SSL Labs ScoreSecurityHeaders.io ScoreHSTS Preloaded

Do Not Track 1.1

Overview

For those who don't know what Do Not Track is all about, please refer to this site:

http://donottrack.us/

This plugin detects the Do Not Track browser setting and adds or removes a Joomla Access Level based on that setting. Components, Modules and Plugins which set tracking cookies can then be added to that access level.

Implementing this successfully will take planning and configuration. THIS IS NOT A PLUG-AND-PLAY EXTENSION!

An administrator creates a Do Not Track - Opt-In group and access level, and assigns that level within the plugin configuration. When a user arrives with Do Not Track turned OFF - the access level is added to the user and any components, modules or plugins that are assigned to that access level are allowed to run. When the user turns Do Not Track ON - that access level is removed from the user and those components, modules and plugins are not allowed to run.

Installation

  1. Download Do Not Track from the RicheyWeb download page.
    • This page will remain unlinked, as the link may change in the future. Visit http://www.richeyweb.com and use the search feature - search for "Do Not Track".
  2. In Joomla /administrator, go to the "Extensions" menu, the "Manage" sub-menu, and the "Install" sub-menu.
  3. Select the "Upload Package File" tab
  4. Press the "Choose File" button to browse your system and locate the plugin file you downloaded
  5. Press the "Upload & Install" button

At this point, the extension is installed but not enabled. You can find the plugin by going to the Extensions menu and selecting "Plugins". When in the plugin manager, search for "Do Not Track".

Configuration

Implementing this extension isn't plug-and-play. It requires planning and extra steps to fully realize the potential. Here are the steps to successful implementation:

  1. Create a new User Group for users who did not turn on "Do Not Track". Leave the parent group "Public".
    • In my implementations, I name the group "Do Not Track - Opt-In" - because users who did not turn on the setting have implicitely opted into tracking cookies.
  2. Create a new Access Level. Choose the group you just created (and no others).
    • In my implementations, I name the access level "Do Not Track - Opt-In" for the same reason as before.
  3. Assign your menu items, modules, and plugins (which use or load services that set tracking cookies) to this new access level.
    • Users who have not opted out (turned Do Not Track on in their browser), these items will load.

HELP

Please report bugs!