Website cookies. They’re everywhere. You’d be hard-pressed to find a website that doesn’t set cookies. Although websites typically have to set a Session cookie, I got to thinking whether I could actually run my website without using cookies at all (aside from that Session cookie).
Update January 2019: My assertion above that most websites set at least a session cookie isn’t quite correct. A website doesn’t have to set any cookies at all. However, most do end up setting some sort of session cookie (at least the ones I’ve used and checked). They usually set a session cookie at minimum if there’s functionality such as a shopping cart or a login area.
I’ve tried a few different things in my life just to see what it was like and to see if I could learn something. For example, I was a vegetarian for a few months many years ago. I didn’t decide to try it thinking I’d stick with it. Really, I just thought it’d be interesting to learn about it and to see what it was like. I hoped I’d learn something from it. I did learn something from it; after those few months, the way I shopped for food was different. What I found was, I didn’t actually need anywhere near the amount of meat I was used to buying. (I love meat too, so it surprised me).
I also tried eating only organic food and only buying food whose ingredients I could actually identify. Those few months were a little harder than being a vegetarian for a bit. In part that was because my food shopping took much longer. Unsurprising really, because I had to read the labels of everything I wanted to buy.
These little experiments are really about intentionality and the choices we make every day.
I was preparing for the GDPR, as many other people were. I’ve always held privacy as important. Preparing for the GDPR made me realise that we aren’t always that intentional when it comes to what cookies, say, certain WordPress plugins set. We’re more concerned with how that plugin might help us achieve our business goals.
So, I decided to try and go as cookieless as possible. I actually did this around a week before the GDPR came in, but I’ve only just now got around to writing about it.
I can’t say I won’t ever have anything on my website ever again that sets cookies. But, my hope is that by doing this experiment I’ll at least be more intentional and will think critically about what I actually need to run/monitor/use my website effectively before I go installing something or making any changes.
The first thing I needed to do was to understand where my website sat on the cookie landscape before I made any changes.
I did a quick test with a Chrome Extension I’d found. I was quite surprised to find the number of cookies that were set. Below you can see the results of the quick test I did. I had some other Chrome tabs open at the time, so it registered a few cookies from the other sites but I’ve blocked those out.
Recently, I wrote a blog post about whether social media sharing buttons were needed, so I was aware the plugin I had been using for that was setting cookies. I also knew Google Analytics would set cookies as well.
Going cookieless was pretty straightforward. I uninstalled the plugin I had been using for my social sharing buttons (I was certain they weren’t providing me with enough benefit to warrant keeping them). That social sharing plugin was also being used to display a popup to assist with email subscription list signups. This little experiment made me think about what was necessary and I decided that I didn’t think the popups were providing anything good to the user experience (and the plugin would set a cookie for the popup to remember whether someone had chosen to close it etc.). I removed the Google Analytics tracking code which set cookies too.
Going cookieless was pretty easy. It was just a case of removing things. It’s easier than you think.
This would be the real challenge. I was confident I didn’t really need a plugin for popups and social sharing buttons. But what about website analytics?
Well, that’s partly why I’m doing this. I want to see whether I can tell how my website is doing without relying on something that will track visitors in an invasive way. I plan on making use of a few things:
The idea is that I might not need insanely detailed analytics. After all, my main aim (aside from building great websites for my clients) is to provide articles on subjects I’m interested in that will provide value for my readers.
Yes, if people enjoy my articles then I should see my website traffic increase. I’ve got things like Google Search Console for that though, which doesn’t set cookies or collect personal data through my website.
Here’s a screenshot from the same Chrome Extension showing the lack of cookies my website now sets.
So what now? Well, I just need to continue what I’m doing. My plan is to write part two of this little experiment in a month or so and share my findings with you.
If you have any thoughts about going cookieless I’d love to hear about them in the comments below.
Update January 2019: As I mentioned in an update at the beginning of this article, a website doesn’t actually have to set any cookies at all. In fact, once I’d retested my website it showed it was setting no cookies at all. Not even a session cookie. Pretty cool. The session cookie that was set was likely a cookie to record my login to WordPress (any websites with a login area will set a cookie at least when you’re logged in as web browsers won’t remember who you are otherwise, and you’d instantly be logged out when you go to another page).
You’re starting a business, or you’re starting a personal website, and you need a website. You’re hiring someone to help […]Development | For the Clients | Wordpress
I’ve read a few social media posts recently, and I’ve spoken to a few potential clients, about web developers (or […]Development | For the Clients | Wordpress