Ignore your own visits

[remidej]

Hello 👋

My analytics are biased by my own visits, making them not so reliable.

How could I block my own IP? Is there a way to set a an IP blacklist?

I found that #8 addresses this issue, but it's from 2014 and seems outdated. I can't find this setting in the current version.

Thanks

[electerious]

It's currently not possible to block IPs or your own visits, but that's definitely something we should add. IPs can change so they aren't the best way. I'm open for ideas!

[remidej]

It's true that IPs are not reliable.

It's a bit of a hack, but maybe we could rely on a localStorage key on the browser. We could set this variable from a browser's console, and no records for this browser would be saved.

This is not functional when you work with a team (especially non-technical people). But it would be good enough for my use case on a personal blog. I guess it depends on who Ackee is made for.

[BrookeDot]

This is also something that could be done within the implementation for example in Ackee Tracker (for node) or when the script is added.

[electerious]

It's a bit of a hack, but maybe we could rely on a localStorage key on the browser.

localStorage only works for the current domain. We therefore can't use localStorage to ignore sites on other (sub-)domains. It could work with cookies for sub-domains, but I'm not sure.

[Nesci28]

Maybe use an url param to set a trigger in Ackee to false, which would save the current ip address in a "blacklist" table in the DB, for X hours or until the param flag is set to true again.

this way would work cross domains.

[remidej]

In the meantime, I'm using my ad blocker to filter out my own requests.

I added my API endpoint to the list of trackers to block. I had to disable the ad blocker on my Ackee dashboard for it to work. It's working well

[tkw1536]

One option might be having a "global" variable on the window object that, if set, would disable tracking.

I imagine something like:

window.ACKEE_OPTOUT_HOSTS=["ackee.example.com"];

This would be very simple to implement in tracker.js, just a single if statement.

The variable could be set on developer machines using either a custom browser addon, or something generic like TamperMonkey.

[electerious]

We should distinguish between two things:

• Blocking ip addresses: This should be handled by a reverse proxy as I don't want to reinvent the wheel
• Blocking your own visits: This is where we should find a solution

Ideas are welcome. I'm still now sure what's the best solution.

[eznix86]

hey, just another idea,

• why not create an extension (Chrome,Firefox..), so that it injects some stuff, which make ackee to ignore the own visits.
• Or When logging into Ackee, it creates a cookie which is used to prevent own visits.

[electerious]

why not create an extension (Chrome,Firefox..), so that it injects some stuff, which make ackee to ignore the own visits.

It's an option, but it would be easier to use existing AdBlockers, because we would need to write an extension for every browser.

Or When logging into Ackee, it creates a cookie which is used to prevent own visits.

This won't work for domains located on different domains. At least as far as I know. Correct me when I'm wrong…

[tkw1536]

Or When logging into Ackee, it creates a cookie which is used to prevent own visits.

This won't work for domains located on different domains. At least as far as I know. Correct me when I'm wrong…

Cookies with SameSite=None will work in a cross-domain context. However with recent changes in Chrome and Firefox (not sure about other browsers) they need to have a Secure attribute as well, meaning they will only work with sites on https.

[electerious]

HTTPS only would be fine. I wouldn't recommend to track user data without HTTPS anyway. We should give cookies a try!

[eznix86]

So, we go for cross-domain cookie ?

[electerious]

Yes, we should give cookies a try.

[yehudab]

I think I have a working solution for this.
Will require fixes here and in https://github.com/electerious/ackee-tracker
I'll submit PRs shortly

[electerious]

Ackee v2.4 now ignores your own visits once you have logged into the dashboard. Make sure to enable the ignoreOwnVisits option in ackee-tracker to use this feature. It's currently opt-in, because it requires a new Access-Control-Allow-Credentials header, which wasn't previously required. It will be turned on by default in the next major release of Ackee.

ℹ️ Some browsers strictly block third-party cookies when Ackee runs on a different domain than the site you're visiting. Therefore, it may happen that your own visits still find their way into your statistics, even when the option ignoreOwnVisits is turned on.