Joomla-Standard-Cookies

In the default configuration Joomla (here in version 3.8.7) sets a cookie - it is a session cookie.

How do I view the cookies?

In the browser "Chrome" you click on the field directly in front of the URL, in the window that opens, you can click directly on "Cookies" and you get a list of cookies.

Cookies in Google Chrome ansehen
Cookies in Google Chrome ansehen
Standard-Session-Cookie in Joomla!
Standard-Session-Cookie in Joomla!

In Firefox the whole thing is a bit more complicated: You click with the right mouse button into the web page, then in the following popup menu on "Show page information". A window opens, in the tabs of which you change to "Security" and then click on the button "Show Cookies".

Cookies in Firefox anschauen
Cookies in Firefox anschauen

What's the point of this session cookie?

  • The session cookie assigns the viewer - or rather his browser session - a unique - randomly generated - value
  • Joomla can assign the following information to this value:
    • Language - for multilingual websites (more details below)
    • Login status - by logging in to edit the website, for example, or to read content that is only accessible after logging in
  • Joomla also uses the cookie to allow the contact form to be sent only if a session cookie is available. Spam bots that automatically send spam often do not process cookies and therefore cannot send the contact form.
Joomla!-Kontaktformular - Prüfung des Session-Cookie
Joomla!-Kontaktformular - Prüfung des Session-Cookie

cookie validity

The session cookie remains valid until the end of the session (closing all browser windows), sometimes referred to as "transient cookies". Cookies that have a longer validity - and remain stored even after closing the browser - are called "permanent cookies". There are big differences in the storage time, the cookie can be stored for a week, or even years.

Login-Status?

If the user is not logged in, no further data is assigned to the cookie. If you log in, the cookie is assigned to the user. 

The following figure shows 2 sessions:

  1. Session of an observer, this is anonymous
  2. Session of a logged in user, userid and username have been assigned to this user.
    Joomla - and many other modern website systems work like this.
Joomla-Sessions in der Datenbank
Joomla-Sessions in der Datenbank

Does Joomla track website visitors?

Tracking is not done with the Joomla! core and the default settings, even for logged in users the cookie is only used for functions described above. Since the cookie is also not linked to the IP address of the page visitor and no further recordings are made, the cookie cannot be used to determine what a page visitor is doing there.

In order to "track" a page visitor, further aids and measures would be necessary.

Multilingualism in Joomla

For multilingual websites Joomla uses cookies to store the language.

First you will ask yourself: Why does Joomla! store the page language in a cookie?
Very simple: You can use language-neutral URLs in Joomla, from which the language setting does not come out. A prominent example is the start page, www.meinejoomlaseite123.de/blog would be another example.

In the default settings Joomla will try to show the language which is set as default in the browser. A German-speaking visitor sitting at an English-speaking computer/browser will probably set the page language to - if offered - German.

The cookie then ensures that the content of language-neutral URLs is displayed in the desired language.

By default, the session cookie is used, but you can also instruct Joomla! to set a cookie with a longer validity.

Einstellung das Cookie-Gültigkeits-Dauer für das Speichern der Seitensprache in Joomla!

Setting the cookie validity period for saving the page language in Joomla!

In this case, another cookie is generated in which only the language is stored.

Separates Cookie für die Speicherung der Seitensprache in Joomla!
Separates Cookie für die Speicherung der Seitensprache in Joomla!

Other Cookies

Further cookies can be set by extensions, templates or external data sources, which must be checked for each website in each individual case. Particular attention should be paid to the fact that certain sub-pages that call plugins or integrate external data sources may set additional cookies.

In the following example the plugin "Kickgdpr" has displayed a cookie hint. After the user has accepted the hint and clicked on the "Understand" button, the plugin saves the consent in the cookie "cookieconsent_status".

Without this cookie, the plugin would not know that the site visitor has already agreed - and would display the cookie hint again and again.

Vor der Zustimmung zur Datenschutzerklärung ist nur der Joomla-Standard-Cookie gesetzt
Vor der Zustimmung zur Datenschutzerklärung ist nur der Joomla-Standard-Cookie gesetzt

If the page visitor clicks on "Understand" at the top of the banner, this is stored in a cookie:

Zustimmung zur Datenschutzerklärung wird in Cookie gespeichert
Zustimmung zur Datenschutzerklärung wird in Cookie gespeichert