I’ve set up Piwik with it’s own domain plus an SSL certificate to keep it more secure. I changed config.ini.php to include the force_ssl option. So far so good.
However when checking server logs etc I noticed that tracking requests from my website to Piwik, which will be 99.9% from non-secure pages, are generating two entries. The first of these is a 301, converting the original http request to an identical https one, which is the second entry. This obviously has a small performance issue, especially when I’m using shared hosting and the calling site is on the same server.
I then changed the tracking script in my web pages - done via an include so it’s a single change - to remove the option to use the http call. I know I’ve done it the lazy way at the moment, and will fix this later unless it’s reversed out.
var u=(("https:" == document.location.protocol) ? "https" : "[i]https[/i]") + "://mywebsite.com/piwik/";
Now I’m still on the learning curve of web development, so don’t know if there are any implications for this change. I know it works, as the log files now have a single entry per tracking request. Can anyone see any problems with this approach?