Autoblocking Checklist

Goal: make sure non-essential services stay paused before consent and only start when the visitor’s choice (via Access Levels and Purpose Categories) allows them.

Quick checks (one screen)

• Verify in WP admin first: WordPress admin → Compliance plugin → Protection tab — confirm autoblocking is enabled. Click the Trackers card to open the TrackerStatusPanel and verify your providers and URL patterns are listed. Then proceed with the browser checks below.
• Fresh session: Start with a clean browser session and visit a page that normally loads analytics/ads/media.
• Before consent: You shouldn’t see non-essential cookies, pixels, or third-party iframes.
• Balanced selected: Only Site Optimization should start; Content/Ad Personalization stay off.
• Personalized selected: Personalization and advertising services start.
• Revoke: Use the Revoke Consent option and reload—services you enabled should stop again.
• If WooCommerce, Site Kit, Burst, or other consent-aware plugins are active: they self-gate via the WP Consent API integration (v3.1.0+), independently of autoblocking. Confirm Settings tab → Configuration → WP Consent API is on (or intentionally off), and that those plugins reflect the visitor’s choice in their own dashboards.
• If Smash Balloon Instagram or Twitter feeds are on the page: they are handled by a native bridge inside the banner — no snippet required. Smash Balloon Facebook and YouTube feeds still need the legacy-cookie bridge.