Hi, I have been reading posts for the past few hours due to getting errors in the apache logs [id “981172”] related to piwik.php. and am really stil no wizer…
I have piwik on a vps withe several websites and another vps with several websites. The problem is that all sites are on a different domain to piwik and so does this mean that piuwik is of no use at all because turning mod security off for all sites is not really an option.
So my question becomes is there a custom rule I could create for mod security to play nice with piwik or do I really need to rethink piwik? and find another option, if there is one?
Im no wiz and so any tips appreciated and also would appreciate them being worded for the newbie. Thanks again
Thanks, I suspected as much and so have had to move to Open Web Analytics as disabling mod_security is quite out of the question in the world we live in.
from short experience the world of mod_security is a world of false positives. Note we only recommend to disable it for the Piwik service, not your other services.
For anyone else who isn’t overly keen on the idea of just switching off Mod_security here’s a list of the rules that we’ve tested and whitelisted for one matomo self-hosted account we use via WHM/CPanel.