Install Piwik

Piwik is a powerful web-analytics tool that can be easily integrated into most sites. Although installation is a little more work and server load a little higher than competing tools such as Google Analytics, Piwik does have the advantage of not sharing user traffic data with outside entities.

Piwik is also a good first web application to install for those who have never intalled one because it is not very involved and can be used as a part of most web applications to be installed.

Configure nginx
Create the  files   and  :

username@servername:~$ sudo nano /etc/nginx/package-configs/piwik.conf

Paste into the new file:

location /piwik/ { location ~ (index|piwik|js/index)\.php$ { include global-configs/php.conf; }    location ~ \.php$ { deny all; } }

username@servername:~$ sudo nano /etc/nginx/package-configs/piwik_https.conf

Paste into the new file:

location /piwik/ { location ~ (index|piwik|js/index)\.php$ { include global-configs/php_https.conf; }    location ~ \.php$ { deny all; } }

username@servername:~$ sudo nano /etc/nginx/sites-available/example.com

Add to the HTTP server block:

include package-configs/piwik.conf;

Add to the HTTPS server block:

include package-configs/piwik_https.conf;

Test and reload nginx.

username@servername:~$ sudo nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful username@servername:~$ sudo service nginx reload * Reloading nginx configuration nginx                                  [ OK ]

Create Piwik database and database user
Create a Piwik database and database user:

username@servername:~$ sudo mysql -uroot -p MariaDB [(none)]> create database databasename default character set utf8 default collate utf8_general_ci; MariaDB [(none)]> grant all on databasename.* to 'databasenameusername'@'localhost' identified by 'databasenameusernamepassword'; MariaDB [(none)]> exit

Note that the,   and   will be required for the Piwik configuration process.

Install and configure Piwik
Download and extract Piwik:

username@servername:~$ wget http://builds.piwik.org/latest.zip username@servername:~$ unzip -d /var/www/example.com/public/ latest.zip username@servername:~$ rm latest.zip username@servername:~$ sudo chown -R www-data /var/www/example.com/public/piwik/

Navigate to the secure location  https://www.example.com/piwik/  to set up Piwik through a secure session.

Viewing Piwik dashboard in https
Because the Piwik tracking code requires both http and https access to Piwik, it is not possible to force the dashboard to load an https session using nginx. Fortunately, this can be set up in a Piwik configuration file.

Open the configuration file:

username@servername:~$ sudo nano /var/www/example.com/public/piwik/config/config.ini.php

Directly under, add:

force_ssl = 1

Navigating to  http://www.example.com/piwik/  should force the dashboard to open in a secure session.

Geolocation
The geolocation feature in Piwik provides some of the more useful data on visitors. The PECL option is generally the better module to use.

Install the packages required for this feature to work and edit the necessary files:

username@servername:~$ sudo aptitude install php5-geoip libgeoip-dev username@servername:~$ sudo pecl install geoip username@servername:~$ sudo nano /etc/php5/fpm/php.ini

At the bottom of the file, add:

extension=geoip.so geoip.custom_directory=/var/www/example.com/public/piwik/misc

Restart PHP:

username@servername:~$ sudo service php5-fpm restart

Log into Piwik and navigate to Settings -> Geolocation. Select the GeoIP (PECL) radio button. At the bottom of the page, assuming the free option is to be used, enter the GeoLite City database location into the Location Database, ISP Database and Organization Database fields and click save.

Device detection
Piwik has various plugins that come with the default install, located at Settings -> (Plugins) Installed, though not all of them are activated. The DevicesDetection plugin provides more information on the devices used by visitors and can be enabled by clicking Activate.

Image tracking code
The image tracking code is used to track visitors when either the page does not load javascript or the users do not have javascript enabled. The code will give very basic information as compared to the javascript code, but will load for all visitors using browsers capable of downloading images.

One problem in Piwik's default image tracking code is that it includes an http (or https) link to the image tracker:



This is problematic because if the site is served in an http session, then browsers may give warnings about not all elements being secure, and this will remain true in the reverse, if providing an http link on an https page. It's better to use the relative location, which will translate to either http or https depending on the page being served:



When using the image tracking code as a backup to track visitors that have javascript disabled, use the  tag to prevent tracking visitors who will also run the javascript:



Most Piwik plugins will add  tags by default, though any time the code is being pasted in full into the plugin, the tags should be added.

Multiple domains
It is possible to track multiple domains with one installation of Piwik. However, if this is done with the default tracking code, it will require javascript to load from the domain hosting Piwik in the target domain that is being tracked. This means that additional privacy and security tools, such as NoScript, will block the tracker, increasing the number of users not tracked with javascript while visiting the site, thus reducing the quality of the usage reports. Piwik does provide an option to mask the foreign domain so tracking can be obfuscated and run from the same domain.

For domains hosted on one server, there is an even simpler solution. Create symlinks in the target site's  directory that points to the   directory for the piwik domain, then use the site's tracking code stated in the dashboard and simply replace the piwik domain with the target domain.

Create the symlink:

username@servername:~$ ln -s /var/www/piwikdomain.com/public/piwik /var/www/targetdomain.com/public/piwik

Be sure to  the   files in the HTTP and HTTPS server blocks for the target domain, as performed in the Piwik domain in the first step of this article.

Piwik trusted hostnames
As a security feature, Piwik includes a setting to set the trusted hostnames, so loading the Piwik dashboard from any other hostname will result in a prominent warning that the host is not trusted. To view the current trusted hostname, in the dashboard navigate to Settings -> General Settings -> Trusted Piwik Hostname and add the additional domains as desired.

Privacy tools
Another problem that can arise is being blocked by privacy extensions such as Ghostery. Some webmasters believe that a site is private property and feel justified in tracking users on that property, ostensibly to improve the site. Some visitors do not like to be tracked and are concerned that the webmasters are selling the data acquired or managing it in an irresponsible manner. However, this is not an issue to be addressed by this article, it is only to inform webmasters on how to use Piwik, as there are certainly ethical ways of tracking site usage and maintaining that data.

Ghostery blocks the specific javascipt. By replacing the  script in the tracking code with the directory ,   will be loaded and then   will run in the browser without being blocked by Ghostery. This method should allow for tracking of the vast majority of visitors that land on a page.

More advanced visitors may use tools such as Adblock Plus or AdBlock Edge with the EasyPrivacy filter. To bypass the EasyPrivacy filter, create two randomly named symlinks, one to  and the other to   and replace   in the   tracking code with one symlink and   in the   with the other.

username@servername:~$ ln -s /var/www/example.com/public/piwik/ /var/www/example.com/public/randomsymlinkname username@servername:~$ ln -s /var/www/example.com/public/piwik/piwik.php /var/www/example.com/public/randomsymlinkname2.php

Sample tracking code:

Note the  and that the actual code used should be based on the code produced in Piwik, then modified with the symlinks - do not copy the code used here.

Package-configs edits
Edit :

username@servername:~$ sudo nano /etc/nginx/package-configs/piwik.conf

Add to the file:

location /randomsymlinkname/ { location ~ (index|piwik|js/index)\.php$ include global-configs/php.conf; }        location ~ \.php$ { deny all; } }    location ~ randomsymlinkname2\.php$ { include global-configs/php.conf; }

Edit :

username@servername:~$ sudo nano /etc/nginx/package-configs/piwik_https.conf:

Add to the file:

location /randomsymlinkname/ { location ~ (index|piwik|js/index)\.php$ { include global-configs/php_https.conf; }        location ~ \.php$ { deny all; } }    location ~ randomsymlinkname2\.php$ { include global-configs/php_https.conf; }

Multiple domains
For servers hosting multiple domains, the same symlink file names should be used in each domain to point at the Piwik domain directory and files. This way the same  files may be used in all of the domain server blocks.

Log analytics tool
The Piwik log analytics tool will parse the access logs and import the data into Piwik. There may be various cases where importing the logs can provide very useful, but most admins will not have a need for it as the javascript tool generally provides better data more conveniently.

Log analytics import script
The  script may be run to import logs into Piwik. There are may options available for running this script, including running it from a separate machine.