[nycphp-talk] Web Traffic Analytics
inforequest
1j0lkq002 at sneakemail.com
Sat Jul 23 13:41:57 EDT 2005
This is another case of convenience and perhaps customer ignorance trumping security. These are log-file analysis programs, which operate after-the-fact on server files which contain proprietary company data. Do they really need to be "live" on a public web server?
We could go on for months about how users of analytics don't actually understand them, or use them properly, vs. how customers demand access to and over-value the reports, how we have to please the customer as a business model, etc. but the truth includes:
- users of log-based analytics don't need "real time" access (if they need "real time" knowledge, they should be using a diferent tool).
- every web coder should have technology for providing secure file access for customers, and web analytics (trade secret information) should be accessed that way - not via open http on a pubic web server.
Yes we need to satisfy the customer, but I also think that the PHP-talk list is the place to recognize this poor industry practice. Perhaps (gulp) duscussion could lead to some practice improvements. At the very least it needs to be acknowledged (?)
It might be commercially helpful if PHP-talk members provided expert advise to their customers on the issue, even as they provided the web-based solutions requested. Perhaps instead of meeting the competitive challenge by lowering price and offering the same stuff, one could diferentiate by doing so along with advice and caution on the poor practice?
-=john andrews
-----Original Message-----
From:
"Jeff Knight jeff.knight-at-gmail.com |nyphp dev/internal group use|" <...>
Sent: Jul 19, 2005 11:49 AM
To: NYPHP Talk <talk at lists.nyphp.org>
Subject: Re: [nycphp-talk] Web Traffic Analytics
I see attemts to hit awstats as the number one suspicious activity in
my error logs for the last six months. I really like the program, but
please make sure to patch it and read all the information about
securiing it. Also, rename it and stick it in an odd-named directory
just to add that extra layer of obscurity.
On 7/19/05, Eric K. <kigathi at gmail.com> wrote:
> I have access to Webalizer, Analog and AWStats but I find AWStats to
> be the most thorough and my clients really like the granularity of the
> reports (breakdown by day, time of day, month, hits, visits, bytes
> transfered, referring sites, search engines & keywords etc etc)
>
> Take a look here:
> http://awstats.sourceforge.net/cgi-bin/awstats.pl
>
> I've had to patch it a couple of times due to security issues but
> otherwise it's been great, I'd definitely recommend it.
>
> On 7/18/05, Matt Morgan <matt at jiffycomp.com> wrote:
> > Matthew Terenzio wrote:
> >
> > >
> > >
> > > Anyone have a favorite web traffic analytics program or service?
> > > Preferably free, but I 'd like some level of sophistication.
> > >
> > I used to really like Analog (http://www.analog.cx), but I haven't been
> > in charge of web stats for a while. It was nerdy and fairly manual, but
> > pretty capable. It's still maintained and updated, and has both free and
> > commercial support options.
> >
> > Lately I use webalizer but only because the Fedora package is easy to
> > install. I don't really know a lot about it.
> > _______________________________________________
> > New York PHP Talk Mailing List
> > AMP Technology
> > Supporting Apache, MySQL and PHP
> > http://lists.nyphp.org/mailman/listinfo/talk
> > http://www.nyphp.org
> >
> _______________________________________________
> New York PHP Talk Mailing List
> AMP Technology
> Supporting Apache, MySQL and PHP
> http://lists.nyphp.org/mailman/listinfo/talk
> http://www.nyphp.org
>
_______________________________________________
New York PHP Talk Mailing List
AMP Technology
Supporting Apache, MySQL and PHP
http://lists.nyphp.org/mailman/listinfo/talk
http://www.nyphp.org
More information about the talk
mailing list