Anonymise Matomo domain inside the Javascript Tracking Code

metrprime · October 11, 2023, 10:04am

I am using Matomo daily and have the same https://www.domain.com/matomo-folder/ to track multiple different websites.

I use the JavaScript Tracking Code to setup the domains with Matomo tracking.

For a privacy and open-source focused Analytics, I would LOVE to be able to anonymize the Matomo domain used, instead of having it shown in the code - i.e. maybe it can be encrypted, maybe the whole JS can be encrypted or only the https://www.domain.com/matomo-folder/ can be encrypted.

If I am doing this wrong and there is a way to do it, please do tell : )

heurteph-ei · October 12, 2023, 8:48am

Hi @metrprime
I don’t really understand what you would like to do, as web tracking is done client-side, then if you look at the network console of the browser, you will ever be able to see the matomo server.

To achieve your wish, you can:

Use the Protect Track ID plugin

In order to protect idSite using hash instead default numeric.

Track using servers logs

Track using server-side API

Then client tracking is done through the API of your main app, and transferred to the Matomo server, like a kind of proxy.

metrprime · October 12, 2023, 12:19pm

@heurteph-ei can I just say THANK YOU! I had no idea i can use this plugin to hash the Matomo domain used for tracking, when using JS code.

OMG! this is EXACTLY what I was looking for, thank you sooooo soo much!

Thank you for the other suggestions as well, I’ll be dwelling into them as well to test them out.

Thank you!

ayk · November 13, 2024, 7:15pm

@metrprime Are you sure that it masks domain?
Because you selected as ‘Solution’, I installed the plugin, but it didn’t mask the domain, it only masks SiteId.
I don’t care SiteId, I want to mask the domain. Any suggestion for solution?

metrprime · November 15, 2024, 11:49am

yes it works, just checked my notes and setup, it’s a bit of figgling around with it. If you are still seeing the domain, you missed a step. Go back and check your PHP version, make sure you have all u need, check here plugin github: https://github.com/joubertredrat/Matomo-ProtectTrackID

Make sure u satisfy dependencies:

PHP 7.3.5 or above
bcmath, gmp and mbstring extensions

ayk · November 15, 2024, 6:22pm

PHP is 8, gmp was not active, I activated, so all 3 extensions are active now, but I still see domain. Anything missing?
Actually, both plugin name and github description only mentions about protecting ‘idSite’.

metrprime · November 16, 2024, 3:48am

so the javascript code you are gonna use will use the domain name itself, i.e. lets say matomo-server.com is the one you have where you keep your Matomo, and client.com is the domain where you install the Javascript.

The Javascript itself will have only “client.com” and the siteID as a number in it from what I recall, but it won’t have “matomo-server.com”.

Nobody knows the actual matomo-server.com, that gets protected at the server level in the JS script.

ayk · November 16, 2024, 7:46am

No, I see the main matomo-installed-domain in the JS code, neither client domain nor a masked domain.
Can you check your own JS code?

metrprime · November 16, 2024, 7:55am

i don’t think you will be able to see a masked domain, you gonna see the actual domain that it is installed on, i.e. “client.com” in the code. That’s when it shows it works fine.

ayk · November 16, 2024, 8:04am

I am ok if it shows client-domain, but I see matomo-installed-domain in all JS tracking codes.
Have you checked your own JS code?

metrprime · November 16, 2024, 8:36am

yes checked the server on my end and code , shows only client-domain.

are you saying u are seeing the server domain in the code?

ayk · November 16, 2024, 11:10am

Yes.
Have you applied any other method other than Protect Track ID plugin?
You are using On-Premise, right?
How can it be possible to have different results?