new to piwik and I’d like to put the piwik management interface inside an apache’s (htaccess) password protected directory. Since I know it’s supposed to return some javascript tag to put in the website which I’m guessing is supposed to somehow communicate with the piwik management interface then I figured that this might be a problem.
I would like to be able to allow access to the web admin from a handful of IP addresses. Best I can tell, if I lock down the whole directory then nothing will be able to log hits. Basically, I want to log from a number of domains on different servers, but I only want the login page available to a set group of IP addresses. Is there a way to do this? What files need world access and what files can I restrict down?
Thanks for your help,
Dan
We ristrict login to some IP-Adresses via httpd.conf (or .htaccess as you like).
We use
<Location /piwik/index.php>
Order deny,allow
Deny from all
Allow from [IPAdresses]
</Location>
<Location /piwik/piwik.js>
Order allow,deny
Allow from all
</Location>
[quote=kaspar @ Oct 5 2009, 07:25 AM]We ristrict login to some IP-Adresses via httpd.conf (or .htaccess as you like).
We use
<Location /piwik/index.php>
Order deny,allow
Deny from all
Allow from [IPAdresses]
</Location>
<Location /piwik/piwik.js>
Order allow,deny
Allow from all
</Location>
kaspar[/quote]
Any way to do this under IIS? style_emoticons/<#EMO_DIR#>/wink.gif
new to piwik and I’d like to put the piwik management interface inside an apache’s (htaccess) password protected directory. Since I know it’s supposed to return some javascript tag to put in the website which I’m guessing is supposed to somehow communicate with the piwik management interface then I figured that this might be a problem.
Just wondering indeed if it is a problem or not…
Thanks.[/quote]
Hi!
I wanna do the same. I am using piwik in an htaccess secured domain!
The Piwik code we use on our sites but still need access to two files: piwik.js and piwik.php
So your htacess should look something like this:
AuthType Basic
AuthName "Piwik"
AuthUserFile "/home/whatever/.htpasswds/public_html/passwd"
<Files *.*>
require valid-user
</Files>
<Files piwik.js>
satisfy any
</Files>
<Files piwik.php>
satisfy any
</Files>
<Files robots.txt>
satisfy any
</Files>
So everyone will have access to piwik.php + piwik.js + robots.txt.
To the admins / piwik-team:
Is this correct? Does the piwik tracking code only need to connect to piwik.php and piwik.js or is there any other file who we need give access to?
“UI and API requests are funneled through index.php”
What does that mean exactly? Sorry my english isnt that good.
Does the tracking needs the index.php also?
Till yet (after 1 day) i see that something is tracked … the visitis. But it seems that some search engine data and website referal data and even some visits are not counted. style_emoticons/<#EMO_DIR#>/sad.gif
I thought free access to the piwik.php and piwik.js would be enough - is that wrong?
As long as i can see, the tracking code only connects to the piwik.php and the piwik.js - as marked below in the code.
So giving free access to those two files thru my htacess file should be ok and every visitor and every visitor-data (referal, screensize, and so on) should be tracked, am i right?
Isn’t even enough to give access only to piwik.js? We use it that way and visits are tracekd. See also this topic some days ago: forum.piwik.org/index.php?showtopic=1579
Edit: the way this forum handles links seems te be quite buggy…
no! i think you need free access to BOTH files, as you can see on my post from Yesterday, 11:22 PM. The script connects to piwik.php if javascript is disabled to count the visit. Maybe an official can tell us more?
Yes, also noticed that this board got a linking problem/bug.
kaspar: yes, there’s a bug in the forum code when typing in URLs. The workaround is to use bbcode.
all: .htaccess is a localized, runtime modifier. What works for you, may not work for others as it depends on your respective apache configuration (eg httpd.conf or .htaccess in a parent folder).
eugen: tracking does not use index.php; tracking only requires piwik.js and piwik.php. I seem to recall that SATISFY used in conjunction with ALLOW/DENY…