JavaScript Tracking tag (https) not working


#1

I am using Piwik 1.1.1 on a shared Linux server. The standard JavaScript tracking tag produced by Piwik does not produce any results:

<!-- Piwik -->
<script type="text/javascript">
var pkBaseURL = (("[b]https[/b]:" == document.location.protocol) ? "[b]https[/b]://stats.mydomain.com/" : "http://stats.mydomain.com/");
document.write(unescape("%3Cscript src='" + pkBaseURL + "piwik.js' type='text/javascript'%3E%3C/script%3E"));
</script><script type="text/javascript">
try {
var piwikTracker = Piwik.getTracker(pkBaseURL + "piwik.php", 1);
piwikTracker.trackPageView();
piwikTracker.enableLinkTracking();
} catch( err ) {}
</script><noscript><p><img src="http://stats.mydomain.com/piwik.php?idsite=1" style="border:0" alt="" /></p></noscript>
<!-- End Piwik Tracking Tag -->

However when I manually change the references from https to http, the tracking works fine:

<!-- Piwik -->
<script type="text/javascript">
var pkBaseURL = (("[b]http[/b]:" == document.location.protocol) ? "[b]http[/b]://stats.mydomain.com/" : "http://stats.mydomain.com/");
document.write(unescape("%3Cscript src='" + pkBaseURL + "piwik.js' type='text/javascript'%3E%3C/script%3E"));
</script><script type="text/javascript">
try {
var piwikTracker = Piwik.getTracker(pkBaseURL + "piwik.php", 1);
piwikTracker.trackPageView();
piwikTracker.enableLinkTracking();
} catch( err ) {}
</script><noscript><p><img src="http://stats.mydomain.com/piwik.php?idsite=1" style="border:0" alt="" /></p></noscript>
<!-- End Piwik Tracking Tag -->

Is there any reason why I shouldn’t change that?

Is this a bug? I reinstalled Piwik on a non-SSL / non-https subdomain, but the tags produced are exactly the same. I asked my web host about this, and they replied:

So my questions are:

  1. Is this a bug? i.e. Is there a way to modify Piwik in the next version so that this tracking tag will work on a shared server with a shared SSL certificate (not belonging to that domain)?

  2. Is there a simple way for me to configure Piwik to always create a tracking tag with http and no https?

  3. If I do #2, does that cause any problems or disadvantages?

Thanks


(Matthieu Aubry) #2

you can leave your tag as it is after your modification. The bug is that your website is not configured properly to handle https requests, this is not a piwik bug


#3

Thanks Matthieu.

Of course Piwik is already excellent software as it is. But this situation might affect many people, since it is a common situation for people using shared hosting not to have a dedicated SSL certificate, because this requires a dedicated IP address and is more expensive.

At the very least perhaps something could be added to the FAQ (“Piwik doesn’t track any visits and pages, and shows “No Data” in all reports”) saying that if you are using shared hosting and don’t have your own SSL certificate, if you are not seeing results, then you need to change the tag.

Manually changing the tag is fine if someone has just one or two websites, but if they are monitoring many, it would be convenient either to have an option in Piwik to create http (non-https) tags automatically, or for Piwik to handle the invalid certificate warning (either to give me an alert in the Dashboard or simply to accept the warning permanently or to automatically switch to http or something). I guess that would be a feature request…


(Matthieu Aubry) #4

Thanks for the suggestion, updated FAQ at Troubleshooting - Analytics Platform - Matomo


#5

Thanks for adding that, Matthieu.

I read the new FAQ entry, and there’s one thing I would like to clarify:

You wrote

But the thing is that I installed the tracking tag on http:// pages, and the tracking requests were still being sent via https.

Also maybe it would be helpful to mention in this FAQ entry something like, “If you are on shared hosting and don’t have your own SSL certificate, you may encounter this.”


(Matthieu Aubry) #6

But the thing is that I installed the tracking tag on http:// pages, and the tracking requests were still being sent via https.

That sounds unlikely, because Piwik will only send over https if the browser tells piwik that current page is https (“https:” == document.location.protocol in the JS code)


(Nimitz1061) #7

[quote=matthieu]

But the thing is that I installed the tracking tag on http:// pages, and the tracking requests were still being sent via https.

That sounds unlikely, because Piwik will only send over https if the browser tells piwik that current page is https (“https:” == document.location.protocol in the JS code)[/quote]

Actually, this sounds perfectly likely, because the browser can always switch protocols if https is available…

Bottom line as far as the application behavior is, neither Piwik or any other web application has much choice about which protocol it receives - and responding securely to a secure response is the most sane of the available options in responding to a secure access.

So - it is nice to note these things in the FAQ to some extent, but not really an application fault that I can see…

David