Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Different visitors with the same configuration visiting the site at same second, could be recorded as one visitor #4598

Closed
mattab opened this Issue · 1 comment

1 participant

Matthieu Aubry
Matthieu Aubry
Owner

report from Peter:

I think I found a bug in the tracker which affects every user. One of my customers wondered about having single Visitors who have actions with different IP adresses at peak hours.

After searching for a possible issue in the visitor recognition, I think I found the issue - it occurs, when visitors with the same userAgent / OS / Browserfeatures (which pretty much applies to every iPad / iPhone with the same iOS) accesses a page at the same second. These visits will all get the same visitor-ID. The cause of that can be found in piwik.js line 1489 (version 06ac8c0). This is because the IP-Address (or anonymized IP or any other unique salt) is not part of the hashing function, only userAgent,platform,features and the timestamp (in seconds). It is hard to track down in the stats, but this could be a quite big error in every piwik instance with more than one visitor per second

Can anybody confirm this?

possible fixes - "nowTs" should be replaced by something like "nowTsMs", a millisecond timestamp to reduce collisions. But this is not ideal, because there are instances with 200 and more visitors per second, so there will be collisions again

-> random salt

Matthieu Aubry
Owner

In 3e65466: Fixes #4598 Better UUID to avoid visitor collision on same second + same configs

Matthieu Aubry mattab added this to the 2.1 - Piwik 2.1 milestone
Matthieu Aubry mattab self-assigned this
Philip Taffner sabl0r referenced this issue from a commit in sabl0r/piwik
Thomas Steur tsteur Fixes #4598 Better UUID to avoid visitor collision on same second + s…
…ame configs
3e65466
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.