Matomo formerly known as Piwik is a free web analytics application that can be used to tracks online visits to one or more websites and displays reports on these visits for analysis. Matomo comes with lots of features including, Google AdWords, Facebook Ads, Yahoo! Search Marketing, Tracking and Reporting API, Cost Per Click (CPC) and many more.
In this tutorial, I am going to explain how to install Matomo on Ubuntu 18.04 LTS server.
Requirements
- A server running Ubuntu 18.04 LTS.
- A non-root user with sudo privileges.
Install LAMP Server
Matomo runs on the web server, written in PHP language and use MariaDB to store their data. So, you will need to install Apache, MariaDB, PHP and other required PHP modules to your system.
Update the Ubuntu repository and install PHP along with Apache and MariaDB with the following command:
sudo apt-get update -y sudo apt-get install apache2 mariadb-server php7.2 libapache2-mod-php7.2 php7.2-common php7.2-sqlite php7.2-curl php7.2-intl php7.2-mbstring php7.2-xmlrpc php7.2-mysql php7.2-gd php7.2-xml php7.2-cli php7.2-zip wget unzip git -y
Once all the packages are installed, start Apache and MariaDB service and enable them to start on boot time with the following command:
sudo systemctl start apache2 sudo systemctl enable apache2 sudo systemctl start mariadb sudo systemctl enable mariadb
Next, you will need to modify php.ini file. You can do this with the following command:
sudo nano /etc/php/7.2/apache2/php.ini
Make the following changes:
memory_limit = 256M upload_max_filesize = 200M max_execution_time = 360 date.timezone = Europe/Berlin
Save and close the file, when you are finished.
Configure MariaDB
Next, you will need to secure your MariaDB installation. You can do this by running the following script:
sudo mysql_secure_installation
Answer all the questions as shown below:
Enter current password for root (enter for none): Set root password? [Y/n]: N Remove anonymous users? [Y/n]: Y Disallow root login remotely? [Y/n]: Y Remove test database and access to it? [Y/n]: Y Reload privilege tables now? [Y/n]: Y
Once the MariaDB is secured, log in to MariaDB shell:
mysql -u root
Create a database and user with the following command:
MariaDB [(none)]> CREATE DATABASE matomodb; MariaDB [(none)]> CREATE USER matomo;
Next, grant privileges to the Matomo database with the following command:
MariaDB [(none)]> GRANT ALL PRIVILEGES ON matomodb.* TO 'matomo'@'localhost' IDENTIFIED BY 'mypassword';
Replace the word ‘mypassword’ with a secure password of your choice. Next, flush the privileges with the following command:
MariaDB [(none)]> FLUSH PRIVILEGES;
Next, exit from the MariaDB console with the following command:
MariaDB [(none)]> exit
Install Matomo
First, download the latest version of Matomo from their official website to the /tmp directory:
cd /tmp wget https://builds.matomo.org/piwik.zip
Next, unzip the downloaded file with the following command:
unzip piwik.zip
Then copy the extracted directory to the Apache root directory and give proper permissions:
sudo cp -r piwik /var/www/html/matomo sudo chown -R www-data:www-data /var/www/html/matomo/ sudo chmod -R 755 /var/www/html/matomo/
Finally, create an Apache configuration file for Matomo with the following command:
sudo nano /etc/apache2/sites-available/matomo.conf
Add the following lines:
<VirtualHost *:80> ServerAdmin [email protected] DocumentRoot /var/www/html/matomo ServerName example.com <Directory /var/www/html/matomo/> Options FollowSymlinks AllowOverride All Require all granted </Directory> ErrorLog ${APACHE_LOG_DIR}/matomo_error.log CustomLog ${APACHE_LOG_DIR}/matomo_access.log combined </VirtualHost>
Replace example.com and the email address [email protected] with your own domain name and email address. Save and close the file, then enable virtual host file and Apache rewrite module with the following command:
sudo a2ensite matomo sudo a2enmod rewrite
Restart Apache web service to apply all the changes:
sudo systemctl restart apache2
Enable SSL with Let’s encrypt for Matomo
In this step, we will enable SSL for Matomo by using a free Let’s encrypt SSL certificate. The first step is to install the certbot Let’s encrypt client which we will use to obtain the SSL certificate.
sudo apt-get install certbot python-certbot-apache
Request the SSL cert with this command:
sudo certbot --apache
IMPORTANT: The domain name or subdomain that you use for the RoundCube website must be accessible from the internet to get an SSL Cert. Certbot will ask a few questions now.
root@server: certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]
-------------------------------------------------------------------------------
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v01.api.letsencrypt.org/directory
-------------------------------------------------------------------------------
(A)gree/(C)ancel: a
-------------------------------------------------------------------------------
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about EFF and
our work to encrypt the web, protect its users and defend digital rights.
-------------------------------------------------------------------------------
(Y)es/(N)o: n
Which names would you like to activate HTTPS for?
-------------------------------------------------------------------------------
1: example.com
-------------------------------------------------------------------------------
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for example.com
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/apache2/sites-available/matomo-le-ssl.conf
Enabled Apache socache_shmcb module
Enabled Apache ssl module
Deploying Certificate to VirtualHost /etc/apache2/sites-available/matomo-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/matomo-le-ssl.conf
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
-------------------------------------------------------------------------------
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
-------------------------------------------------------------------------------
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Redirecting vhost in /etc/apache2/sites-enabled/matomo.conf to ssl vhost in /etc/apache2/sites-available/matomo-le-ssl.conf
-------------------------------------------------------------------------------
Congratulations! You have successfully enabled https://example.com
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=example.com
-------------------------------------------------------------------------------
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/example.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/example.com/privkey.pem
Your cert will expire on 2019-07-10. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
The Matomo vhost is accessible by https now.
Access Matomo
Now, open your web browser and type the URL https://example.com, you will be redirected to the Matomo welcome page:
Now, click on the Next button. You should see the following page:
Here, make sure all the required module has been installed. Then, click on the Next button. You should see the following page:
Here, provide your Matomo database and username. Then, click on the Next button. You should see the following page:
Now, click on the Next button. You should see the following page:
Here, provide your admin username and password. Then, click on the Next button. You should see the following page:
Now, provide site name, website URL. Then, click on the Next button. You should see the Tracking code for Matomo site in the following page:
Now, click on the Next button. Once the installation has been completed. You should see the following page:
Now, click on the CONTINUE TO MATOMO button. You should see the following page:
Now, provide the Admin login credentials and click on the SIGN IN button. You should see the Matomo Dashboard in the following page: