Full Guideline On Cookie Reference In Magento 2

In this article, we will provide a grid of Magento Standard Cookie as a reference. You can understand all the type of cookies data that the web store based on Magento 2 platform is going to collect. If you want to learn more about the lifetime of session cookies, please read the article about Customer Session Lifetime.

Magento Standard Cookies

CART The affiliation with the customer’s shopping cart.
CATEGORY_INFO Saves the category info on the page to load pages faster.
COMPARE The items in the Compare Products list of customers.
CUSTOMER The visitor’s customer ID encrypted.
CUSTOMER_AUTH Shows if the customer are currently logged in to the store.
CUSTOMER_INFO The visitor’s customer group encrypted.
EXTERNAL_NO_CACHE Shows if caching is disabled or enabled.
FRONTEND The customer’s session ID.
GUEST-VIEW Decides if guests can edit their orders.
LAST_CATEGORY The last category visited by the visitor.
LAST_PRODUCT The most recent product viewed by the visitor.
NEWMESSAGE Shows whether a new message has been received.
NO_CACHE Shows if the cache can be used to store information.
PERSISTENT_SHOPPING_CART A link to information about the visitor’s cart and viewing history.
RECENTLYCOMPARED Items recently compared by the visitor.
STF Information on products the visitor has emailed to friends.
STORE The store view or language chosen by the visitor.
USER_ALLOWED_SAVE_COOKIE Shows if the visitor allows cookies to be saved.
VIEWED_PRODUCT_IDS The products recently viewed by the visitor.
WISHLIST An encrypted list of products added to the visitor’s wishlist.
WISHLIST_CNT The number of items in the visitor’s wishlist.

Google Analytics Cookies

_utma Distinguishes visitors and sessions.
_utmb Decides new sessions/visits.
_utmc Decides if the visitor is in a new session/visit.
_utmz Saves the traffic source or campaign that explains how the visitor reached your site.


Full Guidelines On Cookie Restriction Mode In Magento 2

What is Cookie Restriction Mode in Magento 2?

Cookie Restriction Mode in Magento 2 platform web store is a mode that prevents your web store from collecting cookies data of customers, so full-featured operations cannot be enabled. In this mode, your visitors have to confirm that your website needs cookies to allow full-featured operations.

How to enable Cookie Restriction Mode in Magento 2?

In Cookie Restriction Mode, your web store will display a notification to alert customers that cookies are required for full-featured operations. The position of the notification depends on your theme. For more information, the notification links to the privacy policy and encourages customers to click the Allow button to grant access. After cookies are enabled, the notification disappears.

If you edit privacy policy URL, you have to create a custom URL rewrite to redirect traffic to the new URL key.

Cookie Restriction Notice In Footer
Cookie Restriction Notice In Footer

Follow these steps to enable Cookie Restriction Mode

In the backend, click Stores. Under Settings, click Configuration.

Under General on the left, click Web. Open the Default Cookie Settings tab, follow these steps:

Default Cookie Settings cookie restriction mode magento 2
Default Cookie Settings

In the Cookie Lifetime field, enter the seconds you want.

In the Cookie Path, input the path to make cookies available to folders.

In the Cookie Domain, enter the subdomain name to make the cookies available to a subdomain.

Use HTTP Only is set to “Yes” to prevent JavaScript from access to cookies.

Set Cookie Restriction Mode to “Yes”

Click Save Config after completed.

Don’t forget to clear the cache in Cache Management link and update private policy to describe the information that your online store collects from customers, and how it is used.

Above is a full guideline on Cookie Restriction Mode in Magento 2 and how to enable it in admin system. We hope that you can understand how the Cookie Restriction Mode works and how to control it in Magento 2 Basic Configuration. Leave a comment if you have any question, and subscribe Magestandard to get a notification on the next article.

Try These 2 Methods To Use Cookies Features In Magento 2 Web Store

What are cookies?

Cookies are saved files on the computer of the visitor to your site; it’s a temporary saving place for data. To personalize customer’s experience, information that is saved in cookies is used to link customers to their shopping carts, count traffic patterns, and enhance the effectiveness of the promotions. To follow requirements of legislation in many countries regarding the use of cookies and to obtain customer consent, Magento suggests store owners a selection of these two methods :

Method 1: Implied Consent

In this method, customers have a clear understanding that cookies are an essential part of online store operations, and by visiting your web store, have indirectly granted permission to use them. The reason for taking implied consent is to provide enough information for a customer to make an informed decision. The web store will make a pop-up message at the top of first-page customers visit, explains how cookies are used, include a link to the privacy policy of web store. In the privacy policy page, store owners should tell what kind of information that your online store collects, and how is it used.

Method 2: Expressed Consent

In cookie restriction mode, the operating of your online store requires customers to confirm their approval of any cookies can be saved to their devices. Without access granted, many store features will not allow. For example, if Google Analytics is available in your store, it can be activated only after the customer has granted permission to use cookies.

Above is an article about cookies in Magento 2 and two solutions to obtain customer consent. We hope that you can consider the best method for your web store, provide the best experience for customers and completely protect customers information. If you have any question, feel free to leave a comment. Share the article if you think it is useful, and subscribe Magestandard to read more guidelines. In these next posts, we will describe Cookie Restriction Mode and Cookie Reference.

How to Edit Your Privacy Policy in Magento 2

What is Privacy Policy?

A Privacy Policy in Magento 2 is a document that describes the policy of merchant for handling customer information. In Magento 2 default, your store displays a sample form of privacy policy and it can be updated with your information. In your privacy policy, you should describe the type of information that you must collect from customers, and how it is used. The cookies files of the computers that visit your store, and additional cookies that are associated with third-party extensions should be included in the list too.

In this article, we will describe how to edit your privacy policy in Magento 2. To modify your Privacy Policy, follow these steps:

Firstly, in Admin sidebar, click Content. Under Element tab, click Page.

In the table grid, find Privacy Policy section. In Action column, choose Edit in Select.

Open the Content tab, edit the content following your requirements.

magento 2 privacy policy content

If you need to change URL key of privacy policy page, you have to create a custom URL rewrite to redirect traffic to the new URL key. Without this step, the footer privacy policy link will get error 404, and customers can not reach your privacy policy page.

Click Save page after completed the edit.

Above is a description of the privacy policy in Magento 2, and tutorial on how to edit privacy policy of your Magento 2 web store. We hope that you can create your privacy policy and respect the privacy of customers data to make the e-commerce world safer and better. If you have any question, feel free to leave a comment. If you think this article is useful, don’t forget to share it. And remember to subscribe Magestandard to read more Magento guidelines. In the next post, we will describe the Cookie Law Compliance for Magento 2 web store.


Some Important Compliance You Must Remember In Magento 2 Basic Configuration

  1. Industry Compliance

In Magento Open Source, you have to follow a range of privacy security capabilities that satisfy legal requirements and industry guidelines for online merchants. Depending on your location, some are commanded by the Payment Card Industry (PCI), and other are restricted by law.

  • Legal Requirements
  • Industry Guidelines
  • Best Practices

In this article, we will provide you some information about PCI Compliance, and the importance of setting up techniques to secure payment data.

  1. PCI Compliance Guidelines

A checklist of prerequisites that allows payment by credit card online has been built up by The Payment Card Industry (PCI). Any merchants who can access customer credit card data must meet the following guidelines to maintaining a secure server environment:

PCI Requirements

  • Install and keep up a Firewall configuration to protect cardholder information.
  • For system passwords and other security parameters, don’t use vendor-supplied defaults.
  • Secure saved cardholder information.
  • Transmission of cardholder information across open, public networks must be encrypted.
  • Antivirus software must be install and regularly update .
  • Develop and keep up secure systems and applications.
  • Right to access to cardholder information must be restrict by business need to know.
  • Assign a unique ID to each person with computer access.
  • Physical access to cardholder data must be restricted.
  • All access to network resources and cardholder information must be tracked and monitored.
  • Security systems and processes must be tested regularly.
  • Maintain a policy that addresses information security.

When your business becomes larger, you may need to save an annual compliance report file. PCI reporting prerequisites increment in extent to merchant level. The annual compliance report is required for businesses that process more than 20000 credit card transactions per year.