How to Configure Magento 2 Cookies?

Cookies can hardly be treated as a new concept. Most web users know that cookies generate small-sized files to store user-related information. We can all agree that cookie messages can be irritating. But it is a necessary measure to obtain customers' consent for collecting their personal data, which is as important as terms and conditions.

So, if you were wondering whether Magento 2 has some cookie settings that can be configured, then the answer is Yes. You can easily configure cookie settings in Magento right from the admin panel and adjust them to your store's requirements. 

In this article, you'll refresh your memory of the subject and learn how to configure Magento 2 cookies, and how to edit cookies policy and message.

What are Cookies?

Cookies can be referred to as small files of information that are generated by the web and saved on your computer. They store users' online session data, such as their navigation or the number of visits to a particular page. Cookies are mostly used to create a personalized experience for customers and generate suggestions based on their previous steps.

These can prove to be useful for store owners as well. They can track clients' journeys through the website and use that information to tweak their strategy. 

If you have heard of the GDPR at least once, you have a notion that cookie notifications are required in the European Union. So, due to privacy concerns, you might want to know how these notifications can be enabled in Magento 2.

How to Configure Magento 2 Cookies?

To configure cookies in Magento 2:

1. Go to Stores > Settings > Configuration > General > Web > Default Cookie Settings.

2. Specify the Cookie Lifetime, which defines how long the cookies will be stored on the customer's computer. The default value is 3600 seconds, but if you want the cookies to expire right after the customer leaves the browser, enter 0 in this field.

3. Enter the Cookie Path to specify where the notification has to be displayed. If you want it to be shown on all the pages, use a slash (/) in this field.

Default cookie settings in Magento 2

4. Add the subdomain in the Cookie Domain field. If you would like to enable the cookies for all the subdomains you are using, enter here the corresponding domain preceded by the full stop, e.g. "".

5. In the Use HTTP Only field, choose Yes. It'll restrict other programming languages from having access to the cookie files. 

6. Select Yes for the Cookie Restriction Mode to enable cookie messages on the storefront. 

How to configure default cookie settings in Magento 2?

7. Press the Save Config button. 

As time passes, you might need to refresh the cookie policy of your Magento 2 store. To do so:

1. Go to Content > Elements > Pages

2. Find the Privacy Policy page and select Edit from the Action dropdown.

Magento 2 CMS pages

3. Enable the page if you haven't done it already. 

4. Jump to the Content section and add the necessary changes. 

Edit privacy policy in Magento 2

5. Choose the Store View where this page has to be displayed in the Page in Websites section.

Pages in websites

6. Press the Save button and check the privacy policy page on the storefront. This is how the privacy policy page will be displayed in your Magento store:

Storefront Magento privacy policy page

If you want to update the cookie popup message, you can also do that via the admin panel. The set of steps you have to take is pretty much similar to that in the previous section. 

1. Go to Content > Elements > Pages.

2. Move to the Enable Cookies page and choose the Edit option from the Action dropdown.

Magento 2 CMS pages grid

3. Enable the page.

4. Tweak the cookie message, by adding the corresponding adjustments in the Content section.

Edit cookie message in Magento 2

5. In the Page in Websites section, choose Store View to display the cookie message. 

Pages in websites Magento

6. Once you're ready with the update, press the Save button.

This is how the default cookie settings in Magento can be configured. As simple as that! You just need to make sure to enter the accurate details to make everything work properly.  

However, cookies are not the only thing to configure. Once you finish configuring cookies to gather more data about customers, you should enable Magento reCAPTCHA to protect your store from any spam or brute force attacks.