Unfortunately, Matomo (Piwik) is not compatible with the Apache web server module mod_security nor with CA SiteMinder. If your web host uses mod_security to block requests containing URLs (eg. hosts like HostGator, The Planet), you should contact your provider to have your Matomo application whitelisted and have mod_security disabled for Matomo.

With mod_security (or CA SiteMinder) is enabled Matomo (Piwik) will look like it works but these security modules create major bugs in Matomo, including major data loss as requests are mistakenly discarded by the server! For more information, see this ticket on Matomo issue tracker.

Some of the error messages you may see in Apache error log when using mod_security include client denied by server configuration:. When the other tool CA Siteminder is enabled, you may get: Due to the presence of characters known to be used in Cross Site Scripting attacks, access is forbidden. This web site does not allow Urls which might include embedded HTML tags..

Any questions?

Many answers and more information about Matomo you can find here:

We are social

Follow us: