Matomo Analytics Installation and Configuration

Matomo is an open-source, self-hosted web analytics platform providing detailed insights into website traffic and user behavior. With features comparable to Google Analytics, Matomo offers complete data control, GDPR compliance, and the ability to own your analytics data. This guide covers PHP setup, MySQL database configuration, Nginx installation, tracking implementation, and privacy settings.

Table of Contents

• Prerequisites
• System Requirements
• Web Server Installation
• PHP Configuration
• Database Setup
• Matomo Installation
• Web Server Configuration
• SSL Certificate Setup
• Admin Setup
• Tracking Implementation
• GDPR Compliance
• Backup Strategy
• Conclusion

Prerequisites

Ensure you have:

• Ubuntu 20.04 LTS or later
• Root or sudo access
• A registered domain name
• Minimum 2GB RAM (4GB+ recommended)
• 20GB available disk space
• Basic Linux administration knowledge

Update system:

sudo apt update && sudo apt upgrade -y

System Requirements

Verify system specifications:

Check OS version:

cat /etc/os-release
uname -m

Check available resources:

free -h
df -h

Web Server Installation

Install Nginx:

sudo apt install -y nginx

Start and enable Nginx:

sudo systemctl start nginx
sudo systemctl enable nginx

Verify Nginx:

sudo systemctl status nginx

PHP Configuration

Install PHP 8.0 or later with required extensions:

sudo apt install -y php-fpm php-cli php-common php-mysql php-xml php-mbstring php-json php-curl php-gd php-intl php-zip php-opcache php-pdo

Check PHP version:

php --version

Verify extensions:

php -m | grep -E "mysql|xml|mbstring|json|curl|gd|intl"

Configure PHP:

sudo nano /etc/php/8.0/fpm/php.ini

Update settings:

memory_limit = 256M
max_execution_time = 300
post_max_size = 100M
upload_max_filesize = 100M
date.timezone = UTC

Restart PHP-FPM:

sudo systemctl restart php8.0-fpm

Database Setup

Install MySQL Server:

sudo apt install -y mysql-server

Start and enable MySQL:

sudo systemctl start mysql
sudo systemctl enable mysql

Secure MySQL:

sudo mysql_secure_installation

Create Matomo database:

sudo mysql -u root -p << EOF
CREATE DATABASE matomo;
CREATE USER 'matomo'@'localhost' IDENTIFIED BY 'SecurePassword123!';
GRANT ALL PRIVILEGES ON matomo.* TO 'matomo'@'localhost';
FLUSH PRIVILEGES;
EXIT;
EOF

Test connection:

mysql -u matomo -p -h localhost matomo
EXIT;

Matomo Installation

Create web root directory:

sudo mkdir -p /var/www/matomo
sudo chown -R www-data:www-data /var/www/matomo
cd /var/www/matomo

Download latest Matomo:

cd /tmp
wget https://download.matomo.org/matomo-latest.zip
unzip matomo-latest.zip
sudo cp -r matomo/* /var/www/matomo/

Set correct permissions:

sudo chown -R www-data:www-data /var/www/matomo
sudo find /var/www/matomo -type f -exec chmod 644 {} \;
sudo find /var/www/matomo -type d -exec chmod 755 {} \;

Create tmp directory for Matomo:

sudo mkdir -p /var/www/matomo/tmp
sudo chown -R www-data:www-data /var/www/matomo/tmp
sudo chmod 755 /var/www/matomo/tmp

Web Server Configuration

Create Nginx configuration:

sudo nano /etc/nginx/sites-available/matomo

Add configuration:

upstream matomo {
    server unix:/var/run/php/php8.0-fpm.sock;
}

server {
    listen 80;
    listen [::]:80;
    server_name analytics.example.com;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name analytics.example.com;

    ssl_certificate /etc/letsencrypt/live/analytics.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/analytics.example.com/privkey.pem;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;

    root /var/www/matomo;
    index index.php;
    client_max_body_size 100M;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php/php8.0-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }

    location ~ /\. {
        deny all;
    }

    location ~ ^/(tmp|config) {
        deny all;
    }
}

Enable site:

sudo ln -s /etc/nginx/sites-available/matomo /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx

SSL Certificate Setup

Install Certbot:

sudo apt install -y certbot python3-certbot-nginx

Obtain SSL certificate:

sudo certbot certonly --nginx -d analytics.example.com

Verify certificate:

sudo openssl x509 -in /etc/letsencrypt/live/analytics.example.com/fullchain.pem -noout -dates

Set up auto-renewal:

sudo systemctl enable certbot.timer
sudo systemctl start certbot.timer

Admin Setup

Access Matomo installation wizard:

Navigate to https://analytics.example.com

Complete the setup wizard:

1. Database configuration:

   • Database host: localhost
   • Database name: matomo
   • Database user: matomo
   • Database password: SecurePassword123!

2. Create admin account with secure credentials

3. Configure first website to track

Tracking Implementation

Add Matomo tracking code to your website:

<!-- Matomo -->
<script type="text/javascript">
var _paq = window._paq = window._paq || [];
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
  var u="https://analytics.example.com/";
  _paq.push(['setTrackerUrl', u+'matomo.php']);
  _paq.push(['setSiteId', '1']);
  var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
  g.type='text/javascript'; g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
})();
</script>
<!-- End Matomo Code -->

Add to website HTML before closing body tag.

Verify tracking is working:

1. Add tracking code to website
2. Visit website
3. Check Matomo dashboard for visitor activity
4. May take 1-2 minutes to appear

Configure event tracking:

<script>
_paq.push(['trackEvent', 'Category', 'Action', 'Label']);
</script>

GDPR Compliance

Configure GDPR settings:

1. Administration → System → Privacy

   • Enable "Automatically anonymize visitor IP"
   • Set anonymization period

2. Administration → System → Consent Management

   • Enable "Require users to give consent"
   • Configure consent notice

Enable anonymization:

1. Go to Administration → Privacy
2. Enable IP anonymization (removes last byte of IP)
3. Set user data retention period

Configure data deletion:

1. Administration → System → Data Deletion
2. Set automatic deletion of visitor logs
3. Configure data retention periods

Backup Strategy

Create backup script:

sudo nano /usr/local/bin/matomo-backup.sh

Add:

#!/bin/bash

BACKUP_DIR="/backups/matomo"
MATOMO_DIR="/var/www/matomo"
DATE=$(date +%Y%m%d_%H%M%S)

mkdir -p $BACKUP_DIR

# Database backup
mysqldump -u matomo -p'SecurePassword123!' matomo | gzip > "$BACKUP_DIR/matomo-db-$DATE.sql.gz"

# Files backup
tar -czf "$BACKUP_DIR/matomo-files-$DATE.tar.gz" "$MATOMO_DIR"

# Keep only 30 days
find $BACKUP_DIR -type f -mtime +30 -delete

echo "Backup completed: $DATE"

Make executable:

sudo chmod +x /usr/local/bin/matomo-backup.sh

Schedule daily backups:

sudo crontab -e

Add:

0 2 * * * /usr/local/bin/matomo-backup.sh >> /var/log/matomo-backup.log 2>&1

Update Matomo:

1. Login as admin
2. Go to Administration → System → Update
3. Download and install latest version
4. Follow upgrade wizard

Conclusion

Matomo is now fully installed and configured as a comprehensive web analytics platform. With MySQL database, Nginx web server, SSL encryption, and GDPR compliance features, you have a powerful, privacy-respecting analytics solution. Track website traffic, monitor user behavior, and measure conversions without compromising visitor privacy. Regular backups and updates ensure system reliability and data protection.