New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Piwiks tracks visited https URLs as http #5312
Comments
This is I think by design because most users want them to be tracked under the same canonical URL. If you want to know for a pageview whether it was loaded under SSL or not, you could use a Custom Variable of scope "page" (for example track "HTTPS" = "Yes" or "Protocol" = "http/https"). See user guide Custom Variables. Maybe we could change the Visitor Log and display when HTTPS was used? |
Thank you, Matt! I'm going to have a look at the plugin and maybe I'll try to adapt it for an HTTP/HTTPS view. But nevertheless, the site(s) I was talking about have https canonical URLs. I'm wondering why Piwik still thinks that they should be tracked as normal http. There tracked as https "sometimes", like 1 out of 20. As said, these sites (WordPress) have an https base URL and my Varnish ensures that external requests are redirected to the SSL site. |
That's probably why they are shown as HTTP. if 100% of requests are tracked as https it should work HTTPS in links. Cheers |
I am running a site where anonymous users are served HTTP and authenticated HTTPS. Canonical URL is set for every page and it is always HTTP, and I can confirm the '1 out of 20' issue where some seemingly random HTTPS links pop up in Piwik. |
This issue was also reported in the forums: http://forum.piwik.org/read.php?2,126198
|
Any update on this issue ? Until now i was using self-signed SSL cert and i couldn't force https. I've switched to a CA delivering free SSL certs and i now force https on 1 site.
As far as i can tell, any visit (http or https) at the root of the site (mysite.com/) will be displayed as http in Piwik, but visits (http or https) on a subdirectory (mysite.com/test/) will be displayed correctly as https. I'm actually using the last stable version of Piwik : 2.16.0. |
I am wondering how a solution to this problem could look like. As far as I see, for each visited page (not per visit, just per page) an entry in the Visiting the same page again using another "prefix" does not seem to update this field. I assume that a HTTPS prefix is only stored if the page does not yet have an entry in this table. Is the information whether or not a certain page has been visited using HTTP or HTTPS stored somewhere else in the database? The current situation is confusing because the URLs of static pages will never change on many of the websites I maintain and thus the visits to these pages will be shown as HTTP instead of HTTPS. We serve our websites using HTTPS only for some weeks. |
Correct
Me too. One solution could be to have a new Website setting such as Maybe there is another better solution as well? |
Wouldn't a better solution to this be to have an option to not consider http and https the same thing and instead just show If there are use cases where you want to group http and https and represent them using a canonical http or https url in the visitor log, you could make it configurable.
|
Related to mattab's proposed solution… If you've chosen an HTTP or HTTPS URL in the site settings, shouldn't the statistics be presented using that protocol? We had a site that moved from http://example.com to https://example.com about 2 months ago. We have the https://example.com URL in the site settings. However from the Pages report if we looked at the Segmented Visitor Log it was still showing a mixture of HTTP and HTTPS URLs, even though all URLs are accessed over HTTPS. I tried to fix this by updating the log_action table and changing url_prefix from 0 to 2. Now all the URLs are consistently HTTPS. However in the heading of the report for the home page it still reads "Visit log showing visits where page URL is http://example.com". I don't know where it's getting this from! In the page overlay report for the home page it tries to use the HTTP URL as well. This results in a error logged from Javascript: "Found invalid iframe origin in hash URL: http://example.com". So it looks like the HTTP/HTTPS confusion is breaking the page overlay report as well. |
@mattab @tsteur what would be the preferred solution for this one? Based on the discussion above I would see the following possibilities:
Guess we could also think about combining option 1 + 2. |
I suppose this could result in a LOT of updates and then when viewing the visitor log it could often change from http to https and back? That's if both http and https is used (like mentioned in comments above) but would work if all traffic is changed from http to https.
Thinking that looks a bit complicated for users and would want avoid adding more settings there if any possible.
Not 100% sure. I think this be again a bit different issue/feature. Overall there are two different problems in this issue and I'm not sure if we're wanting to fix both: Feature A: treat http and https URLs as different and track them separately For Bug B: Some workaround could be checking if a matching site URL is defined in site settings, and for a matching domain checking what protocol is defined. If HTTPS is defined, we prefer using HTTPS. It could be a bit slow though as we have to parse every URL etc when preparing report / visits log. It's also not super user friendly but at least we don't show a setting that won't be needed be most people and it could be explained in an FAQ. I wouldn't really update existing log_action entries when the protocol is changed because existing reports might already include the HTTP anyway etc and I wouldn't mess around with log_action entries as it's hard to revert and there might be duplicates afterwards somehow etc. Could be done though. For Feature A: I would create an FAQ explaining to track this as a custom dimension as it's very rarely needed. We could add a setting but it would only add more complexity to the code etc when there might be already workarounds possible for custom dimensions depending on the user case. I know it's not crazy difficult to add a setting here, but lots of settings over time make things just harder everywhere and be good to avoid. If there are then still use cases where the custom dimensions aren't good enough we could still see. |
@tsteur I've created #17151 so at least the urls in visitor log & profile should be automatically changed to https if the https url is configured as site url. |
@sgiehl I would say it's good enough. For new users it's becoming less and less of an issue anyway since most sites don't use HTTP anymore etc and for existing users it should be mostly fixed by this. The mentioned FAQs would need to be created though and then could close the issue for now 👍 |
Here we still need to create the FAQ |
The FAQ title be like To be double checked / confirmed. Not sure if eg the HTTP URL would need to be removed or not. And to be confirmed if this only works for visits log / profile. |
The new FAQ explaining to set an HTTPS url in Measruables is here: https://matomo.org/faq/how-to/how-do-i-get-matomo-to-use-https-for-links-to-my-site-instead-of-http/ @tsteur is it needed to create a second FAQ for tracking a custom dimension to treat HTTPS and HTTP URLs as different or can this be closed now? |
I guess these days it's not really needed anymore and not needed that FAQ. btw that FAQ you linked to, the second part is not really clear how to actually do it. It be great to mention each step needed like
|
Hi! I'm running Piwik 2.3.0 on Apache HTTP behind an Nginx SSL Proxy. This is working fine and without the issues reported in the forums etc.
I use Piwik to track visits on a few websites that are also secured via SSL. All non-secured requests are redirected by Varnish, which means that no
http://
adresses should reach Piwik or the tracked website.Nevertheless, if an SSL-secured website is visited, Piwik shows the URL as normal
http://
in the visitors log and I can't find the cause for this.I already enabled $GLOBALS['PIWIK_TRACKER_DEBUG'] to have a look at the sent data:
This clearly shows that
https://
was used to visit the page, but the visitor log presents the URL ashttp://www.vanished.site/page/
.Is this probably a bug or am I missing something here?
Do you need further details?
Thank you!
Keywords: 2.3.0
The text was updated successfully, but these errors were encountered: