Piwik HTTP-URL not working because of htaccess


(susi_333) #1

Hi,
maybe its the wrong forum. I installed piwik, now I’d like to enter my data into the drupal module piwik.
Therefore I have the line “Piwik HTTP-URL” to fill out. The URL to Piwik is behind a htaccess file so I get the error "Fehler „Authorization Required“ fehlgeschlagen (HTTP-Code 401)."
Hmm any hints? However I need the htaccess file… Many thanks


(Matthieu Aubry) #2

Piwik won’t work with a htaccess as your visitors are querying the piwik.php which sits in your piwik path. If it is protected with a htaccess, then all your website visitors will be asked for their passwords.


(susi_333) #3

thanks you. is there a detailed description on how to make piwik save then? we doent want to be a second libri, facebook or studivz.
we have the option to use awstats offline, but piwik is much better. so we look for a safe way to use piwik either offline or make it as safe as possible if you know what i mean
many thanks for your help.


(Karlsson) #4

Nobody needs your piwik data, why do you want to protect them?


(vipsoft) #5

See http://dev.piwik.org/trac/wiki/API/IncludePiwikInYourProject – you can harden your install by moving some directories and/or files to private locations outside the document root.

And search the forum for htaccess. Some users have posted their success stories – depending on your configuration, your mileage may vary.


(susi_333) #6

ok I have to reply to that because I think thats really wrong. first of all thank you for your answers and your effort helping me.
Let me explain what I mean with an expample: think about google that core business it to sell advertising. imagine googles statstic would be accessible by everybody including the customers that buy advertising space.
In my case I much smaller (what a surprise) but I use awstats and piwik. If the customer can access the piwik data I have a problem especially if i used the analysis of awstats. in addition if I showed the customer a part of the analysis (that looks good) and he can access all the data I’m dumped.
I really need a instruction on how to make piwik safe and which files have to be accessible. I read through the forum and I’m really surprised that there is no FAQ or more on that. I read that the piwik.php & piwik.js must be accessible. any other files?
sorry but I cannot understand the point of view that the data must not be protected. As we are a creative commons project we really focus on the safty of the user data but also on the fundament on which our project is build - the webstatistic. I hope you understand that and dont kill me style_emoticons/<#EMO_DIR#>/smile.gif

//edit I would appreciate if there is like a public statement of the piwik admins which data must be accessible. I mean within the forum thats fine but some tell you that other other stuff. (if you know what i mean)


(susi_333) #7

Hi,
I just had a discussion about the safty of the piwic data.

My request:
In The FAQ or somewhere official there should be a statement on which files have to be accessible and which I can protect with a htaccess. At the moment you have to read through the forum and I dont really know whats right and whats wrong. I sill just know that the piwik.php & piwik.js must be accessile, any other files?

As you can see I’m not very much in programming and piwik. But nevertheless there should be an instruction on how to protect the piwik data with a htaccess file.
Many thanks.
In case I missed the instruction you can slap my ass and post me the link style_emoticons/<#EMO_DIR#>/laugh.gif


(vipsoft) #8

Please don’t cross-post across forums for the same topic. I’ve merged your suggestion here.

As I’ve said before, search the forums for sample htaccess files. (Example: http://forum.piwik.org/index.php?showtopic=1206 )

If you want to restrict access by granting only public access to the tracker, then piwik.js and piwik.php must be readable by all.

If you want to restrict access to the dasboard/gui, then guard access to index.php (using http auth, ip address, etc). Requests (except those for static files such as images, .css, and .js files) are funneled through a dispatcher, index.php.

You will have to adapt .htaccess files because it is dependent on your Apache configuration and environment. Note: this isn’t the best place to ask about how to configure Apache…