How to run WordPress on a cookieless domain

Slowly but steady GDPR is taking over the world. The protection of data and the regulation of data usage based on the visitor’s preferences are more important than ever. Not only is it necessary in a lot of countries around the world, but it’s also a trust factor for your visitors and potential customers. In this article, I will show you how to run WordPress on a cookieless domain and get rid of your GPDR cookie consent to improve the UX of your website.

Today there are a lot of tools and plugins that use cookies without proper consent. Figuring this out can be hard, and even developers struggle to make the website GPDR-compliant. You will most likely need a cookie consent plugin, you have to make sure you added the correct cookies and legal information about the expiration and data usage. You also have to make sure that you cover that in your data privacy page to properly inform your visitors about that.

There are also tools like GTMETRIX that score your website based on your cookie usage and it’s just a matter of time before Google will also take that into consideration (if it’s not already the case).

Serve static content from a cookieless domain in WordPress

There is a simple way to fix that problem when talking about static content like images, CSS, and JavaScript files. We can set up a subdomain in our hosting panel and configure WordPress to use this domain to server the static content from it.

  1. Login to your hosting panel and set up a subdomain like static.mywebsite.com
  2. The subdomain must point to the /wp-content/ folder
  3. Insert the following code in the wp-config.php of your WordPress installation

This will fix the problem mentioned in the GTMetrix report for you and your static content is now delivered from a cookieless domain.

Cookie Consent – The user experience problem

You don’t have to be a designer to know that cookie consent is a real problem in the user’s experience. Almost every website you visit these days has a cookie consent that you have to read, configure and accept.

While these tools getting better and more user-friendly there is still an interruption of the user flow as they have to interact within before they can consume your content or check out your product.

Wouldn’t it be cool to get rid of these cookie consents and still be GPDR-conform? Well, then there is a simple answer to this: use a static WordPress website.

Static WordPress on a cookieless domain

Going static with your WordPress website has a lot of benefits. Better security, better performance, and overall cost reduction for your hosting, but let’s talk about cookies.

Types of cookies on WordPress websites

  • Analytics (Google Analytics)
  • Video delivery (Youtube/Vimeo)
  • User Logins (Sessions) and WordPress Cookies

These are the three main types of cookies a WordPress website will have. Depending on the usage of embedded videos, you may even need Analytics and User Logins (to access your admin area).

Eliminating cookies to run WordPress on a cookieless domain

Analytics

There are a couple of ways to handle analytics without the need for a tracking cookie. I always highly recommend Fathom. I’m using it for all of my websites, it’s easy to integrate and the dashboard is simple, modern, and efficient.

WordPress on a cookieless domain with Fathom

Another popular choice is Matomo. Matomo is a self-hosted alternative to Google Analytics and can be used without cookies as described here.

WordPress on a cookieless domain with Matomo

Videos

Most video delivery platforms have a no cookie configuration to embed their videos these days. Youtube can be used cookieless by adding using the youtube-nocookie.com domain within the embed code like so:

Vimeo handles that with an additional parameter at the end of each URL: https://vimeo.com/263323103?dnt=1

This is everything you have to remember to embed videos on a cookieless domain.

User Logins and WordPress cookies:

These are kind of hard to eliminate as they are “technically required cookies”. While it’s totally ok to use them on your website, you still need to inform your users about that with cookie consent.

Cookieless domain with Simply CDN

Simply CDN hosts a static version of your dynamic WordPress website. It’s cookieless by default and removes the WordPress cookies from your static website so that you don’t need to use any kind of cookie consent. Our CDN is highly optimized for GPDR-friendly delivery of your static website and doesn’t rely on cookies, IP storage, or anything else that may conflict with the current state of GPDR.

Simply CDN is built from the ground up to be as GPDR-friendly as possible. No cookies, anonymized server logs, and our policy to save as little data as possible for your account will help you to be GPDR-compliant in no time.

Cookie Consent on a static website

There are still websites and use-cases for cookies on your static website. You may have an extensive integration of the Google Tag Manager, or you are using Hubspot to automate your marketing – I get it. That’s why I like to give you a short introduction to handling cookie consent on your static WordPress website.

CookieYES – GPDR Cookie Consent Plugin

While many cookie consent plugins out there are not optimized for static WordPress and still rely on AJAX to handle the consent for you, there is one plugin that is way ahead of its time. The GPDR Cookie Consent Plugin is free, has a modern look, and is really easy to set up. You don’t even have to consider anything special if you like to use it on your static website.

Activate it, configure it and run a new static export – that’s it!

There is also a pro version which is optional but can help if you have a lot of tracking services and cookies, as they automatically recognize them and handle the consent for you, so you don’t even need to touch your tracking codes at all.

If you want to go static and enjoy the benefits of running WordPress on a cookieless domain, start a trial now and get up and running in no time.