Here’s something interesting: recently, our hosting provider deployed new server-side/server-wide protection (that could not be individually turned on or off) which interfered with our website and a single-instance multi-domain Piwik Analytics tracking software. How did we managed to solve this in a most elegant way?
Piwik Analytics – Non-Tracking Visitors Issue Solution/Fix
Here is a simplified topology of our setup:
hosting server > /website_1.com /website_1.com/piwik (installed & configured to use single database, single .js tracking code) /website_2.com (no piwik installation, used the same above .js code for tracking) /website_3.com (no piwik installation, used the same above .js code for tracking)
As you can see from the above, we have cleverly used a single Piwik instance for tracking all our websites on a single common server. Since everything was local, there were absolutely no issues whatsoever.
Until the mentioned upgrade on our hosting, when the problems with tracking from cross-domains stopped working, our tech support had absolutely no idea how to solve this issue and the answers were more-or-less generic, even recommending to stop using Piwik (ouch!). We cannot confirm this with any proof, but the cause of all the trouble is most probably XSS (cross-domain scripting) protection that recently kicked-in on our hosting.
All right, we had to start thinking out of the box. We noticed that Piwik still keeps tracking visits from website_1.com just fine, but “ignores” (does not see) the visits from our other domains. So, the solution literally presented itself, we decided to try something simple: install Piwik instances on the other 2 domains, but keep using same database from the original website_1.com installation:
hosting server > /website_1.com/piwik (installed & configured to use single database, and it's own .js code) /website_2.com/piwik (installed & configured to use single database as above, but it's own .js code) /website_3.com/piwik (installed & configured to use single database as above, but it's own .js code)
During the Piwik installation you must enter same database data (username, server/host, password, and database name) and Piwik will present you with an offer to re-use existing data or to delete it. Choose re-use/keep existing data option!
Additionally, you will come to a step to define SuperUser admin account, you cannot re-use the old/original one (which was created for website_1.com), so you must use another username/password and email combo. Don’t worry, you can remove them later in the Admin Dashboard.
CONCLUSION / SUMMARY
We have successfully satisfied and by-passed new security system on our hosting service, and kept Piwik installation in order, fully working and operational. Instead of single installation and single .js tracking code, we had to create separate /piwik installations (instances), and use separate .js tracking code for each of our websites.
However, we used the very same database and data, so each website_X.com/piwik instance reported the very same data, naturally. And any change in the settings on website_1.com/piwik was automatically reflected to the other two. But, the .js generated codes were different, and that was the important part.
Lastly, the obvious downside was the fact that on a single server we had to keep 3 different directories with Piwik, which would technically mean that we have to manually update their file system since, when you update first Piwik, others will read version from database and see that they were “already” updated before – wrong! Files in their directory will be still old! Just keep this fact in mind.