The WordPress comment form and Cookies. Privacy. Data Protection.
These are topics that are at the forefront of people’s minds at the moment (and have been for some time over the last year). It’s for good reason too. We as internet users really should be mindful of what personal data we put out there and what data websites collect (whether to just provide us with a service or to analyse traffic data). Although the number of emails and notices have increased on this topic, the underlying reason is good.
So what’s this post about I hear you ask?
I’ve been on a mission to remove anything from my website recently that sets cookies (except, of course, for the session cookies that get set by the server to provide you with the website content or cookies that are set for security purposes). I’m going to write a separate post about Mission: Cookie a little later to share what I did and what I’ve learnt from it.
More specifically, this post is about the (previous) WordPress comment form and that it used to set cookies (until the 4.9.6 update that focused on cookies and privacy).
One particular area of my website that I wanted to resolve was the WordPress comment form. Before the WordPress 4.9.6 update, the comment form would set a cookie when a visitor commented. That cookie was there to just remember who the person was, so if and when they came back to my site the process of commenting would be a little easier for that visitor.
I couldn’t find an easy way of stopping that WordPress comment form cookie from being set automatically. I didn’t want to install another plugin to accomplish that task.
It might not be a huge issue. That WordPress comment form cookie, after all, was there to make something easier for visitors). But, I was on Mission: Cookie, and wanted to remove anything that set cookies. More on Mission: Cookie overall later.
I like the idea of internet users having great controls over how their data and browsing habits are used.
WordPress comment form cookies are now something that requires explicit consent from a commenting visitor. When I say it’s “resolved”, it wasn’t really a problem to begin with (just something I wanted to stop without the use of another plugin).
Recently, WordPress updated to version 4.9.6. They called it a Privacy and Maintenance release. You can read their post about that update here.
There are other things that this update will have… updated. The change to the comment form was what interested me. There’s now a checkbox on the WordPress comment form. The checkbox isn’t automatically checked.
You now have to make an active choice to check the box to enable that cookie. This is the sort of change I wholeheartedly recommend. Explicit consent to set cookies or store data (other than essential cookies) isn’t just a regulatory requirement to me. To me, it just makes sense that people know what’s happening with their data.
If you haven’t updated your WordPress install, I definitely recommend doing so now. I think this particular update (and of course the additions to security etc. with any update) shows us the reason we should always make sure our WordPress is up to date on a regular basis.
I’ll write more about the why’s and what’s of my mission to remove cookies from my site in another blog post. Essentially, I wanted to be more mindful of exactly what I was using. Should I feel the need to introduce something that sets a cookie at a later date, I’ll do so consciously with privacy and transparency in mind from stage 1.
Let me know any thoughts of your own RE privacy, data protection and cookies in the comments.
A while ago I wrote an article about whether I could run my website using no cookies. This is part […]Development | Wordpress
How to backup WordPress using UpdraftPlus. That’s the aim of this little article. It’s in the name. UpdraftPlus is one […]Development | For the Clients | For the Freelancers | Wordpress
Website cookies. They’re everywhere. You’d be hard-pressed to find a website that doesn’t set cookies. Although websites typically have to […]Development | Wordpress