Piwik not working behind SSL-Proxy

mv_alex · August 4, 2014, 8:36pm

Hello,

since a while I was using Piwik (last stable version) in a subdomain ( “stats.*” ) on shared web hosting without using encryption.

For the hosting company offering a SSL proxy (ssl-account.com) I decided to switch over to https in order to use an Android app as well in a secure way. So the URL is https : // ssl-account . com/stats.domain. tld/piwik/ (ignore spaces) now.

After reading some FAQ I added the following parameters to config.ini.php:


assume_secure_protocol = 1
proxy_client_headers[] = "HTTP_CF_CONNECTING_IP"
proxy_client_headers[] = "HTTP_CLIENT_IP"
proxy_client_headers[] = "HTTP_X_FORWARDED_FOR"
proxy_host_headers[] = "HTTP_X_FORWARDED_HOST"
reverse_proxy = 0
trusted_hosts[] = "stats.domain.tld"
trusted_hosts[] = "ssl-account.com"

But this doesn’t work properly:

[ul]
[li] Visitors are not longer being tracked!
[/li][li] There are no graphics for header or favicon (wrong links, e.g.: https : // ssl-account . com/piwik/misc/user/logo-header.png [ignore spaces]).
[/li][li] Dashboard of all websites doesn’t show any graphs.
[/li][/ul]

Login without encryption is - of course - not longer working, I am not able to switch.

So, in fact, I am not able to use Piwik at the moment and could really need some help with this issue!

Thanks a lot for any hint!

Regards, Alex

tristank · August 5, 2014, 7:59pm

same here. would appreciate help.

mv_alex · August 13, 2014, 3:56pm

Hi,

I’m sorry to push that, but I really do need support for this issue.

Thanks a lot!

mv_alex · August 31, 2014, 11:01am

Still need some help, pleeeaaase!

tristank · August 31, 2014, 12:22pm

Im with you.

matthieu · September 3, 2014, 10:34pm

Visitors are not longer being tracked!

if your visitors are not tracked after your change to SSL proxy then visit your website, do you see any error logged in the Developer tool console ? or any message about Content not loaded because of security?

mv_alex · September 4, 2014, 7:10pm

Hello Matt,

thanks a lot for answering!!

Just examined two websites referring to the same Piwik installation.

In the first, the tracking tag is used with http - there is no error, just a JS warning regarding mootools saying getAttributeNode() is depreceated and should be replaced by getAttribute().

On the second, the tracking tag uses https via the SSL proxy, and the site uses jquery instead. There are more warnings:

Warning: Using //@ to indicate sourceMappingURL pragmas is deprecated. Use //# instead
Quelldatei: http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Warning: http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js is being assigned a //# sourceMappingURL, but already has one

Warning: getPreventDefault() is depreceated.Use defaultPrevented instead. Source: http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Is this helpful for debugging?

Regards,
Alex

matthieu · September 4, 2014, 11:32pm

Hi Alex
these messages refer to the file ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js which is not Piwik

in the Network tab do you see any error or message ?

mv_alex · September 5, 2014, 6:28pm

Hi Matt,

I can’t see anything being loaded from my stats domain. ::o

Using Firefox, could you please explain me where I should find it either in the FF-Developer Console, in Firebug or in the Web Developer Toolbar?

Thanks a lot!

Regards,
Alex

matthieu · September 6, 2014, 8:27pm

Is your Piwik tracker found in your pages? do you maybe use browser extension like Ghostery or adblock plus that block piwik?

mv_alex · September 7, 2014, 11:50am

Oh, you are right. The last attempt was on a PC with AdBlocker installed.

I tried it once again: In the first website, the GET piwik.js request returns Status “200 OK”. But in fact nothing is being tracked since weeks.

In the second (https://) the request is aborted (probably a timeout at 2,25 s).

mv_alex · September 28, 2014, 7:51pm

I’m still hopefully searching for a solution …

Regards