New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Piwik block by AdBlock even after renmaing piwik.php piwik.js #7364
Comments
I got this same error but I think this is difficulty for dev piwik |
I use rewriting and replace /piwik.php with juste /p. Works like a charm. |
Can You give any solution? I trying this but without success with uBlock - https://www.codelibrary.me/tag/ad-block/ |
This is what I did (but with a proxy-pass in the same domain). First remove "analytics" in the URL when you enter the rewrite rule and any word that can be seen as ads. Then if it's not enough, use a proxypass (http://httpd.apache.org/docs/2.2/fr/mod/mod_proxy.html) on your own domain, so your URL to call Piwik will just look like "/p" and "/j"
|
Guys, have you tried just replacing "piwik.php" and "piwik.js" in the tracking code with "js/", as described in https://github.com/piwik/piwik/blob/master/js/README.md? No .htaccess rewriting, file renaming, etc. needed. See also: I've been using that for years. Just make sure that the "piwik" string (or any other string blocked by the ABP) doesn't appear anywhere in the URL (i.e. domain name, directories). After coming across this issue report, I've just tried it again with ABP on Firefox and it doesn't block it. I checked the ABP "easyprivacy" list again, and it only checks for the "piwik" string anywhere in the URL. P.S.: Another solution is in https://piwik.org/faq/how-to/#faq_132, but that would require the server being able to make outbound connections. |
Non of all solution what You give not working with uBlock! I think the uBlock is hard to defeat. Only solution is use any server-side tracker. Piwik should use server-side tracking by default. |
@MESWEB From https://addons.mozilla.org/en-us/firefox/addon/ublock-origin/:
Any chance your Piwik URL doesn't pass any of those? |
There is following investigation necessary:
And if the block can be URL parameter based, it could be the time for a Piwik plugin where the user could freely change them. (I don't know how deep into the rabbit hole one would need to go to do that.) |
@MESWEB Piwik was using server-side (it was called phpMyVisites), but for many reasons (performances, security) it has been switched to client-side and it's a good thing. I use proxypass + url-rewriting (it's exactly equivalent to the solution mentionned by @Joey3000, but it is faster because it does not use PHP) and uBlock does not block this solution. |
Yes I know it and I try changing url or filenames and dynamic changed filenames with .htaccess with RewriteRuele but without effect. I saw something strange - Any of my browser (Opera, Chrome, Waterfox) hasn't be counted by piwik but when Author of the PIWIK goes on my site I see his log in PIWIK. So my question is WTF? I'm not only one with this strange bug. |
Maybe you missclicked on uBlock and add a filter in your browser try to reset uBlock. Else, if all your stuff is on the same domain, it should not be blocked as uBlock does not search in the response body but only in request URLs. |
Ok so I was able to go around Opera's built-in adblocker with some major changes to PiWik. I'm still testing to see if it holds together after deploy. This was tested only on a local server and PiWik self-hosted:
Changes I made to the PiWik installation files:
Do all this at your own risk, this is totally experimental. This probably breaks something in PiWik. Not thoroughly tested. |
@bdore would be great to be able to do that trough a plugin |
Keep in mind, instead of renaming any files, you should also be able to create symlinks:
This is much cleaner and at least uBlock seems to allow these requests as far as I checked for now. |
A lot of things are wrong here ! EasyList contains these basic rules :
Thus we have just to change in the tracking script
And a two URL rules in the webserver to map them to the original paths. It will work until the parameter list doesn't contain evident keywords like stat, log, track ... Blockers can try to be clever, but they will never broke the www. |
If you use the "proxy" script to hide the real URL of your Piwik server (see https://github.com/piwik/tracker-proxy) you can also use that to hide parameter names as well. When sending the JavaScript, just do a str_replace for "action_name=" to something else, e.g. "aname=" and then rename the $_GET parameter back to the original name. You should also rename this proxy script from "piwik.php" to something else. So - first replace "action_name" in the provided JavaScript from the Piwik server:
And this to accept "aname" as parameter but forward it as "action_name" in the server side CURL request to the Piwik server:
But be aware, that even the new parameter name "aname" may once get into filter lists as well - so you may have to use something else. |
@arnoweizel: where do place this code? In which file? |
@omarr1000: then you did something wrong. See the script here, which I use on my own server (https://arnowelzel.de): |
thx! now I got it, did write the code at the wrong line )-; |
I had to do 2 things:
ublocOrigin was blocking |
Hello, I tried some of the solutions from this issue, and somehow now my ad blocker is not blocking the request anymore!! I created links with the command And since I am using the angular plugin for matomo, I am overloading some of the code so I can change the BUT, now I have this error: I guess that the tracker cannot find the file p.php. But i have no idea where to change this. For example if I type in my browser the matomo instance But if I type I am so confused that I dont really know what to do, maybe the solution is pretty easy but I cant see that. Thank you for your help. UPDATE - 4th august: Since my matomo instance was served by an nginx web server, I updated the configuration file, and added the name file Maybe this will be helpful for someone. |
Does this still work, this is already a good 4 years old |
Yes - it still works, even with a current version of Matomo. The script I posted here is still in use on my own website and many others: |
It was even mentioned yet in 2015 ^^ Principle is that there are plenty different ad blockers trying to use different detection ways, you have to let nothing making possible to link the script to Matomo. |
but the tracking code seems to have changed and i am not really fit in javascript
how do I have to adjust this now? |
The proxy script does not need to be changed - it just loads the content of On my site, the script is then used this way:
And this works with Matomo just fine. No need for any JavaScript changes. Just put I also have page which shows the statistics of my site by using the Matomo API: https://arnowelzel.de/en/tools/statistics |
is it possible to enable and i have some functions like:
Also I get the message and I do not want to turn off nosniff |
You can substitude the
Note: See the available methods of the "old" API at https://developer.matomo.org/api-reference/tracking-javascript. About the cookie consent: I don't set a cookie at all ( |
I have written a very nice one for myself. |
@arnowelzel
The default tracking code did work... thx in advance (-; |
@omarr1000 The script has to be named |
sure I know, all done as you mentioned, is named pwproxy.php, in that file edited the correct path and auth_token $PIWIK_URL = 'https://sayami.de/path_to_matomo/'; with tracking ID you mean the SiteId? or the token_auth? |
(forget the comment about pwproxy.php - seems to be ok now) And yes, I talk about the TOKEN_AUTH, just follow the instructions in the script. And is https://sayami.de/path_to_matomo/ the correct path? If you run Matomo on another domain you have to put the domain here not some path inside sayami.de |
The Matomo path is in the same domain as described |
Then I don't know what's wrong, sorry. |
The
Does this trick still work in the latest version of Matomo? |
Hi,
the tracking protection in some browsers may detect the JavaScript calls
of Matomo even if URLs and variable names of obfuscated because of the
way how the scripts of Matomo behave. For example Vivaldi will block
requests by the Matomo script as malicous "ping" request.
So, yes, the script still works in the way that it can be used with the
latest version of Matomo as well (it is still in use this way on my own
website), but Matomo may get blocked anyway.
All the best,
Arno
On 11.01.2023 00:17, jsvtrlvrslv wrote:
The
https://arnowelzel.de/samples/piwik-tracker-proxy.txt
but the tracking code seems to have changed and i am not really fit in
javascript
The proxy script does not need to be changed - it just loads the content
of piwik.js from Matomo and replaces a number of parameter names so they
can be used with a different name.
On my site, the script is then used this way:
<script>
var pkBaseURL = "https://arnowelzel.de/";
document.write(unescape("%3Cscript src='" + pkBaseURL +
"pwproxy.php' type='text/javascript'%3E%3C/script%3E"));
</script><script>
try {
var piwikTracker = Piwik.getTracker(pkBaseURL + "pwproxy.php",
1);
piwikTracker.trackPageView();
piwikTracker.enableLinkTracking();
piwikTracker.disableCookies();
} catch( err ) {}
</script><noscript><p><img
src="https://arnowelzel.de/pwproxy.php?ids=1&rec=1" style="border:0"
alt="" /></p></noscript>
And this works with Matomo just fine. No need for any JavaScript
changes. Just put pwproxy.php with the content as shown in
https://arnowelzel.de/samples/piwik-tracker-proxy.txt and use it as
shown above.
I also have page which shows the statistics of my site by using the
Matomo API: https://arnowelzel.de/en/tools/statistics
Does this trick still work in the latest version of Matomo?
…--
Reply to this email directly, view it on GitHub [1], or unsubscribe [2].
You are receiving this because you were mentioned.Message ID:
***@***.***>
Links:
------
[1]
#7364 (comment)
[2]
https://github.com/notifications/unsubscribe-auth/ABSOU3RWEIRGELZT5YAVRRDWRXU2HANCNFSM4A5G26UQ
|
Hello, I'm playing with Matomo on premise and I found that some ad blockers like Adblock, ublock, etc. are blocking Matomo's JavaScript. Let me tell you how I solved it and apparently it's been working fine for a few days.
The hack consists of changing the URL of the requests, for which I did the following: Within the root directory of Matomo:
Make sure that the last "matomo.php" has a symbolic link created inside the "mt" directory. Added to the nginx configuration that the "mt" directory serves the index.php directly.
and now works with adblock and ublock without problem I hope this help M. |
Hi, Use
|
This almost works. The script is loaded just fine even with adblock, but the actual tracking request is still blocked. Not sure why but maybe the url parameters are filtered somehow. Having |
@twarkie Modern blockers do not only work based on URL patterns but also recognize the behaviour of trackers like Piwik/Matomo. For example uBlock Origin recognizes that as "tracker ping" request and will block that, no matter how you name parameters or URL. This is something you can not overcome. |
It is 2024, I'm trying to use Matomo, I use the browser Brave here. Well, Brave sure seems to be awesome at privacy, because it blocks matomo no matter what I do!
The above is working correctly, but somehow Brave still manages to find out it is a tracking request and blocks it. So all files have different names, the query parameters are completly different and obfuscated, and still, Brave manages to keep my privacy(and everyone elses! haha). I don't know what else I can do. Also, the default matomo.js script seems to only count Page Loads, so it does not really work with React Websites, Matomo does have an alternative to that, which is the Tag Manager, that generates and regenerates a custom matomo.js, 'destroying' all the possible corrections we have been doing in this thread, any ideas ? |
Modern blockers stop Matomo and other access tracking tools because of their behaviour and not because of specific URLs - and as far I know there is no way to circumvent this. |
Do you have any material that proves this? If you use a script on the same domain, pass the .php and only then, via the server side, send the .php to Matomo (external domain)... will this not solve the problem? |
Just look at the network requests list in the web developer tools and look for type "ping" requests which get blocked, for example with uBlock Origin enabled. This kind of block can not be circumvented since the behaviour is blocked, not an URL. |
That's the next thing I will try, I just need to find out how to get the stats from matomo.js so I can pack it and send it to my server in each page load and history change. I wonder if Brave marks variables with tracking/user information as "tainted" somehow and any attempt to "send" them out of the browser is blocked.(it would be really cool if they did that, and hard to manage lol) |
Também vou tentar isso. Quando tiveres novidades partilha! |
Hello, I have Piwik installed on my hosting with secret address: interes.site.com/sm/
and I have renamed piwik.php piwik.js to sm.php sm.js and I though it cannot by caught by AdBlock but unfortunately AdBlock on my Safari browser easily blocking Piwik and many other users with their Adblock (on Chrome, Firefox) out of my view :(
What can I do to avoid blocking Piwik?
Is it possible to avoid it?
The text was updated successfully, but these errors were encountered: