…” from displaying on Dashboard widget
  • Fixed: Implied consent not always honored due to incorrect “true_referrer” variable sent back

1.1 (May 31 2012)

  • Added: Support for “Implied Consent”
  • Added: Support for caching plugins, such as WP Super Cache and W3 Total Cache
  • Added: Option to provide custom styling for the alert from the menu
  • Added: Option to delete cookies before or after the visitor has opted out
  • Added: Option to adjust geolocation cache time, as well as clear it
  • Added: Backup geolocation service, provided by, should the default geoloaction service fail.
  • Added: Export option (CSV) for statistics
  • Added: Dashboard widget, giving quick overview of newly added cookies and top statistics
  • Fixed: Fixed a bug that overwrote existing cookies from the Cookies listing
  • Fixed: Empty country name on “Unknown” country in statistics
  • Fixed: If a generic “EU” or “AP” is retured by the geolocation service, determine if selected countries falls within that region
  • Changed: On JavaScript-enabled browsers, the Delete box has been replaced by a Remove button in the Cookies listing
  • Changed: Made the noscript tag optional, to accomodate caching plugins
  • Changed: Shortcode for listing cookies now accepts multiple groups, as well as exclusion (22 May 2012)

  • Fixed: Fixed bug that caused the plugin from operating on certain systems (apache_note())

1.0.17 (22 May 2012)

  • Added: Support for MaxMind geolocation database or Apache module/NginX GeoIP module
  • Added: Option to display an alert if the visitor’s country could not be determined
  • Added: Option for DNT/Do Not Track browser headers (
  • Fixed: Type-check prevented undetermined countries to remain in cache for 24 hours
  • Fixed: IP geolocation data for geoPlugin was incorrectly unserialized
  • Changed: Alert is now only displayed to logged in users in “Debug Mode”
  • Changed: All EC member states are selected by default on new installations

1.0.10 (16 May 2012)

  • Changed: Updated Pf4wp vendor library, adding debug information in footer
  • Fixed: Issues with Twig vendor library, resulting in Twig_Error_Runtime errors.

1.0.8 (15 May 2012)

  • Added: Debug mode, to allow for easier fault finding and assist with designing a website.
  • Added: URI to remove opt-in or opt-out status (?cookillian_resp=2)
  • Changed: Wrapping of optional JavaScript in <script> tags is now optional (enabled by default)
  • Fixed: Cookies were not automatically detected for visitors outside of the selected countries

1.0.4 (11 May 2012)

  • Changed: Corrected mistake in Readme title

1.0.3 (9 May 2012)

  • Added: PHP/WordPress filters for opt-in, opt-out and blocked/unblocked cookies status
  • Changed: Updated the vendor libraries

1.0.1 (5 May 2012)

  • First Release