Post-deploy checklist for your Matomo instance

Find below the checklist for ensuring that your Matomo has been installed and configured with all best practises in place so your Matomo runs stable, fast and secure.

Important steps to be checked after the Matomo Analytics Enterprise is deployed

• ☐ When opening the Matomo URL starting with http:// , the page redirects to https://
• ☐ Login your Matomo as a Super User works.
• ☐ Make sure the plugins are Active in Matomo > Administration (cog icon) > Plugins. In particular the following plugins should be listed: AbTesting, ActivityLog, Cohorts, CustomAlerts, CustomDimensions, CustomReports, FormAnalytics, Funnels, HeatmapSessionRecording, InvalidateReports, LogViewer, MarketingCampaignsReporting, MediaAnalytics, MultiChannelConversionAttribution, QueuedTracking, RollUpReporting, SearchEngineKeywordsPerformance, TasksTimetable, UsersFlow, WhiteLabel.
• ☐ The only plugins with Inactive status should be the Provider and ProfessionalServices plugins and the few Example* plugins.
• ☐ System Checks should not display any error or warning and check that all checks are green in “Matomo > Administration > System check”. You may also run the diagnostics:run command.
• ☐ Test if you can send & receive an email report from Matomo. Go to “Matomo > Administration > Email reports”, add a new email report, then click Send Report now.
• ☐ Add the JavaScript tracking code in a test web page or a local test HTML page. Open the page in your browser. Then in the Matomo dashboard you should see the data being tracked and displayed in the Real time widget. Other widgets may have no data yet.
• ☐ The following files are accessible from the Internet and not blocked (for Tracking API):
  • /matomo.php and /piwik.php
  • /matomo.js and /piwik.js
  • /js/tracker.php
  • /js/container_*.js
  • /plugins/HeatmapSessionRecording/configs.php
• ☐ The following files are accessible from the Internet and not blocked (for Opt-out feature):
  • /index.php?module=CoreAdminHome&action=optOut
  • /plugins/CoreAdminHome/javascripts/optOut.js
  • favicon.ico
• ☐ If you run Matomo on a single server, and you haven’t changed the default setting to keep Internet features enabled (enable_internet_features = 0) then it is recommended to allow your Matomo server to connect to these Internet hostnames:
  • https://api.matomo.org (getting notified when a new release is available including security releases)
  • https://builds.matomo.org (for the one-click update to work)
  • https://plugins.matomo.org (for the Marketplace)
  • https://github.com
  • https://geolite.maxmind.com
• ☐ The crontab entry is created on at least one server and runs successfully. When the script fails with an error, an email is automatically sent to the team taking care of Matomo.
• ☐ Check that Matomo config file has been configured (Administration > Diagnostic > Config file, and look for recommended values in this faq.)
• ☐ When viewing the Actions > Page URLs report for Today, we see our test pageviews. This means the crontab script has already successfully processed the tracking data.
• ☐ Visitor IP addresses are correctly geo-located.
• ☐ Company logo and favicon is uploaded under Branding in “Matomo > Administration > General settings”.
• ☐ Database server is not accessible from the Internet.
• ☐ Logging is enabled on all servers and all log files are automatically backed up.
• ☐ Verify that access logs are enabled on the Matomo web server.
• ☐ The SQL queries for Transitions feature to work at scale have been executed.
• ☐ Servers are actively monitored and alerts are sent for warning and critical thresholds.
• ☐ Matomo service is continuously monitored by a web monitoring uptime check service.
• ☐ Restore the latest full database backup on a separate server, to verify that the MySQL database backup really works. This server could then become a Staging server.
• ☐ In the event where your Matomo server(s) go down, your websites and apps should be unaffected. We recommend you test the following scenario on your testing/staging environment: take your Matomo server(s) down entirely, and check that your websites/apps still work as expected and are unaffected (no user experience slowdown, no JavaScript errors).
• ☐ If Matomo tracks more than 10M actions/month, High performance configuration is in place.
• ☐ (optional) SMTP server is configured in Matomo for sending emails.
• ☐ (optional) If you need to query the raw data, a new Read-only MySQL user is specifically created.
• ☐ (optional) If anyone will be using your Matomo interface in languages that use non-latin characters (such as Japanese, Arabic, Hebrew, Chinese, etc.) the unicode font is downloaded.

If Matomo is deployed on 2+ servers, Multi-servers configuration is in place:

• ☐ Check that the same codebase is deployed on all servers and that there is in an easy and automated upgrade and deployment process.
• ☐ Check that the following files are synchronised across all servers:
  • /matomo.js and /piwik.js
  • /js/container_*.js
  • /misc/user/*
  • /config/config.ini.php
• ☐ If NFS is used for synchronising the few files (eg. matomo.js and container files) then we must have the NFS local caching feature enabled in NFS (so that if NFS goes down, it doesn’t affect the service).
• ☐ Check that config.ini.php settings include the multi servers environment.
• ☐ Check your database (MySQL/Mariadb) is replicated and test your DB failover procedure works as expected.
• ☐ If your DB is replicated, make sure the reader database is configured for optimal speed.
• ☐ If you’re expecting large peaks of traffic (and horizontal scaling instances is not an option), then check you have configured QueuedTracking using Redis or MySQL/Mariadb based queue, to gracefully handle peaks of traffic.