Is it possible to separate the admin and the log/tracker stream


We are new to Piwik and running a ‘prove of concept’ at the moment.
To harden Piwik some more, we like to limit the ip addresses that can connect to the piwik admin pages.
Is it possible to run that part of the application on another ip address or port number? So we can have a firewall limit this access to certain ranges of ip addresses for admin access? We use this mechanism with some of our jboss applications.

Or is there a way of doing this within piwik. In the documentation I only saw that we could limit the ranges that could track/log.

thanks in advance for any suggestions,


Maybe this helps:,99506

Tracking only needs access to piwik.php and piwik.js.

In my case I did the following:
/piwik contains
Softlink to piwik.js
Softlink to piwik.php

/admin contains the normal installation + .htaccess file that limits access.

Caveats I have noticed:
Tracking code needs to be corrected manually (points to /admin), not tested with new 1.11 tracking code
Wordpress Piwik plugin (and possible other plugins for other software) doesn’t like it. You can’t use it.