Urgent: Piwik cookie crash web server

afishler · May 29, 2011, 7:47am

Hello,

We are tracking traffic with Piwik on our pltaform using the JS Tracker API.

Our platform is managing multiple web sites, each gets a different site id.

We saw that for every web site there is a triplet of cookie created by piwik - _pk_id, _pk_ref, _pk_sess

After getting several of these - the web server suddenly returns a 400 bad request and cannot load the relevant site. When deleting the cookies it all returns to normal.

We are not sure if this is the number of cookies that is causing it or rather the contents of the cookie.

This is really urgent as I cannot instruct users to delete cookies…all over the web.

Any advice?

Regards,
Arie Fishler.

afishler · May 29, 2011, 7:53am

We now see that this is probably caused by the number of Piwik cookies. When it reached 48 piwik cookies - server returns a 400 bad request.

Any idea how to manage this?

ts77 · May 29, 2011, 9:19am

What webserver is that? Nginx?

And where do you really see 48 cookies for one site?
AFAIK there should be only one returned to one domain … .

afishler · May 29, 2011, 9:49am

yep…nginx. It is not for one domain, we manage multiple site ids so we get 3 cookies for each

I am currently looking at this to manage the situation. Question is if there is other stuff can be done.
http://blog.craz8.com/articles/2009/06/17/nginx-400-bad-request-errors-due-to-cookies-and-what-to-do-about-them

Thanks for the quick reply.

Arie

afishler · May 29, 2011, 9:56am

Is there a recommendations on setting this parameter for nginx
large_client_header_buffers

What would be the number of size recommended to work in accordance with Piwik?

Thank You,
Arie

ts77 · May 29, 2011, 10:57am

I don’t know what the recommended setting is but I’m running piwik on nginx with 6k sites with the following client header settings:


client_header_buffer_size       1k;
        large_client_header_buffers     4 16k;

(and thats from the old days where one additional cookie was set for each site)

afishler · May 29, 2011, 11:11am

Thank you - trying that

vipsoft · May 29, 2011, 2:40pm

afishler: Do you have 3 copies of the tracking code on each web page?

If visitors to the domain can be partitioned by path, I would suggest using setCookiePath().

afishler · May 29, 2011, 3:14pm

Each site has access to its own reports thus using a different site id. The reports for each site need to be separated.

matthieu · May 29, 2011, 11:44pm

Like Anthon said, you should use setCookiePath() to ensure cookies are set only in the path where you need them, not in the overall domain space