Third-party-request vs. GDPR

Besides there still is a first-party-cookie although I have turned off all cooies through the cookie messagebox.

Hi Ismael,

Seems like I took a step forward: They are caused by the webapplication firewall which is included in Plesk (Atomic Secured Linux by Atomicorp – https://atomicorp.com/atomic-secured-linux-now-available-plesk-users/). When I turn this firewall off both Third-Party-Requests as well as one cookie are deactivated.

My hoster told me that it seems that this happens on Plesk with all WordPress installations (but e.g. not with Joomla installations).

I have contacted Atomicorp in order to find out what these Third-Party-Requests as well as the cookie are doing. But I was just told that I will have either pay 225$ for a one-year-support-license or have to pay 150$ per hour as such questions are not covered under my license (which is the Plesk license as the software if delivered with Plesk).

If there is anybody out there with such a license who would be willing to ask this question for me I would really be happy. Turning off a firewall probably is not a good idea. But accepting Third-Party-Requests and Cookies of which you do not know what they are doing might not be a good idea in Europe in times of GDPR either.

But to make a long story short: This is not an Enfold issue. I’d appreciate if you could leave the ticket open for comments anyhow in case there is somebody who could help me with this Atomicorp ticket. But no action necessary from your side.

Thank you!!!!

Best regards…

Hi Ismael,

As these are not “essential cookies” (the site would definitely run without them) I have to give the user the option to turn them off. And this is not done by the cookie banner. Even if you accept “just essential cookies” on the banner this cookie as well as the third-party-requests remain active. And therefore I definitely have to find another solutiuon…

Best regards,

Hi Ismael,

Thanks again for your detailed description! This helped a lot in understanding.

Are these additional custom cookies automatically non-essential cookies? Or can I somehow influence this?
Or can I influence otherwise if they are activated or deactivated on first page load???

My idea is: Using the cookie logic, but hiding the cookie message bar by adding this in the function.php as mentioned in the documentation:
add_theme_support( “avia_gdpr_permanent_hide_message_bar” );

But neither the test with https://webbkoll.dataskydd.net nor the developer tool in my browser does show a different cookie behaviour when following these instructions. And I also have the problem that when I check with https://www.cookiebot.com these cookies are still not classified.

Hope you can help with these settings?

Thank you!

Hi Ismael,

Thanks for your message! But I still didn’t got this:

If they are not classified as non-essential cookies – then they are classified as essential cookies? Can I influence this?

The cookie banner options offer to turn off both “essential cookies” as well as “non-essential cookies”. But none option has influence on these ones. Does that mean they are some sort of “third classification” in between of essential and non-essential? Could be difficult to understand by users if I am right with this. What do you think?

And how can I make sure that they are not set on first page load if they are not essential and not non-essential? Should be a GDPR conform solution as we are located in Germany…

Thank you!

Thanks for explaining! Please close the ticket.