Important I am not affiliated with Google, Chrome, FLoC, Github, WordPress, the HTTP Header plugin and this is my personal experience. I am not paid by any of the companies or products referenced. If you find this helpful had success and want to say thanks, please buy me a coffee or take a look at my book on Amazon. It keeps this page ad (and FLoC) free. Thank you!
FLoC of Federated Learning of Cohorts is the way Google, specifically Chrome, intends to replace 3rd party cookies. I’m making the wild assumption that if you’re reading this, you know enough already and want to block FLoC on your WordPress site. This will mean your WordPress site will not be counted in a FLoC Cohort. Why would you do this? Well, privacy concerns with FLoC are enough of a reason.
The code required works for non-WordPress websites as well, just you will need to find your own way to implement the code to block FLoC on non-WordPress sites. If you need some guidance, this blog post from Adalytics should help.
Update 1: WordPress developer discussions suggest that they may block FLoC by default in either a security update or as part of the next major release. Until then, the instructions and advice below still stand and should be followed. You should also check that FLoC is correctly blocked, even once WordPress blocks FLoC by default. As themes or plugins could accidentally or intentionally cause an issue and may require you to take action.
Update 2: The HTTP Headers plugin now supports FLoC blocking within the Security settings. So I have updated this post accordingly.
Free WordPress Plugins to Block FLoC
Since writing this post there are now free WordPress plugins dedicated to blocking FLoC. These are untested. You can try:
Although, I recommend the free HTTP Headers plugin. This is because it makes it easy to block FLoC alternatives and variants. And trust me, there will be variants.
FLoC Block Code
As of April-May 2021, the FLoC Github says a site can opt-out of all FLoC cohort calculation by sending the HTTP response header:
Permissions-Policy: interest-cohort=()
On WordPress, you can do this by using a free HTTP header plugin to opt-out of FLoC. I use this plugin, HTTP Headers (it’s free). Assuming you’re using HTTP Headers plugin and have installed and activated it, then everything is easy. This plugin works as well, if not better than a free WordPress plugin that only blocks FLoC.
5 Steps To block FLoC on your WordPress site
Please note you do the following at your own risk. I do not provide technical support or accept responsibility for what happens. It works for me, but I can’t promise this won’t break something on your site.
- In WordPress, select Plugins -> Installed Plugins
- Find HTTP Headers, select Settings.
- Select Security.
- Select the On option button in the top left.
- Scroll down until you find Interest-Cohort and check the box. Make sure you have “none” selected as the option.
- Click Save Changes
You’re done!
Remember, if you’re using another method for editing the HTTP Header in WordPress, you need the values as follows:
Header
Permissions-Policy
Value
interest-cohort=()
Check if a Website is Blocking FLoC
To check the implementation and that your WordPress site blocks FLoC, you can use an HTTP Header Viewer. I recommend this one from InSpyder. You should get a response that, at least, has the section I have highlighted in red below. You can ignore the other text, as your response will differ based on your web host, etc.
Just a tip, make sure you enter HTTPS:// and the full URL when you check the header. Otherwise, it will check the headers of your non-secure site and any HTTP – HTTPS redirects. This may make you think you made a mistake with the implementation. If you see the text “HTTP/1.1 301 Moved Permanently” odds are you didn’t enter HTTPS.
If you do not see “Permissions-Policy: interest-cohort=()” then either a) you didn’t do it correctly or b) the site isn’t blocking FLoC.
If you’re not using WordPress and want to block your site from being used in FLoC cohorts, you will still use the code above. Just you won’t be using this HTTP Header plugin.
Sorry, I do not provide any technical support for any of this, so please don’t ask. If it’s not working for you, it could be because you didn’t enter the code correctly, or another plugin or theme is interfering with your HTTP Headers.
Hope this helps!
Reminder I am not affiliated with Google, Chrome, FLoC, Github, WordPress, the HTTP Header plugin and this is my personal experience. I am not paid by any of the companies or products referenced. If you find this helpful had success and want to say thanks, please buy me a coffee or take a look at my book on Amazon. It keeps this page ad (and FLoC) free. Thank you!