Hi everybody, I’m new to the forum.
My compliments go to the development team! I’ve been using Piwik for about a month and I’m really satisfied of this tool, I’ve also twitted about it and suggested it to my friends as a valid alternative to Google Analytics.
Now I explain my problem: yesterday I recieved a suspicious visit, the incoming link is
(‘mysitename’ and ‘piwikfolder’ are two generic replacement to the real domain and the real piwik folder in the server).
That was a direct access,and I’m 100% sure it was not me, because:
- The browser is different from the one I use to browse and test my website;
- The operatig system is different;
- The IP shown doesn't include into the IP range that my ISP provides;
- As "ISP", the GeoIP plugin returns "unknown";
- As "City", the GeoIP plugin returns "unknown";
What do you think, should I take this a serious security warning?
I am really worried that this unknown user could find the password to my Piwik control panel or, worse, to the SQL databases (I suppose that Piwik stores them somewhere to write the analytics data).
What do you suggest me to do?
Sorry if my concern may seem poorly justified: I’m not an expert.
Also, sorry for my poor English, I’m trying my best to be understandable.
Thanks in advance for the help.