Cookie name	Description	Lifetime	Provider
_ce.clock_data	Store the difference in time from the server's time and the current browser.	1 day	Crazy Egg
_ce.clock_event	Prevent repeated requests to the Clock API.	1 day	Crazy Egg
_ce.irv	Store isReturning value during the session	Session	Crazy Egg
_ce.s	Track a recording visitor session unique ID, tracking host and start time	1 year	Crazy Egg
_hjSessionUser_2909345	Store a unique user identifier to track user sessions and interactions for analytics purposes.	1 year	HotJar
_hjSession_2909345	Store session data to identify and analyze individual user sessions.	1 day	HotJar
apt.uid	Store a unique user identifier for tracking and personalization.	1 year	Mageplaza
cebs	Store user preferences and settings.	Session	Mageplaza
cf_clearance	Store a token that indicates a user has passed a Cloudflare security challenge.	1 year	Cloudflare
crisp-client	The crisp-client/session cookie is used to identify and maintain a user session within the Crisp platform. It allows the live chat system to recognize returning users, maintain chat history, and ensure continuity in customer service interactions.	Session	Crisp
_ga	Store a unique client identifier (Client ID) for tracking user interactions on the	2 years	Google
_ga_7B0PZZW26Z	Store session state information for Google Analytics 4.	2 years	Google
_ga_JTRV42NV3L	Store session state information for Google Analytics 4.	2 years	Google
_ga_R3HWQ50MM4	Store a unique client identifier (Client ID) for tracking user interactions on the website.	2 years	Google
_gid	Store a unique client identifier (Client ID) for tracking user interactions on the website.	1 day	Google
_gat_UA-76130628-1	Throttle the request rate to Google Analytics servers.	1 day	Google

Cookie name	Description	Lifetime	Provider
_gcl_au	The cookie is used by Google to track and store conversions.	1 day	Google
__Secure-3PAPISID	This cookie is used for targeting purposes to build a profile of the website visitor's interests in order to show relevant and personalized Google advertising.	2 years	Google
HSID	This security cookie is used by Google to confirm visitor authenticity, prevent fraudulent use of login data and protect visitor data from unauthorized access.	2 years	Google
__Secure-1PSID	This cookie is used for targeting purposes to build a profile of the website visitor's interests in order to show relevant and personalized Google advertising.	2 years	Google
SID	This security cookie is used by Google to confirm visitor authenticity, prevent fraudulent use of login data and protect visitor data from unauthorized access.	2 years	Google
APISID	This cookie is used by Google to display personalized advertisements on Google sites, based on recent searches and previous interactions.	2 years	Google
__Secure-1PAPISID	This cookie is used for targeting purposes to build a profile of the website visitor's interests in order to show relevant and personalized Google advertising.	2 years	Google
__Secure-3PSID	This cookie is used for targeting purposes to build a profile of the website visitor's interests in order to show relevant and personalized Google advertising.	2 years	Google
SSID	This cookie is used by Google to display personalized advertisements on Google sites, based on recent searches and previous interactions.	2 years	Google
SAPISID	This cookie is used by Google to display personalized advertisements on Google sites, based on recent searches and previous interactions.	2 years	Google
__Secure-3PSIDTS	This cookie collects information about visitor's interactions with Google services and ads. It is used to measure advertising effectiveness and deliver personalised content based on interests. The cookie contains a unique identifier.	2 years	Google
__Secure-1PSIDTS	This cookie collects information about visitor's interactions with Google services and ads. It is used to measure advertising effectiveness and deliver personalised content based on interests. The cookie contains a unique identifier.	2 years	Google
SIDCC	This security cookie is used by Google to confirm visitor authenticity, prevent fraudulent use of login data, and protect visitor data from unauthorized access.	3 months	Google
__Secure-1PSIDCC	This cookie is used for targeting purposes to build a profile of the website visitor's interests in order to show relevant and personalized Google advertising.	1 year	Google
__Secure-3PSIDCC	This cookie is used for targeting purposes to build a profile of the website visitor's interests in order to show relevant and personalized Google advertising.	1 year	Google
1P_JAR	This cookie is a Google Analytics Cookie created by Google DoubleClick and used to show personalized advertisements (ads) based on previous visits to the website.	1 month	Google
NID	Show Google ads in Google services for signed-out users.	6 months	Google

Cookie name	Description	Lifetime	Provider
_dc_gtm	Manage and deploy marketing tags through Google Tag Manager.	1 year	Google
1P_JAR	Gather website statistics and track conversion rates for Google AdWords campaigns.	1 month	Google
AEC		1 month	Google
ar_debug	Debugging purposes related to augmented reality (AR) functionalities.	1 month	Doubleclick
IDE	The IDE cookie is used by Google DoubleClick to register and report the user's actions after viewing or clicking on one of the advertiser's ads with the purpose of measuring the effectiveness of an ad and to present targeted ads to the user.	1 year	Doubleclick
ad_storage	Enables storage, such as cookies (web) or device identifiers (apps), related to advertising.	1 year	Google
ad_user_data	Sets consent for sending user data to Google for online advertising purposes.	1 year	Google
ad_personalization	Sets consent for personalized advertising.	1 year	Google
analytics_storage	Enables storage, such as cookies (web) or device identifiers (apps), related to analytics, for example, visit duration.	1 year	Google

How to Restrict Order in Magento 2

Table of Contents

The Most Popular Extension Builder for Magento 2

With a big catalog of 224+ extensions for your online store

Vinh Jacker | 09-17-2024

How to Restrict Order in Magento 2 - Mageplaza

If you want to succeed in the e-commerce business, you should ensure smooth operations in managing orders. Magento 2 provides a range of features that meet diverse business needs. However, in some cases, you should restrict orders in the Magento 2 store to create a more personalized shopping experience. This can be achieved by offering exclusive products or services to specific customer segments.

In this article, we’ll explore how to restrict orders in Magento 2 and enhance your store’s management.

Order Management Suite for M2

Boost order processing speed, level up customer satisfaction and maximize profit

(3 reviews)

Check it out!

A Detailed Guide to Restrict Orders in Magento 2

Before implementing order restrictions, ensure you create the necessary customer groups. You can achieve this by following the steps below:

Navigate to Customers > Customer Groups.

Click on Add New Customer Group and create the groups you need, such as Wholesale, Retail, VIP, etc.

Step 1: Create a Custom Module

Firstly, you need to create a custom module. Let’s call it Vendor_CustomerGroupRestriction.

Set up the module directory structure: app/code/Vendor/CustomerGroupRestriction/

├── registration.php
├── etc
│   ├── module.xml
│   └── di.xml
└── Plugin
    ├── GuestPaymentInformationManagementPlugin.php
    └── PaymentInformationManagementPlugin.php

Step 2: Configure The Module

Register the module: registration.php
Configure the module: etc/module.xml

Step 3. Create Plugins

In Magento 2, the plugins allow you to modify behavior. You need to create three plugins:

Dependency Injection Configuration: etc/di.xml

Run the code as given below:

<?xml version="1.0"?>
<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd">
    <type name="Magento\Checkout\Api\GuestPaymentInformationManagementInterface">
        <plugin name="guest_payment_information_management_plugin" type="Vendor\CustomerGroupRestriction\Plugin\GuestPaymentInformationManagementPlugin"/>
    </type>
    <type name="Magento\Checkout\Api\PaymentInformationManagementInterface">
        <plugin name="payment_information_management_plugin" type="Vendor\CustomerGroupRestriction\Plugin\PaymentInformationManagementPlugin"/>
    </type>
</config>

```

* **Guest Payment Information Management Plugin**

Patch: ``Plugin/GuestPaymentInformationManagementPlugin.php``

This plugin restricts guest users based on customer group conditions. Add the below-mentioned code.

```
<?php

namespace Vendor\CustomerGroupRestriction\Plugin;

use Magento\Checkout\Api\GuestPaymentInformationManagementInterface;
use Magento\Framework\Exception\LocalizedException;
use Magento\Quote\Api\CartRepositoryInterface;
use Magento\Customer\Api\CustomerRepositoryInterface;

class GuestPaymentInformationManagementPlugin
{
    protected $cartRepository;
    protected $customerRepository;

    public function __construct(
        CartRepositoryInterface $cartRepository,
        CustomerRepositoryInterface $customerRepository
    ) {
        $this->cartRepository = $cartRepository;
        $this->customerRepository = $customerRepository;
    }

    public function beforeSavePaymentInformationAndPlaceOrder(
        GuestPaymentInformationManagementInterface $subject,
        $cartId,
        $email,
        \Magento\Quote\Api\Data\PaymentInterface $paymentMethod,
        \Magento\Quote\Api\Data\AddressInterface $billingAddress
    ) {
        $quote = $this->cartRepository->getActive($cartId);
        $customerId = $quote->getCustomerId();
        
        if ($customerId) {
            $customer = $this->customerRepository->getById($customerId);
            $customerGroupId = $customer->getGroupId();

            // Check if the customer group is allowed to place the order
            if (!$this->isAllowedCustomerGroup($customerGroupId)) {
                throw new LocalizedException(__('You are not allowed to place orders.'));
            }
        }

        return [$cartId, $email, $paymentMethod, $billingAddress];
    }

    protected function isAllowedCustomerGroup($customerGroupId)
    {
        // Add your custom logic to determine if the customer group is allowed
        $allowedCustomerGroups = [1, 2]; // Example: Only allow customer groups with IDs 1 and 2
        return in_array($customerGroupId, $allowedCustomerGroups);
    }
}

```

* **Payment Information Management Plugin**


Patch: ``Plugin/PaymentInformationManagementPlugin.php``

This plugin restricts registered users based on customer group conditions.

```

<?php

namespace Vendor\CustomerGroupRestriction\Plugin;

use Magento\Checkout\Api\PaymentInformationManagementInterface;
use Magento\Framework\Exception\LocalizedException;
use Magento\Quote\Api\CartRepositoryInterface;
use Magento\Customer\Api\CustomerRepositoryInterface;

class PaymentInformationManagementPlugin
{
    protected $cartRepository;
    protected $customerRepository;

    public function __construct(
        CartRepositoryInterface $cartRepository,
        CustomerRepositoryInterface $customerRepository
    ) {
        $this->cartRepository = $cartRepository;
        $this->customerRepository = $customerRepository;
    }

    public function beforeSavePaymentInformationAndPlaceOrder(
        PaymentInformationManagementInterface $subject,
        $cartId,
        \Magento\Quote\Api\Data\PaymentInterface $paymentMethod,
        \Magento\Quote\Api\Data\AddressInterface $billingAddress
    ) {
        $quote = $this->cartRepository->getActive($cartId);
        $customerId = $quote->getCustomerId();

        if ($customerId) {
            $customer = $this->customerRepository->getById($customerId);
            $customerGroupId = $customer->getGroupId();

            // Check if the customer group is allowed to place the order
            if (!$this->isAllowedCustomerGroup($customerGroupId)) {
                throw new LocalizedException(__('You are not allowed to place orders.'));
            }
        }

        return [$cartId, $paymentMethod, $billingAddress];
    }

    protected function isAllowedCustomerGroup($customerGroupId)
    {
        // Add your custom logic to determine if the customer group is allowed
        $allowedCustomerGroups = [1, 2]; // Example: Only allow customer groups with IDs 1 and 2
        return in_array($customerGroupId, $allowedCustomerGroups);
    }
}

Conclusion

By executing the steps outlined in this article, you can successfully restrict orders in Magento 2. This will help you manage inventory effectively and tailor your e-commerce store to different customer segments. Remember to test your restrictions thoroughly to ensure a seamless shopping process for your customers.

Feel free to contact us if you have any further questions or need additional assistance!

Table of content

Vinh Jacker

Jacker is the Chief Technology Officer (CTO) at Mageplaza, bringing over 10 years of experience in Magento, Shopify, and other eCommerce platforms. With deep technical expertise, he has led numerous successful projects, optimizing and scaling online stores for global brands. Beyond his work in eCommerce development, he is passionate about running and swimming.

Share this post:

Hyvä Theme is Now Open Source: What This Means for Magento Community - Mageplaza

Hyvä is now Open Source and free. Discover what changed, what remains commercial, how it impacts the Magento ecosystem, and how to maximize its full potential.

8 mins read | 02-12-2026

January 2026 - Mageplaza

2 mins read | 01-30-2026

December 2025 - Mageplaza

2 mins read | 12-30-2025

November 2025 - Mageplaza

2 mins read | 11-30-2025

October 2025 - Mageplaza

3 mins read | 10-30-2025

Holiday Marketing Hacks 2025 - How to Boost Sales for Magento 2 Stores? - Mageplaza

Discover the best 2025 holiday marketing strategies for Magento 2. Learn key trends, creative campaign ideas, and expert tips to increase seasonal sales.

17 mins read | 10-05-2025