GoAccess - You do not need proprietary javascript to get analytics

Published 2020-08-23 on Anjan's Homepage

I run noscript in my web browser to block javascript by default. I often come across blogs that are fully functional with javascript disabled but ask to run some javascript. The javascript the blog asks to run is usually used to provide the webmaster with analytics about the users. The automatic loading of proprietary javascript is especially problematic if the javascript is served by a third party domain. Since you cannot control the security or personal ethics of the third party domain, you are putting your users at risk of downloading malware. The loading and execution of javascript also increases the load times of your website.

1 The problem and alternative solution

For a long time, I just didn't do any analytics because I thought running proprietary javascript (google analytics) was the only way. Not running any analytics has a number of disadvantages:

  1. You are not able to debug which pages might be down or not working
  2. You don't have insight into which pages are the biggest burden to serve
  3. You don't know what content attracts visitors
  4. You don't get a hit of dopamine by observing the growth of your blog

I found a solution that gives me insight into my website but preserves user freedom. "GoAccess, is an open source real-time web log analyzer and interactive viewer that runs in a terminal in *nix systems or through your browser". Basically, goaccess reads in nginx or apache log files and outputs various analytics about your site.

On my server, I run the following command to analyze my nginx logs:

zcat -f /var/log/nginx/access.log*.gz | cat /var/log/nginx/access.log -  | grep -v | goaccess -f -

nginx compresses older access logs into access.log*.gz so I used zcat to decompress and concatenate all the archives. The ip address: represents http requests from my LAN. I only want to analyze traffic on WAN so I excluded by running grep -v where the -v flag "selects non-matching lines".

When goaccess opens, I select "NCSA Combined Log Format" and press Enter. Finally, I get the following output:

I prefer cli output but you can also get an html webpage to view.

2 My privacy policy

Since IP addresses can be used to track users, I obfuscate ip addresses with nginx. I left "log full ip address on hack / access denied attempts" on as the tutorial suggests. Logging IPs on error allows me to use tools like fail2ban to ban ip addresses that are trying to bruteforce my server. I also setup log rotation to delete my nginx logs older than 7 days. The log data stays on my server and is not exported to any other third party.

Hopefully goaccess gives you more motivation to write!

Have a comment on one of my posts? Start a discussion in my public inbox by sending an email to ~anjan/public-inbox@lists.sr.ht [mailing list etiquette]

Articles from blogs I follow around the net

These articles/blogs do not represent my own opinions or views.

Linux development is distributed - profoundly so

The standard introduction to git starts with an explanation of what it means to use a “distributed” version control system. It’s pointed out that every developer has a complete local copy of the repository and can work independently and offline, often contra…

via Blogs on Drew DeVault's blog September 2, 2020

Eshell versus M-x shell

I’ve used and defended Eshell for years. Sadly, Eshell has some long standing issues that I grew tired of in the long run. So I’ve decided to switch to M-x shell and see how much of my Eshell workflow I could port. Language and the underlying shell pr…

via Pierre Neidhardt's homepage June 26, 2020

Thermoelectric Stoves: Ditch the Solar Panels?

Wood stoves equipped with thermoelectric generators can produce electricity that is more sustainable, more reliable, and less costly than power from solar PV panels.

via LOW←TECH MAGAZINE May 26, 2020

Generated by openring