@robocoder opened this Issue on December 7th 2011 Contributor

For Apache and IIS, the Piwik installer will create .htaccess and web.config files, respectively, to provide an additional layer of security, e.g., blocking direct access to .php files.

Given the recommendation in http://piwik.org/faq/new-to-piwik/#faq_137 we should provide some hardening recommendations.

@mattab commented on December 7th 2011 Member

Nginx is covered by the github contrib: https://github.com/perusio/piwik-nginx#readme

I don't think we can do anything without installing in SSH, so not much we can do on our side.

Nginx & Piwik

As for lighttpd I'm not sure, but not many users use it. Maybe we can focus on Apache/IIS/Nginx.

@robocoder commented on December 7th 2011 Contributor

I'm thinking the Installer would detect nginx/lighttpd, and provide a popup (or collapsed div) to provide environment-specific recommendations.

@Findus23 commented on December 27th 2018 Member

There is now an official nginx config: https://github.com/matomo-org/matomo-nginx
Detecting nginx during setup is suggested here: https://github.com/matomo-org/matomo/issues/13589

In case someone wants to maintain an official lighttpd config a similar repo could be created.

This Issue was closed on December 27th 2018
Powered by GitHub Issue Mirror