Cookie Autoblocking

This article will let you know how our cookie autoblocking feature works and how to set it up

Katarina Hansen avatar
Written by Katarina Hansen
Updated over a week ago

What does cookie autoblocking do?

The cookie autoblocking feature will block cookies by default that are set directly on the root domain and are considered the first party. "First-party" includes cookies that are set by you on your own websites, as well as services such as Facebook and Google Analytics.

The root domain is the main domain that a visitor would type into their address bar in order to visit your site - e.g.

How do I enable cookie autoblocking?

If you have created a consent solution recently, then this feature will be enabled by default. However, if you created your consent solution quite some time ago then you can now enable this feature yourself by doing the following:

  • Go to the consent solution you'd like to enable the autoblocking cookie feature on.

  • Click on the "Settings" tab

  • Click the toggle next to "First-Party cookie blocking"

How do I know the cookie autoblocking is working?

You can see if it has worked by visiting your website, right-clicking and choosing Inspect, and then going to the Application tab. Clear all cookies, and then reload the page.

You will then see the consent pop-up re-appear. Go to the Cookies menu and you'll be able to see that all First-Party cookies have now been blocked.

Before consenting to cookies (only the Necessary category is loaded):

After consenting to cookies (all categories):

Is there anything else I need to do other than turn it on?

For best results (and to make sure that there aren't any conflicts) we recommend removing our manual SDK on any services that set first-party cookies - the Cookie Control SDK that is implemented via Google Tag Manager.

Is there anything I need to be aware of when using it?

Please do not re-classify the CookieInformation cookie that is provided by us (a necessary cookie). In order for the feature to work correctly, it must remain a necessary cookie.

As the cookie autoblocking feature blocks the cookie rather than the script, in some cases certain services may still continue to work (so long as they are not dependent on the cookie set for their functionality).

How do I know which services set a first-party cookie?

You'll be able to tell which services are setting a first-party cookie because they'll have you as the "data processor". If you're unsure, take a look at:

  • The pop-up to see which cookies are provided by you

  • The application menu to see which cookies are directly set on the root domain

Are there any downsides to using the cookie autoblocking feature?

There are two relatively minor downsides to using our cookie autoblocking feature - one of which can be mitigated:

  • If you leave the manual Cookie Control SDK in place entirely and don't remove the SDK on services that set a first-party cookie, then our own cookie knowledge base classifications or your own classification in Google Tag Manager (whichever cookie_cat_xxx category you've chosen) may overwrite the autoblocking classification.

  • The library used for this autoblocking feature may have a very small impact on page loading times (around 15ms). As the library is always loaded (regardless of whether you have turned it on or not), it may affect you - even if you have not chosen to enable this feature.

How does this affect the cookies I have manually added to the pop-up myself?

If you have added a cookie yourself (e.g. if it's only set behind a login, or it didn't appear on the pop-up after our scanner crawled your domain), then it will also be handled by our autoblocking cookie feature provided that the cookie has been added as first-party.

Which cookies will cookie autoblocking not block by default?

Due to some technical limitations, there are some cookies that cannot be caught and are held back by the cookie autoblocking feature. This includes:

  • Any cookies that are set server-side (both First and Third Party)

  • Third-Party cookies created by iFrames (e.g. Google or Facebook)*

*If the cookie is created by Google or Facebook, but is set as First Party on your domain, then Cookie autoblocking should correctly handle them.

Have you still got questions? Take a look at our Cookie Autoblocking FAQ. If you have any doubts about whether it's working, please see our Cookie Autoblocking Check article.

Didn't find the answer you needed? Write to us at

Related articles:

Did this answer your question?