Iubenda logo
Start generating


Table of Contents

Privacy Controls and Cookie Solution – Magento Extension Installation Guide

This extension drastically reduces the need for direct interventions in the code of the site by integrating with our Privacy Controls and Cookie Solution.

It provides a fully customizable cookie banner, dynamically generates a cookie policy to match the services in use on your site, store proofs of users’ preferences and, fully manages cookie-related consent – including the blocking of the most common widgets and third-party cookies before consent is received – in order to comply with the GDPR, ePrivacy and CCPA

  • Our extensions are available for both Magento 1.9.x and 2.x, but please note that Magento 1.x reached end-of-support on June 30, 2020. As for version 2.x, our extension supports Magento Open Source (Magento Community Edition) and Magento Commerce (Magento Enterprise Edition and Magento Enterprise Cloud Edition).
  • Our extensions work better with versions of PHP 5.5 or later.


  • Allows you to automatically or manually block scripts that can install cookies prior to consent, without the need for direct intervention on the code.
  • Allows you to geo-detect and limit prior-blocking and cookie consent requests only to users from the EU – where this is a legal requirement – while running cookies scripts normally in regions where you are still legally allowed to do so.
  • Asynchronously re-activates cookie scripts once consent is collected.
  • Handles the display of the cookie banner and cookie policy, allowing you to fully customize the banner to match the look and brand colors of your site if needed
  • California Consumer Privacy Act (CCPA) Support.
  • Saves user preferences about the use of cookies and displays a clean page (without banner) to users who have already provided their consent.
  • Integrates with IAB’s Transparency and Consent Framework (TCF 2.0).
  • Allows you to provide your users with granular, per-category privacy control (e.g. Functionality, Experience, Marketing).
  • Compatible with Google’s Accelerated Mobile Pages (AMP).
  • Features an easy-to-use interface for entering custom scripts and iframes.
  • Detects bots/spiders and serves them a clean page so that your SEO efforts are never compromised.
  • AdRoll
  • AddThis widgets
  • Bing
  • CodePen
  • Criteo
  • Disqus
  • Elevio
  • Facebook Comments
  • Facebook widgets
  • Freshchat
  • Google AdSense
  • Google Analytics
  • Google Maps
  • Google ReCaptcha
  • Google Site Search
  • Google Tag Manager
  • Google oAuth
  • Google+ widgets
  • Headway
  • Instagram widgets
  • Kissmetrics
  • LinkedIn widgets
  • Mixpanel
  • Neodata
  • Olark
  • Optimizely
  • Outbrain
  • PayPal widgets
  • Pingdom
  • Pinterest widgets
  • Segment
  • ShareThis widgets
  • Twitter widgets
  • UserVoice
  • Vimeo
  • YouTube


Magento 2.x (Community/Enterprise/Cloud Edition)

  1. “Purchase” our free extension from the Magento Marketplace. Once done, it will appear on your purchases page.
  2. Connect to the server’s console log using SSH.
  3. Install our extension with composer require iubenda/module-cookiesolution command. If you need a version different than the latest release add the version number to the command, for example iubenda/module-cookiesolution:2.2.0
  4. When requested, use the Magento Marketplace Public key for login and Private key for password (note that you are requested to purchase the extension to continue installation using composer).
  5. Once the extension is installed, check the status with php bin/magento module:status
  6. The extension should have a disabled status. Enable it with php bin/magento module:enable Iubenda_CookieSolution and register with php bin/magento setup:upgrade
  7. If our store is in production mode, compile the build with php bin/magento
  8. Check if our extension is active again with php bin/magento module:status. If so, purge the cache with php bin/magento cache:clean

Uninstallation instructions for pre-marketplace releases

  1. Open the config.php file located in the “/app/etc/” folder, look for 'iubenda_cookiesolution' => 1, replace 1 with 0 and save.
  2. Remove the “/app/code/Iubenda/CookieSolution” folder.
  3. If the cache is enabled you need to purge: head to System > Cache Management, select all
    cache types and click Refresh.
  4. Open the config.php file located in the “/app/etc/” folder, remove the line
    'iubenda_cookiesolution' => 0 and save.
  • Log in to the Magento administrator area and go to System > Magento Connect > Magento Connect Manager
  • Re-enter your Magento Administration Credentials
  • Select the Create Backup checkbox and select the backup type.

Once you’ve created a backup, you can upload the package available here.

Once the extension is installed go back to Magento admin and configure your iubenda extension.


After the installation is successfully completed, go to Stores > Configuration > iubenda > iubenda Privacy Controls and Cookie Solution (this is the place where you can configure our extension).

Copy & paste your Privacy Controls and Cookie Solution JavaScript code from your iubenda account (as explained on the introduction guide), save and clear the store cache.


Don’t forget to save valid JavaScript code there to make sure the extension works properly.


Once configured, the plugin will begin to show the banner on which your cookie policy will be shown/linked to users that visit your site for the first time without the need for any other further configurations. The plugin will also recognize and automatically detect and block the cookies indicated in the above block-list, that are present on your site.


Our Magento extensions automatically block scripts that are generated on the server side (therefore returned by PHP by Magento). Scripts that are inserted into the page via JavaScript after the loading process of that page are not and cannot be blocked automatically.

These scripts can be blocked by entering the source into the Custom Script boxes in the plugin console or by using the manual wrapping method illustrated in the example below and (in more detail) in this help post.

Blocking custom scripts from within the console

The Custom Scripts field makes it easy for you to block scripts inserted into the page directly from within the plugin console. This greatly reduces the need for direct edits to the site’s code.

Magento 2.x (Community/Enterprise/Cloud Edition)

In the admin panel, go to Stores > Configuration > iubenda > iubenda Privacy Controls and Cookie Solution.

magento iubenda config menu

Scroll to find the Custom scripts and Custom iframes fields within the section titled Custom.

iubenda cookie solution custom scripts fields

Enter your script or iframe sources as needed, and click the Save Config button at the top of the page.

In the admin panel go to System > Configuration. Next, click on iubenda Privacy Controls and Cookie Solution in the left in the Configuration menu under Services. iubenda cookie solution custom scripts interface

Next, simply scroll to the section titled Custom iubenda cookie solution custom scripts interface

Enter your script or iframe sources as needed, and click the Save Config button at the top of the page.

Usage Examples

Using these fields are pretty straightforward. Simply enter the script or iframe src attribute you’d like to block.


If you wanted to block a social button (which inserts scripts into the page via JavaScript), you’d simply need to enter the script source, e.g. connect.socialwebsite.net/en_US/track.js into the scripts field.


Let’s say you wanted to block scripts inserted into the page via the following iframe

<iframe width="1280" height="720" src="https://www.videowebsite.com/embed/xxFhMChxx" frameborder="0" allow="accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe> 

What you’ll need to enter into the iframe field would be videowebsite.com/embed/ as this is the actual source of the scripts. Be careful NOT to enter the component id (videowebsite.com/embed/xxFhMChxx) to ensure that all scripts coming from the actual source are blocked.

Manual Use (wrapping method)

This method requires you to directly modify your site’s code. You’ll need to go into the relevant section of your site’s code and add the scripts to be blocked as explained below.

Here’s an example of how to make the plugin manually work for a Social button (which inserts scripts into the page via JavaScript).

    (function(d, s, id) {
        var js, fjs = d.getElementsByTagName(s)[0];
        if (d.getElementById(id)) return;
        js = d.createElement(s);
        js.id = id;
        js.src = "//connect.socialwebsite.net/en_US/sdk.js#xfbml=1&version=v2.3&appId=808061959224601";
        fjs.parentNode.insertBefore(js, fjs);
    }(document, 'script', 'socialwebsite-jssdk'));

If there are HTML / IMG / IFRAME elements, you will need to do it this way:

      <iframe src="...
      <img src="...

If you’ve enabled the per-category consent feature you’ll need to assign the purpose. Resuming the social button example, being part of the “Experience” purpose (id 3):


To stop automatic parsing/replacing the iframe/scripts that contain a defined src:

      <script type="text/javascript">...</script>

Install the Privacy Controls and Cookie Solution extension

Magento 2.x Community/Enterprise/Cloud Edition


Magento 1.9.x
⚠️ Caution

After installation, please be sure to set-up prior blocking, as this is legally mandatory under EU Law. You can find various methods of prior blocking along with full instructions in this guide.

See also