In early April 2023, Apple once again updated its Intelligent Tracking Prevention (ITP) functionality, which now limits the lifespan of cookies, even if they are set from a first-party domain.
In Safari 16.4+, server-side cookies are now set with a maximum duration of 7 days in the following cases:
While JavaScript cookies can have any duration, they will be effectively deleted after 7 browser days.
Sounds concerning, right? But it's not as bad as it seems. In this article, we'll explain why and how you can easily continue using the full cookie duration with Stape.
This ITP update does not work if the user has the "Hide IP Address" from Trackers and Websites option enabled in their Safari settings. By default, this option is active for all iCloud+ users (if the user pays for any additional Apple services: iCloud storage, Apple Music, Apple Arcade, etc.). This nuance is why the update does not have as significant an impact as when iOS 14.5 was released.
At Stape, we always keep an eye on all updates and strive to minimize any negative impact on your marketing data. To address this, we have prepared two solutions:
With the help of own CDN feature, you can route sGTM custom domain and proxy sGTM traffic through the DNS provider of your website. In this case, the IP addresses of your website and the custom domain of the sGTM will match, and server-side cookies will be considered as first-party.
Below is an example of how to configure Own CDN using CloudFlare.
Stape Own CDN is available on all plans.
1. Go to your Stape container setting and select Own CDN.
2. Go to CloudFlare and configure CNAME record for the tagging server URL. Please make sure that Proxied is enabled. The setting should look like in the screenshot below.
3. Go to the Rules → Configuration Rules - create a new rule
Scroll down on this page and find the ‘SSL’ feature. Activate it with ‘Full’ option.
4. Go to the Rules → Transform Rules → Modify Request Header - create a new rule
Specify any name you like for the rule
Select ‘Custom filter expression’
Field: hostname
Operator: contains
Value: specify your sGTM subdomain, in our example, it is ‘gtm.stape.tools’
In the modify headers section, specify:
Type: Set static
Header name: X-From-Cdn
Value: cf-stape
Deploy changes
5. Go to the Caching → Cache Rules - create a new rule
Cache eligibility: Bypass cache
Deploy changes.
That's it, now all your requests to and from sGTM will be proxied through Cloudflare.
And that’s it! Now you don’t have to worry that CNAME Cloaking defense will restrict the cookies. With Own CDN on Stape the website and the server are considered to be first-party to each other.
The Cookie Keeper Power-Up is designed to help you maintain the functionality of your marketing cookies, even if they are deleted for any reason. Here's a simplified explanation of how it works:
By using the Cookie Keeper Power-Up, you can maintain the effectiveness of your marketing campaigns and ensure more accurate tracking, regardless of any cookie deletion that may occur.
1. Install and activate our Stape Server Side plugin:
2. Configure the app settings.
Once installed, open the Stape plugin in your store admin. In the app settings, perform the following steps:
a) Enable the GTM snippet addition feature: Turn on the switch to activate the addition of the GTM snippet to your store.
b) Enter your GTM ID: Input your unique Google Tag Manager ID, which follows the format 'GTM-XXXXXX'.
c) Specify your custom domain: Provide the custom domain that you use for your GTM server container.
d) Enter the container identifier: You can find it in Container Settings on your Stape account.
e) Activate the Cookie Keeper option: Turn on this feature.
3. Activate the Power-Up.
a) In your Stape container, go to the Power-Ups section -> Cookie Keeper.
b) Select all the necessary platforms in the standard cookies, and if your subscription plan allows, add custom ones. By the way, if you want to set a standard 'fbp' cookie for a non-standard duration, you can add it to custom cookies, and your settings will be applied to that cookie.
c) Save the changes.
d) Go to the Power-Up Custom Loader.
e) Choose your domain, enter your GTM Web ID, and select your website's platform, either Shopify, WordPress or Magento.
Save your settings and test them using the instructions provided below.
For this, you need to have a master cookie* in place, based on which Cookie Keeper will restore the user's cookies. The optimal approach is as follows:
Once you've created such a cookie:
1) Activate Cookie Keeper in Stape Power-Ups for your container.
In the settings, select the platforms you need, and add custom cookies if necessary.
2) To use Cookie Keeper, you'll need to replace the GTM loader snippet.
Go to the Power-Up 'Custom Loader' and in its settings:
A custom loader snippet will be generated for you to use instead of the standard one.
After this, everything is ready, and you can test the functionality of Cookie Keeper.
* You can also use other types of user identifiers, although cookies are preferable. Cookie Keeper also supports retrieving the user identifier from Local Storage, DOM Elements, and JavaScript variables.
On Stape, standard cookies are available for stape Pro plan users, for the most popular platforms: Google Analytics, Google Ads, TikTok, Facebook, and Stape cookies (including cookies set using Data Tag).
Click on this link to find out which standard cookies for which platforms will be restored and for what duration.
For Business-tier users and above, you can also use any additional custom cookies. For example, if you use Twitter Ads, you can add the "twclid" cookie so that the click ID cookie for Twitter is also restored for the necessary duration.
The main goal here is to have a master cookie on your site. The master cookie is a first-party cookie that complies with all ITP rules and has a unique ID. We have created plugins for Shopify, WordPress and Magento that also set such cookies. Detailed instructions on how to properly configure these plugins along with the Cookie Keeper Power-Up are provided below. Additionally, there is information below with recommendations on how to set up a master cookie if you are using another or custom platform (in this case, unfortunately, you will need a developer).
The example below shows how to check the renewal of GA4 server-side cookies using Cookie Keeper and using Own CDN. If you use other platforms, you can also check their cookies. You can find the full list of standard cookies that are restored using Cookie Keeper here.
1. Open Safari browser: Make sure you are using Safari version 16.4 or higher. You can check the version by clicking "Safari" in the menu bar and then selecting "About Safari."
2. Access your store: Navigate to your store's URL in the Safari browser.
3. Inspect Element: Right-click on any empty space within your store's webpage and select "Inspect Element" from the context menu. This will open the Developer Tools panel.
4. Open the Storage tab: In the Developer Tools panel, click on the "Storage" tab to view the storage information for your store.
5. Find the Cookies section: On the left side of the "Storage" tab, click on "Cookies" to display the list of cookies associated with your store.
6. Locate and save the FPID value: In the list of cookies, find the 'FPID' cookie, which is the user ID cookie set for GA4. Take note of its value by copying it to a text editor or writing it down.
7. Delete the FPID cookie: Click on the 'FPID' cookie and press the "Delete" key on your keyboard, or right-click and choose "Delete" from the context menu. This will remove the cookie from the list.
8. Refresh the page: Reload your store's webpage by pressing the "Refresh" button in the browser or pressing the "Cmd+R" keys on your keyboard.
9. Refresh the page again: In order to see the updated cookies in Safari, you will need to refresh the page once more.
10. Verify the FPID cookie: After refreshing the page twice, locate the 'FPID' cookie in the list again. The value of this cookie should match the value you saved earlier.
We hope this guide has made it easy for you to understand and implement the Cookie Keeper and Own CDN features. By tackling the challenges brought by the latest ITP update in Safari 16.4, you can now restore and maintain those essential marketing cookies.
So, stay informed, stay ahead of the curve, and keep rocking your marketing data collection and analysis with Stape.io. Happy marketing!
We've got you covered! Click Get help, fill-up the form, and we will send you a quote.
