Description
Nivaj Cookie Consent provides a complete cookie consent management solution for WordPress. It helps you comply with GDPR, CCPA, and other privacy regulations by giving visitors full control over cookie categories.
Features
- Category-based consent: Necessary, Analytics, Marketing, and Functional categories (customizable)
- Auto script blocking: Blocks scripts and iframes until the user consents to the appropriate category
- Google Tag Manager: Built-in GTM container injection with consent integration
- Google Consent Mode v2: Sends consent signals (ad_storage, analytics_storage, etc.) via dataLayer
- DataLayer events: Custom events fired on consent changes for tag management
- Consent logging: GDPR-compliant records with SHA-256 hashed IP and user agent
- CSV export: Export consent log records for compliance audits
- Cookie scanner: Detects cookies on your site and auto-categorizes 50+ known cookies
- Analytics dashboard: Consent statistics with daily charts and category acceptance rates
- Customizable banner: Position, colors, typography, button styles, and layout options
- Shortcode:
[nivaj_cookie_preferences]to place a cookie preferences button anywhere - Privacy policy snippet: Auto-generates a cookie table for your privacy policy page
- Lightweight: Vanilla JavaScript with no jQuery dependency on the frontend
- Accessible: ARIA attributes, keyboard navigation, and focus management
- Multisite support: Independent settings and consent log per site
How It Works
- Install and activate the plugin.
- Go to Cookie Consent > Settings to configure banner text, categories, and integrations.
- Customize the banner appearance under Cookie Consent > Appearance.
- Define script blocking patterns under Cookie Consent > Scripts.
- Run the Cookie Scanner to detect cookies on your site.
- Monitor consent activity on the Cookie Consent > Dashboard.
Shortcode
Use [nivaj_cookie_preferences] to add a “Cookie Preferences” button anywhere on your site.
Attributes:
text– Button label (default: “Cookie Preferences”)class– Additional CSS class
Example: [nivaj_cookie_preferences text="Manage Cookies" class="my-btn"]
Privacy
This plugin stores consent preferences in a browser cookie on the visitor’s device. When consent logging is active, IP addresses and user agents are stored as one-way SHA-256 hashes combined with the WordPress salt, making them non-reversible. No personal data is shared with external services by this plugin itself. See the “External services” section below for details on optional Google integrations.
External services
This plugin optionally connects to external services when the site administrator explicitly enables them. No external connections are made by default.
Google Tag Manager
When the administrator enables Google Tag Manager under Cookie Consent > Settings and provides a GTM container ID, this plugin loads the Google Tag Manager script from Google’s servers.
What it does: Loads a tag management container that can manage analytics, marketing, and other scripts on the site.
When it connects: On every frontend page load, only when GTM is enabled and a valid container ID (GTM-XXXXXXX) is configured.
Data sent: The GTM container ID is sent to Google’s servers to retrieve the container script. No personal visitor data is sent by this plugin directly; however, the loaded GTM container may collect data based on its own configuration.
Google Consent Mode v2
When the administrator enables Google Consent Mode under Cookie Consent > Settings, this plugin sends consent signals to Google services via the browser’s dataLayer.
What it does: Communicates the visitor’s consent status (granted or denied) for ad storage, analytics storage, and personalization to Google services already running on the site.
When it connects: Consent default signals are set on page load. Consent update signals are sent when a visitor interacts with the cookie banner. This does not load any additional external scripts.
Data sent: Consent status values (granted/denied) for: ad_storage, ad_user_data, ad_personalization, analytics_storage, functionality_storage, personalization_storage, security_storage.
Cookie Scanner (local only)
The Cookie Scanner feature makes an HTTP request to your own site’s homepage to detect cookies and scripts. It does not connect to any external service.
Screenshots
Installation
- Upload the
nivaj-cookie-consentfolder to the/wp-content/plugins/directory. - Activate the plugin through the Plugins menu in WordPress.
- Navigate to Cookie Consent > Settings to configure the plugin.
FAQ
-
Does this plugin block scripts automatically?
-
Yes. Define URL patterns under Cookie Consent > Scripts, and the plugin will block matching
<script>and<iframe>tags until the visitor consents to the relevant category. -
Yes. You can customize the position (top bar, bottom bar, or center modal), layout, colors, font size, border radius, button styles, and add custom CSS.
-
Does it work with Google Tag Manager?
-
Yes. Enable GTM under Cookie Consent > Settings > Advanced and enter your container ID. The plugin also supports Google Consent Mode v2 for sending consent signals to Google services.
-
Is it GDPR compliant?
-
The plugin helps you achieve GDPR compliance by blocking non-essential cookies until consent is given, providing granular category-based choices, and logging consent for accountability. Full compliance depends on your overall site configuration and legal requirements.
-
Does it support multisite?
-
Yes. Each site in a multisite network has its own settings and consent log. The uninstall process cleans up data across all sites.
-
Where is consent data stored?
-
Consent preferences are stored in a browser cookie. Consent log records are stored in a custom database table with hashed (non-reversible) IP addresses and user agents.
-
Yes. Use the
[nivaj_cookie_preferences]shortcode or callwindow.nivajCC.reopenBanner()from JavaScript.
Reviews
There are no reviews for this plugin.
Contributors & Developers
“Nivaj Cookie Consent” is open source software. The following people have contributed to this plugin.
Contributors
Translate “Nivaj Cookie Consent” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
1.0.2
- Remove custom CSS feature (arbitrary CSS insertion not permitted per wp.org guidelines).
- Sanitize and validate cookie JSON data with structure checking in get_consent_from_cookie().
- Sanitize $_SERVER[‘HTTP_USER_AGENT’] with sanitize_text_field() before hashing.
- Sanitize individual consent cookie fields (version, timestamp, categories) instead of returning raw decoded JSON.
1.0.1
- Use wp_add_inline_script() for GCM and GTM scripts instead of inline script tags.
- Add explicit output buffer closing for script blocker.
- Add External services section to readme for Google GTM and GCM documentation.
- Remove inline JavaScript event handlers for WordPress coding standards compliance.
- Fix shortcode parameter type handling to prevent fatal errors.
- Remove Domain Path header (unnecessary since WordPress 4.6).
1.0.0
- Initial release.
- Category-based cookie consent with customizable banner.
- Auto script and iframe blocking.
- Google Tag Manager integration.
- Google Consent Mode v2 support.
- DataLayer custom events for consent tracking.
- Consent logging with hashed PII and CSV export.
- Cookie scanner with 50+ known cookie database.
- Analytics dashboard with daily charts and category rates.
- Advanced appearance customization.
[nivaj_cookie_preferences]shortcode.- Consent version warning in admin.
- REST API endpoints for consent management.
- Multisite support.