Skip to content
Home » How to Configure Magento 2 Cookies

How to Configure Magento 2 Cookies

  • by
How to Configure Magento 2 Cookies

In Magento 2, managing cookies is crucial for both improving user experience and complying with legal regulations, such as the GDPR in Europe. Cookies are small pieces of data stored on the user’s device that help track and personalize the browsing experience. Magento 2 allows store owners to configure cookies settings, including the cookie policy notice and customization options. Here’s a step-by-step guide on how to configure cookies in Magento 2.

Step 1: Accessing Cookie Settings in Magento 2

  1. Log in to the Magento Admin Panel: Start by logging into your Magento 2 admin dashboard.
  2. Navigate to Cookie Settings: Go to Stores > Settings > Configuration. In the panel on the left under General, select Web.

Step 2: Configuring Cookie Preferences

Within the Web section, you’ll find the Default Cookie Settings where you can configure your cookies according to your requirements.

  1. Cookie Lifetime: This is the time in seconds before a cookie expires. If you set it to 0, the cookie will expire when the browser is closed. A longer lifetime might be beneficial for analytics or personalization.
  2. Cookie Path: Restricts the paths on the site where the cookie is available. Setting it to a slash (/) makes it available across the entire site.
  3. Cookie Domain: Defines the domain where the cookie is valid. Configuring this correctly is crucial for cookies to work correctly across different subdomains of your site.
  4. Use HTTP Only: When set to Yes, cookies are accessible only through the HTTP protocol, enhancing security by preventing JavaScript access to the cookie.
  5. Cookie Restriction Mode: Enabling this option displays a cookie consent notice to your site’s visitors, which is essential for compliance with certain legal regulations like GDPR. Visitors will see a message regarding cookie use and must accept to continue browsing.

Step 3: Configuring Cookie Restriction Mode

To comply with regulations, you may need to inform users about cookie usage and obtain their consent.

  1. Enable Cookie Restriction Mode: Toggle this option to Yes to activate the cookie consent message.
  2. Customize the Cookie Consent Message: Navigate to Content > Design > Configuration, and choose your store view. Under Other Settings, find the HTML Head section where you can customize the Scripts and Style Sheets field to add a custom message or link to your cookie policy.

Step 4: Implementing a Cookie Popup in Magento 2

For a more interactive approach, such as a popup that requires user action, you might consider implementing a custom solution or using a third-party extension. These solutions can offer more features like customizable designs and analytics integration.

  1. Third-party Extensions: Magento 2 Marketplace offers extensions that can manage cookie consents more dynamically, including popups and detailed consent management.
  2. Custom Implementation: If you need a tailored solution, you might need to develop a custom module or integrate third-party JavaScript solutions for cookie management.

Step 5: Testing and Compliance

After configuring your cookies settings:

  1. Test the Configuration: Ensure that your cookie settings, especially the consent notice, work correctly across all major browsers and devices.
  2. Check for Compliance: Depending on your business location and your customers, ensure that your cookie management strategy complies with local laws and regulations, like GDPR in Europe or CCPA in California.


Configuring cookies in Magento 2 is a straightforward process that plays a vital role in both user experience and legal compliance. By adjusting the default cookie settings, enabling cookie restriction mode, and optionally implementing a more engaging consent mechanism, you can ensure that your Magento store respects user preferences and adheres to regulatory requirements. Always stay updated with the latest legal standards regarding cookie usage to maintain compliance and protect user data.