[Privacy Issue] Hiding the URL In The Tracking Code


#1

The Javascript tracking code has a fixed URL in two places. The first being the pkBaseURL and in the second in the <img src=" at the bottom of the code.

This means that 3rd parties can discover other websites you own. As such, its a major problem for people and oranisations who wish to keep their Internet businesses private.

Is there an alternative or a modification that can be made to the tracking code, so the URL can be hidden?


(Thomas Seifert) #2

the tracking code needs to know about the url its loading from / posting to.
You could just run piwik on the same domain as the domain you are tracking.


#3

That’s not practical in some circumstances. For example, if you have 20 websites, then you need 20 installs.

I’d like to have one install of Piwik monitoring lots of sites, without running the risk of someone discovering all of them.


(Matthieu Aubry) #4

See some thoughts about this on the ticket: Document how to hide piwik server URL in the Javascript · Issue #2019 · matomo-org/matomo · GitHub

NOTE: we want to make it very easy to do this, I think the easiest solution is to create the piwik.php proxy

please test it and post all feedback in the ticket directly


#5

Thanks Matt. It’s good to know other people are thinking about this issue. :slight_smile:


#6

Bump - How do we get this fixed?


(Matthieu Aubry) #7

Now a beta is available: Document how to hide piwik server URL in the Javascript · Issue #2019 · matomo-org/matomo · GitHub