Misc
Matomo
Wordpress plugins
Matomo Analytics – Ethical Stats. Powerful Insights.
https://wordpress.org/plugins/matomo/
WP-Matomo Integration (WP-Piwik)
https://wordpress.org/plugins/wp-piwik/
Data Model
- raw data is collected from trackers and stored as log data
- the archiving process aggregates log data into archive data
- archive data is loaded and presented into reports
Log data
There are four types of log data:
- visits
- action types
- conversions
- ecommerce items
GUI
Geolocation
DBIP / GeoIP 2 database
Auto archiving
Cronjob
Plugins
DBStats
TwoFactorAuth
Provider
TagManager
Additional plugins
MarketingCampaignsReporting
Privacy > Anonymize data
Mail
./console core:test-email johan+test@whitespace.se
Ssmtp
ssmtp johan+test@whitespace.se
To: johan+test@whitespace.se
From: johan+test@whitespace.se
Subject: test email
Hello World!
Cron jobs
Archiving
sudo -uweb -H crontab -e
5 2 * * * /usr/bin/php /srv/www/analys.trelleborg.se/current/matomo/console core:archive --url=https://www.trelleborg.se/ > /dev/null
5 2 * * * /usr/bin/php /srv/www/whitespace.analys.co/current/matomo/console core:archive --url=https://whitespace.se/ > /srv/www/whitespace.analys.co/logs/matomo-archive.log
Optimize database
./console database:optimize-archive-tables all
Mysql
max_allowed_packet=128M
## Alternative
thread_cache_size = 128
query_cache_size = 64M
query_cache_limit = 16M
query_cache_type=1
Nginx
https://github.com/matomo-org/matomo-nginx/blob/master/sites-available/matomo.conf
server {
listen [::]:80; ## remove this if you don't want Matomo to be reachable from IPv6
listen 80;
server_name matomo.example.com;
## Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
location / {
return 301 https://$host$request_uri;
}
}
server {
listen [::]:443 ssl http2; ## remove this if you don't want Matomo to be reachable from IPv6
listen 443 ssl http2;
server_name matomo.example.com; ## list all domains Matomo should be reachable from
access_log /var/log/nginx/matomo.access.log;
error_log /var/log/nginx/matomo.error.log;
### uncomment if you want to enable HSTS with 6 months cache
### ATTENTION: Be sure you know the implications of this change (you won't be able to disable HTTPS anymore)
#add_header Strict-Transport-Security max-age=15768000 always;
### replace with your SSL certificate
ssl_certificate /etc/letsencrypt/live/matomo.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/matomo.example.com/privkey.pem;
include ssl.conf; ## if you want to support older browsers, please read through this file
add_header Referrer-Policy origin always; ## make sure outgoing links don't show the URL to the Matomo instance
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
root /var/www/matomo/; ## replace with path to your matomo instance
index index.php;
### only allow accessing the following php files
location ~ ^/(index|matomo|piwik|js/index|plugins/HeatmapSessionRecording/configs)\.php {
include snippets/fastcgi-php.conf; ## if your Nginx setup doesn't come with a default fastcgi-php config, you can fetch it from https://github.com/nginx/nginx/blob/master/conf/fastcgi.conf
try_files $fastcgi_script_name =404; ## protects against CVE-2019-11043. If this line is already included in your snippets/fastcgi-php.conf you can comment it here.
fastcgi_param HTTP_PROXY ""; ## prohibit httpoxy: https://httpoxy.org/
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; #replace with the path to your PHP socket file
#fastcgi_pass 127.0.0.1:9000; ## uncomment if you are using PHP via TCP sockets (e.g. Docker container)
}
### deny access to all other .php files
location ~* ^.+\.php$ {
deny all;
return 403;
}
### serve all other files normally
location / {
try_files $uri $uri/ =404;
}
### disable all access to the following directories
location ~ ^/(config|tmp|core|lang) {
deny all;
return 403; ## replace with 404 to not show these directories exist
}
location ~ /\.ht {
deny all;
return 403;
}
location ~ js/container_.*_preview\.js$ {
expires off;
add_header Cache-Control 'private, no-cache, no-store';
}
location ~ \.(gif|ico|jpg|png|svg|js|css|htm|html|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2|json)$ {
allow all;
### Cache images,CSS,JS and webfonts for an hour
### Increasing the duration may improve the load-time, but may cause old files to show after an Matomo upgrade
expires 1h;
add_header Pragma public;
add_header Cache-Control "public";
}
location ~ ^/(libs|vendor|plugins|misc/user|node_modules) {
deny all;
return 403;
}
### properly display textfiles in root directory
location ~/(.*\.md|LEGALNOTICE|LICENSE) {
default_type text/plain;
}
}
## vim: filetype=nginx
API
https://github.com/VisualAppeal/Matomo-PHP-API
https://matomo.org/docs/tracking-api/
Plugins
- IPReports -Aadds additional reports "Top IP-Addresses" and "IPv4 / IPv6 usage" to Matomo - https://github.com/sgiehl/piwik-plugin-IPReports
- KPIWidgets - Displays KPI in widgets on the Matomo dashboard - https://github.com/ronan-hello/matomo-kpi-widgets
- LiveTab - Keep an eye on the number of live visitors in the browser tab - https://github.com/tsteur/matomo-livetab-plugin
- PerformanceAudit - Daily performance audits of all your sites in Matomo based on Google Lighthouse - https://github.com/DevDavido/performance-audit-plugin
By Matomo
- Device Detector Cache - Makes device detection in Matomo faster by having cached entries for many commonly used user agents - https://github.com/matomo-org/plugin-DeviceDetectorCache
- MarketingCampaignsReporting - Measure the effectiveness of your marketing campaigns - https://github.com/matomo-org/plugin-MarketingCampaignsReporting
- Provider - Reports the Internet Service Provider of the visitors - https://github.com/matomo-org/plugin-Provider
- SecurityInfo - Provides security information about your PHP environment and offers suggestions based on PhpSecInfo from the PHP Security Consortium - https://github.com/matomo-org/plugin-SecurityInfo
Performance
https://matomo.org/docs/requirements/#recommended-servers-sizing-cpu-ram-disks
Tracking 100,000 page views per month or less
While Matomo can scale to millions of pages, it is also very efficient to run on a smaller scale, even on a shared hosting account.
- One server is sufficient to host both the database and app server
- App server minimum recommended configuration: 2 CPU, 2 GB RAM, 50GB SSD disk.
Tracking 1 million page views per month or less
- One server can be sufficient to host both the database and app server
- App server minimum recommended configuration: 4 CPU, 8 GB RAM, 250GB SSD disk.
Tracking 10 million page views per month or less
- Two servers recommended
- 1 x App servers, at least 8 CPUs, 16 GB RAM, 100GB SSD disk.
- Or 2 x App servers, at least 4 CPUs, 4 GB RAM, 100GB SSD disk.
- 1 x Database server, at least 8 CPUs, 16 GB RAM, 400GB SSD disk.
- 1 x App servers, at least 8 CPUs, 16 GB RAM, 100GB SSD disk.
Tracking 100 million page views per month or less
- Three servers at minimum recommended:
- 3 x App servers (or only 2x), with each: 16 CPUs, 16+ GB RAM, 100GB SSD disk.
- 1 x Database server, at least 16 CPUs, 32 GB RAM, 1 TB SSD disk.
- optionally 2 x DB servers: second one replicated and configured as reader/slave
- 1 x Load balancer
- 1 x CDN recommended
Tracking more than 100 million page views per month
You will need at least the following:
- Five servers at minimum:
- 3 x App servers (or more), with each: 16 CPUs, 16+ GB RAM, 100GB SSD disk.
- 2 x Database server, at least 16 CPUs, 32 GB RAM, 1 TB SSD disk.
- replicated and configured as reader/slave
- 1 x Load balancer
- 1 x CDN