Unknown cookies detected

  • Resolved puregraphx

    (@puregraphx)


    5 years, 5 months ago

    First of all, thank you for making this plugin available to the community, for free!
    I have been replacing other GDPR plugins with yours and have had zero quirks up until now.
    I am creating this rather basic website, no fancy stuff. Only external cookie is the default Cloudflare __cfduid cookie, even Google Fonts are loaded locally, however, still, your plugin detects Google Fonts as 3rd party but stranger than that, it detects cookies I have never even heard of. Even when we disable all plugins and switch back to TwentyTwenty theme and clear browser data, these cookies keep showing up.

    wistia-video-progress-95z0cb0yxb
    wistia-video-progress-j042jylrre
    persist:hs-beacon-44cc73fb-7636-4206-b115-c7b33823551b
    wistia-video-progress-803tlui8oi
    wistia
    wistia-video-progress-frwm2xrksl
    wistia-video-progress-z1qxl7s2zn
    wistia-video-progress-fj42vucf99
    wistia-video-progress-9m1zg8p5wc
    wpr-show-sidebar
    wistia-video-progress-7seqacq2ol
    loglevel
    wpr-hash
    persist:hs-beacon-message-44cc73fb-7636-4206-b115-c7b33823551b
    wistia-video-progress-09kolaz9o0

    We disabled and uninstalled the plugin with the option to delete all settings, then installed again. On the first run only the regular cookies like wp_settings, wp_settings_time, … were found, but on the second scan, the cookies mentioned earlier showed up again.

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Aert

    (@aahulsebos)

    5 years, 5 months ago

    Hi @puregraphx,

    You can do two things;

    1. Clear all cookies, under “Cookie scan” in the wizard, clear caching including local storage and try again.

    2. Run the scan in incognito mode.

    Bonus #3. You can remove the cookies and services manually and publish the cookie policy, the cookie scan and sync with cookiedatabase.org will automatically run and update where necessary. Any unknown cookies which are present will be synched with cookiedatabase.org and our moderators will investigate and describe these cookies. The automatic sync will update your policy automatically.

    Thread Starter puregraphx

    (@puregraphx)

    5 years, 5 months ago

    Dag Aert,

    Clearing the cookies under the Cookie scan alone did not fix it, but the additional local storage clean via Chrome Developer > Application seems to have done the trick.

    1/ Is there a way to only show the Cookies list via the shortcode, without the additional text (introduction, what are cookies, …) We have our own text for that which is longer and more detailed.

    2/ Isn’t it better to not show the itsec-hb-login-* cookie as it informs possible hackers that the WP login URL is hidden. As I think it is an essential cookie, it might be omitted?

    3/ I thought I had tweaked the site as such that there are only functional cookies, yet the cookie banner is displayed. Shouldn’t the plugin know when a banner is not required. Unless there are of course still some non functional cookies
    – elementor
    – __cfduid
    – itsec-hb-login-*
    – wordpress_logged_in_*
    – wfwaf-authcookie-*

    Plugin Author Aert

    (@aahulsebos)

    5 years, 5 months ago

    Hi @puregraphx,

    For 1. We have [cmplz-cookies]
    For 2. You can manually remove the cookie if needed. I think it poses minimal risk, as most attacks are done by bots and don’t read the cookie policy. They probably discover iThemes before they can scan anything else.
    For 3. Please check under Cookies – Integrations, first question. If you’re sure, you can answer no.

    Hope this helps,
    regards Aert

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Unknown cookies detected’ is closed to new replies.