How to Install Matomo Web Analytics on Ubuntu 20.04
This tutorial exists for these OS versions
- Ubuntu 22.04 (Jammy Jellyfish)
- Ubuntu 20.04 (Focal Fossa)
- Ubuntu 18.04 (Bionic Beaver)
On this page
Matomo formerly known as Piwik is a free and open-source web analytics application that helps you to tracks online-visitors on your website. It is an alternative to Google Analytics software that gives you full control of your own website analytics and data without using third-party solutions. It is designed for small and medium-sized businesses that can be used to track Key Performance Indicators such as visits, downloads, goal conversion rates, keywords, and many more.
In this tutorial, we will show you how to install the Matomo web analytics software on Ubuntu 20.04 with Nginx and Let's Encrypt SSL.
Prerequisites
- A server running Ubuntu 20.04.
- A valid domain name pointed with your server IP.
- A root password is configured the server.
Getting Started
First, it is recommended to update your system packages with the latest version. You can update them by running the following command:
apt-get update -y
Once all the packages are updated, install other required dependencies by running the following command:
apt-get install curl wget vim git unzip socat gnupg2 -y
After installing all required packages, you can proceed to the next step.
Install LEMP Server
Matomo runs on a webserver, written in PHP and uses MySQL for the database. So the LEMP stack must be installed in your server. You can install it with the following command:
apt-get install nginx mariadb-server php7.4 php7.4-cli php7.4-fpm php7.4-common php7.4-curl php7.4-gd php7.4-xml php7.4-mbstring php7.4-mysql -y
Once the LEMP stack is installed, you can proceed to the next step.
Create Matomo Database
Matomo requires a database to store the analytics data. So you will need to create a database and user for Matomo.
First, log in to MariaDB with the following command:
mysql
After login, create a database and user for Matomo with the following command:
MariaDB [(none)]> CREATE DATABASE matomodb;
MariaDB [(none)]> GRANT ALL ON matomodb.* TO 'matomo' IDENTIFIED BY 'password';
Next, flush the privileges and exit from the MariaDB with the following command:
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> EXIT;
Once your database is created, you can proceed to the next step.
Download Matomo
First, download the latest version of Matomo to the Nginx web root directory from its official website with the following command:
cd /var/www/html/
wget https://builds.matomo.org/matomo.zip
Once downloaded, unzip the downloaded file with the following command:
unzip matomo.zip
Next, change the ownership of the matomo to www-data:
chown -R www-data:www-data /var/www/html/matomo
Once you are done, you can proceed to the next step.
Configure Nginx for Matomo
Next, you will need to create a new Nginx virtual host configuration file to serve Matomo.
nano /etc/nginx/sites-available/matomo.conf
Add the folowing lines:
server { listen 80; server_name matomo.linuxbuz.com; root /var/www/html/matomo/; index index.php; location ~ ^/(index|matomo|piwik|js/index).php { include snippets/fastcgi-php.conf; fastcgi_param HTTP_PROXY ""; fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; } location = /plugins/HeatmapSessionRecording/configs.php { include snippets/fastcgi-php.conf; fastcgi_param HTTP_PROXY ""; fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; } location ~* ^.+\.php$ { deny all; return 403; } location / { try_files $uri $uri/ =404; } location ~ /(config|tmp|core|lang) { deny all; return 403; } location ~ \.(gif|ico|jpg|png|svg|js|css|htm|html|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2|json)$ { allow all; } location ~ /(libs|vendor|plugins|misc/user) { deny all; return 403; } }
Save and close the file then activate the virtual host with the following command:
ln -s /etc/nginx/sites-available/matomo.conf /etc/nginx/sites-enabled/
Next, check the Nginx for any configuration error with the following command:
nginx -t
You should see the following output:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
Finally, restart the Nginx service to apply the changes:
systemctl restart nginx
At this point, Nginx is configured to serve Matomo. You can now proceed to the next step.
Secure Matomo with Let's Encrypt SSL
It is always a good idea to secure your website with Let's Encrypt SSL. First, install the Certbot Let's Encrypt client in your server with the following command:
apt-get install python3-certbot-nginx -y
Once installed, secure your website with Let's Encrypt SSL by running the following command:
certbot --nginx -d matomo.linuxbuz.com
You will be asked to provide a valid email address and accept the term of service as shown below:
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator nginx, Installer nginx Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): [email protected] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (A)gree/(C)ancel: A - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about our work encrypting the web, EFF news, campaigns, and ways to support digital freedom. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Obtaining a new certificate Performing the following challenges: http-01 challenge for matomo.linuxbuz.com Waiting for verification... Cleaning up challenges Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/matomo.conf
Next, choose whether or not to redirect HTTP traffic to HTTPS as shown bellow:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 1: No redirect - Make no further changes to the webserver configuration. 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you're confident your site works on HTTPS. You can undo this change by editing your web server's configuration. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Type 2 and hit Enter to finish the installation. You should see the following output:
Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/matomo.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Congratulations! You have successfully enabled https://matomo.linuxbuz.com You should test your configuration at: https://www.ssllabs.com/ssltest/analyze.html?d=matomo.linuxbuz.com - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/matomo.linuxbuz.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/matomo.linuxbuz.com/privkey.pem Your cert will expire on 2020-10-30. To obtain a new or tweaked version of this certificate in the future, simply run certbot again with the "certonly" option. To non-interactively renew *all* of your certificates, run "certbot renew" - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le - We were unable to subscribe you the EFF mailing list because your e-mail address appears to be invalid. You can try again later by visiting https://act.eff.org.
Now, your Matomo website is secured with Let's Encrypt SSL.
Access Matomo Analytics
Now, open your web browser and type the URL https://matomo.linuxbuz.com. You will be redirected to the Matomo welcome screen:
Click on the NEXT button. You should see the Matomo prerequisite check screen:
Click on the NEXT button. You should see the matomo database configuration screen:
Provide your database details and click on the NEXT button. You should see the following screen:
Click on the NEXT button. You should see the admin user setup screen:
Provide your admin username, password, email and click on the NEXT button. You should see the website setup screen:
Provide your website details and click on the NEXT button. You should see the following screen:
Click on the NEXT button. Once the installation has been completed, you should see the following screen:
Click on the CONTINUE TO MATOMO. You will be redirected to the Matomo login screen:
Provide your admin username, password and click on the SIGN IN button. You should see the Matomo dashboard in the following screen:
Conclusion
Congratulations! you have successfully installed and configured Matomo analytics with Nginx and Let's Encrypt on Ubuntu 20.04. YOu can now integrate your website with Matomo and start tracking your website. Feel free to ask me if you have any questions.