Install Piwik

Piwik is a powerful web-analytics tool that can be easily integrated into most sites. Although installation is a little more work and server load a little higher than competing tools such as Google Analytics, Piwik does have the advantage of not sharing user traffic data with outside entities.

Piwik is also a good first web application to install for those who have never intalled one because it is not very involved and can be used as a part of most web applications to be installed.

Configure nginx
Create the  files   and  :

username@servername:~$ sudo nano /etc/nginx/package-configs/piwik.conf

Paste into the new file:

location /piwik/ { location ~ (index|piwik|js/index)\.php$ { include global-configs/php.conf; }    location ~ \.php$ { deny all; } }

username@servername:~$ sudo nano /etc/nginx/package-configs/piwik_https.conf

Paste into the new file:

location /piwik/ { location ~ (index|piwik|js/index)\.php$ { include global-configs/php_https.conf; }    location ~ \.php$ { deny all; } }

username@servername:~$ sudo nano /etc/nginx/sites-available/example.com

Add to the HTTP server block:

include package-configs/piwik.conf;

Add to the HTTPS server block:

include package-configs/piwik_https.conf;

Test and restart nginx.

username@servername:~$ sudo nginx -t username@servername:~$ sudo service nginx restart

Create Piwik database and database user
Create a Piwik database and database user:

username@servername:~$ sudo mysql -uroot -p MariaDB [(none)]> create database databasename default character set utf8 default collate utf8_general_ci; MariaDB [(none)]> grant all on databasename.* to 'databasenameusername'@'localhost' identified by 'databasenameusernamepassword'; MariaDB [(none)]> exit

Note that the,   and   will be required for the Piwik configuration process.

Install and configure Piwik
Download and extract Piwik:

username@servername:~$ wget http://builds.piwik.org/latest.zip username@servername:~$ unzip -d /var/www/example.com/public/ latest.zip username@servername:~$ rm latest.zip username@servername:~$ sudo chown -R www-data /var/www/example.com/public/piwik/

Navigate to the secure location  https://www.example.com/piwik/  to set up Piwik through a secure session.

Viewing Piwik dashboard in https
Because the Piwik tracking code requires both http and https access to Piwik, it is not possible to force the dashboard to load an https session using nginx. Fortunately, this can be set up in a Piwik configuration file.

Open the configuration file:

username@servername:~$ sudo nano /var/www/example.com/public/piwik/config/config.ini.php

Directly under, add:

force_ssl = 1

Navigating to  http://www.example.com/piwik/  should force the dashboard to open in a secure session.

Geolocation
The geolocation feature in Piwik provides some of the more useful data on visitors. The PECL option is generally the better module to use.

Install the packages required for this feature to work and edit the necessary files:

username@servername:~$ sudo aptitude install php5-geoip libgeoip-dev username@servername:~$ sudo pecl install geoip username@servername:~$ sudo nano /etc/php5/fpm/php.ini

At the bottom of the file, add:

extension=geoip.so geoip.custom_directory=/var/www/example.com/public/piwik/misc

Restart PHP:

username@servername:~$ sudo service php5-fpm restart

Log into Piwik and navigate to Settings -> Geolocation. Select the GeoIP (PECL) radio button. At the bottom of the page, assuming the free option is to be used, enter the GeoLite City database location into the Location Database, ISP Database and Organization Database fields and click save.

Device detection
Piwik has various plugins that come with the default install, located at Settings -> (Plugins) Installed, though not all of them are activated. The DevicesDetection plugin provides more information on the devices used by visitors and can be enabled by clicking Activate.

Image tracking code
The image tracking code is used to track visitors when either the page does not load javascript or the users do not have javascript enabled. The code will give very basic information as compared to the javascript code, but will load for all visitors using browsers capable of downloading images.

One problem in Piwik's default image tracking code is that it includes an http (or https) link to the image tracker:



This is problematic because if the site is served in an http session, then browsers may give warnings about not all elements being secure, and this will remain true in the reverse, if providing an http link on an https page. It's better to use the relative location, which will translate to either http or https depending on the page being served:



When using the image tracking code as a backup to track visitors that have javascript disabled, use the  tag to prevent tracking visitors who will also run the javascript:



Most Piwik plugins will add  tags by default, though any time the code is being pasted in full into the plugin, the tags should be added.

Privacy tools
Another problem that can arise is being blocked by privacy extensions such as Ghostery. Some webmasters believe that a site is private property and feel justified in tracking users on that property, ostensibly to improve the site. Some visitors do not like to be tracked and are concerned that the webmasters are selling the data acquired or managing it in an irresponsible manner. However, this is not an issue to be addressed by this article, it is only to inform webmasters on how to use Piwik, as there are certainly ethical ways of tracking site usage and maintaining that data.

Ghostery blocks the specific javascipt. By replacing the  script in the tracking code with the directory ,   will be loaded and then   will run in the browser without being blocked by Ghostery. This method should allow for tracking of the vast majority of visitors that land on a page.

More advanced visitors may use tools such as Adblock Plus or AdBlock Edge with the EasyPrivacy filter. To bypass the EasyPrivacy filter, create two randomly named symlinks, one to  and the other to   and replace   in the   tracking code with one symlink and   in the   with the other.

username@servername:~$ ln -s /var/www/example.com/public/piwik/ /var/www/example.com/public/randomsymlinkname username@servername:~$ ln -s /var/www/example.com/public/piwik/piwik.php /var/www/example.com/public/piwik/randomsymlinkname2.php

Sample tracking code with changes in bold:

 var _paq = _paq || []; _paq.push(["trackPageView"]); _paq.push(["enableLinkTracking"]); (function {    var u=(("https:" == document.location.protocol) ? "https" : "http") + "://www.example.com/randomsymlinkname/";    _paq.push(["setTrackerUrl", u+"js/"]);     _paq.push(["setSiteId", "1"]);     var d=document, g=d.createElement("script"), s=d.getElementsByTagName("script")[0]; g.type="text/javascript";     g.defer=true; g.async=true; g.src=u+"js/"; s.parentNode.insertBefore(g,s);   }); 

Note  is in bold and that the actual code used should be based on the code produced in Piwik, then modified with the symlinks - do not copy the code used here.

Package-configs edits
Edit :

username@servername:~$ sudo nano /etc/nginx/package-configs/piwik.conf

Change:

location /piwik/ { location ~ (index|piwik|js/index|randomsymlinkname2)\.php$ include global-configs/php.conf; location ~ \.php { deny all; } }

Add to the file:

location /randomsymlinkname/ { location ~ (index|piwik|js/index|randomsymlinkname2)\.php$ include global-configs/php.conf; location ~ \.php { deny all; } }

Edit :

username@servername:~$ sudo nano /etc/nginx/package-configs/piwik_https.conf:

Change:

location /piwik/ { location ~ (index|piwik|js/index|randomsymlinkname2)\.php$ include global-configs/php_https.conf; }

Add to the file:

location /randomsymlinkname/ { location ~ (index|piwik|js/index|randomsymlinkname2)\.php$ include global-configs/php_https.conf; }

Multiple domains
It is possible to track multiple domains with one installation of Piwik. However, doing this will require javascript to load from the domain hosting Piwik in the target domain that is being tracked. This means that additional privacy and security tools, such as NoScript, will block the tracker, increasing the number of users not tracked with javascript while visiting the site, thus reducing the quality of the usage reports.

It may be more desirable to run multiple installations of Piwik - one for each domain - to better capture site visitors, except for admins running a high number of domains. Piwik does provide an option to mask the foreign domain so tracking can be both obfuscated and run from the same domain.

For domains hosted on one server, it should be possible to create symlinks in the site's  directory that point to the   directory and the   file, then identifying the site to be tracked using the ID given for the site in the Piwik dashboard.

Example:

username@servername:~$ ln -s /var/www/piwikdomain.com/public/piwik /var/www/targetdomain.com/public/randomsymlinkname username@servername:~$ ln -s /var/www/piwikdomain.com/public/piwik/piwik.php /var/www/targetdomain.com/public/randomsymlinkname.php

Be sure to add  and   to   and   as described in the above Privacy tools section..