The idSite values in my installation started at one, and increase by one for every new site that I add. It worries me that at some point, a client may accidentally (or maliciously) change the idSite in their tracking code, thus collecting data into another client’s (site’s) account. As a rule, I do not alter the database, or make direct calls to the database to do the update myself as needed, as I cannot be assured that future Piwik versions wont change the structure of the DB and break my code.
I’d like to add some security through obscurity here and make the idSite values larger and random, in order to reduce the chances of something like this occurring. I would like to be able to do this through the API, but I do not see that as an option anywhere. Perhaps I’m missing something. Does anyone else see this scenario as a problem, and perhaps have a solution for it?