I’ve a domain https://www.domain.com with a valid ssl certificate (only for this domain, no subdomains).
Piwik is running under http://piwik.domain.com.
To avoid warnings when a user requests my site by https (because connection is https, but piwik domain only http) I’ve configured apache with proxy so that I can access piwik by
RewriteRule ^/piwik$ /piwik/ [R=301] ProxyPass /piwik/ http://piwik.domain.com/ ProxyPassReverse /piwik/ http://piwik.domain.com/
But when I try to login on https://www.domain.com/piwik i get:
Form security failed. Please reload the form and check that your cookies are enabled. If you use a proxy server, you must configure Piwik to accept the proxy header that forwards the Host header. Also, check that your Referer header is sent correctly.
I already tried setting: Installation - Analytics Platform - Matomo
[General] ; This doesn't work, Images don't load ; assume_secure_protocol = 1 ; This is the correct header for mod_proxy proxy_client_headers = X-Forwarded-For
I’ve debugged and found out that piwik fails with the referer url because this is:
This is a local url and piwik don’t like local urls as referer when logging in.
So referer is set to request url.
How can i configure Piwik correctly?
Thanks a lot!!