bolt Valebyte VPS від $4/міс — NVMe, запуск за 60 секунд.

Отримати VPS arrow_forward
eco Початковий Туторіал

Installing Matomo (Pi

calendar_month Jun 02, 2026 schedule 21 хв. читання visibility 21 переглядів
Установка Matomo (Piwik) на VPS: Высокопроизводительная аналитика с Nginx, PHP и MySQL
info

Потрібен сервер для цього гайду? Ми пропонуємо виділені сервери та VPS у 50+ країнах з миттєвим налаштуванням.

Потрібен сервер для цього гайду?

Розгорніть VPS або виділений сервер за хвилини.

Тарифи VPS arrow_forward Виділені

Installation of Matomo (Piwik) on VPS: High-Performance Analytics with Nginx, PHP, and MySQL

TL;DR

In this detailed guide, we will step-by-step set up Matomo (formerly Piwik) – a powerful, open-source web analytics platform – on your Virtual Private Server (VPS). You will learn how to install and configure Nginx as a web server, PHP-FPM for dynamic content processing, and a MySQL/MariaDB database for storing analytical data. The result will be a high-performance and fully controlled analytics system, ensuring complete data privacy and independence from third-party services.

  • Full installation of Matomo 5.x on Ubuntu 24.04 LTS.
  • Configuration of Nginx 1.28+ as a web server.
  • Setting up PHP 8.3/8.4 with FPM for optimal performance.
  • Using MySQL 8.x or MariaDB 11.x for data storage.
  • Enabling HTTPS with Certbot for a secure connection.
  • Recommendations for backups, maintenance, and troubleshooting.

What we are setting up and why

Diagram: What we are setting up and why
Diagram: What we are setting up and why

In this guide, we will focus on deploying Matomo (formerly known as Piwik) – a powerful and flexible open-source web analytics platform. Matomo allows you to collect, analyze, and visualize data about your website or application visitors, providing deep insights into their behavior. Unlike many cloud solutions, Matomo gives you full control over your data, its privacy, and storage, which is especially important given the growing requirements for GDPR, CCPA, and other data protection regulations.

Ultimately, you will get a fully functional, high-performance analytics system running on your own VPS. This means that all data about your users will be stored on your server, under your full control, without being transferred to third parties. This is an ideal solution for those who value privacy, data security, and want to avoid subscription fees for cloud services, especially with multiple projects or high traffic volumes.

There are several alternatives to Matomo on the market. The most well-known is Google Analytics, which offers broad functionality but requires data transfer to the Google cloud. There are also cloud-managed versions of Matomo (Matomo Cloud), which relieve you of infrastructure concerns but are usually more expensive and still involve data storage with a provider. The choice of self-hosted Matomo on a VPS is driven by several key advantages: full data ownership, customization and integration capabilities, scalability to your needs, and often a lower total cost of ownership in the long run, especially for projects with high traffic or strict privacy requirements.

What VPS config is needed for this task

Diagram: What VPS config is needed for this task
Diagram: What VPS config is needed for this task

Choosing the right VPS for Matomo is critical to ensure stable operation and fast report loading. Matomo, especially with large data volumes and frequent requests, can be resource-intensive. Below are the minimum and recommended requirements for typical Matomo usage scenarios in 2026.

Minimum Requirements (for small websites, up to 10,000 visits per day):

  • CPU: 2 cores (e.g., Intel Xeon E5 or AMD EPYC).
  • RAM: 4 GB DDR4.
  • Disk: 100 GB NVMe SSD. NVMe significantly speeds up database and Matomo file operations.
  • Network: 200 Mbit/s, unlimited traffic or with a large reserve (at least 1 TB/month).
  • OS: Ubuntu 24.04 LTS (or similar Linux distribution).

Recommended VPS Plan (for medium websites, up to 100,000 visits per day, or multiple websites):

  • CPU: 4 cores (modern Intel/AMD).
  • RAM: 8-16 GB DDR4. More RAM will allow the system to cache more data, speeding up reports.
  • Disk: 250-500 GB NVMe SSD. It is important to have a reserve for database growth.
  • Network: 500 Mbit/s – 1 Gbit/s, unlimited traffic.

For deploying Matomo with the specified characteristics, you can consider a VPS with the specified characteristics. It is important to ensure that the chosen provider offers stable performance and reliable support.

When a dedicated server is needed, not a VPS

A dedicated server becomes necessary if your project has very high traffic (hundreds of thousands or millions of visits per day), requires maximum performance, full control over hardware, or specific hardware configurations (e.g., RAID arrays for the database). Matomo can generate very large volumes of data, and at a certain stage, not only the CPU or RAM but also the disk subsystem can become a bottleneck, which can be configured more flexibly on a dedicated server. For such scenarios, you should consider a suitable dedicated server.

Location: what it affects

  • Latency: The closer the server is to your primary audience, the faster Matomo will load for your users and the faster data will be collected.
  • Legislation: The server's location determines the applicable data protection laws. If your audience is in the EU, hosting the server in the EU can simplify GDPR compliance.
  • Availability: Choose locations with reliable data centers and good connectivity.

It is optimal to choose a location that is geographically close to most of your visitors to minimize delays in collecting and displaying analytical data.

Server Preparation

Diagram: Server Preparation
Diagram: Server Preparation

Before proceeding with the installation of Matomo and related software, you need to perform basic configuration of your VPS. We will use Ubuntu 24.04 LTS as the operating system, as it offers excellent stability and up-to-date software. It is assumed that you have already connected to the server via SSH using the root account.

1. System Update

Always start by updating the package list and the system itself to ensure you have the latest software versions and security patches installed.


sudo apt update && sudo apt upgrade -y

This command updates the package indexes and then installs all available updates without prompting for confirmation.

2. Creating a New User with Sudo Privileges

Working under the root account is insecure. Let's create a new user and grant them sudo privileges.


# Replace 'youruser' with the desired username
sudo adduser youruser
sudo usermod -aG sudo youruser

adduser will create a new user and prompt for a password and additional information. usermod -aG sudo will add the user to the sudo group, allowing them to execute commands with elevated privileges.

3. Setting up SSH Key Authentication

Using SSH keys is much more secure than passwords. If you haven't set it up yet, do it now. Generate a key on your local machine (if you don't have one):


# On your local machine
ssh-keygen -t ed25519 -C "[email protected]"

Then copy the public key to the server for your new user. Replace youruser and your_vps_ip with your details:


# On your local machine
ssh-copy-id youruser@your_vps_ip

Now you can disconnect from root and connect as youruser. After a successful connection, disable password authentication for root and, possibly, for all users to enhance security. Edit the file /etc/ssh/sshd_config:


sudo nano /etc/ssh/sshd_config

Find and change the following lines (or add them if missing):


PermitRootLogin no
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM yes

Save changes (Ctrl+O, Enter) and exit (Ctrl+X). Restart the SSH service:


sudo systemctl restart sshd

Important: Make sure you can log in with an SSH key before disabling PermitRootLogin and PasswordAuthentication. Otherwise, you risk losing access to the server.

4. Installing and Configuring the Firewall (UFW)

UFW (Uncomplicated Firewall) is a convenient utility for managing iptables. Let's configure it to allow SSH, HTTP, and HTTPS.


sudo apt install ufw -y              # Install UFW
sudo ufw default deny incoming       # Deny all incoming by default
sudo ufw default allow outgoing      # Allow all outgoing by default
sudo ufw allow ssh                   # Allow SSH (port 22)
sudo ufw allow http                  # Allow HTTP (port 80)
sudo ufw allow https                 # Allow HTTPS (port 443)
sudo ufw enable                      # Enable UFW
sudo ufw status verbose              # Check status

After enabling UFW, make sure you can still connect via SSH. If SSH is running on a non-standard port, replace sudo ufw allow ssh with sudo ufw allow 1234/tcp (where 1234 is your port).

5. Installing Fail2Ban

Fail2Ban scans server logs (e.g., SSH, web server) for suspicious activity (multiple failed login attempts) and temporarily or permanently blocks IP addresses of attackers.


sudo apt install fail2ban -y
sudo systemctl enable fail2ban
sudo systemctl start fail2ban

For basic Fail2Ban configuration, you can copy the default configuration file:


sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo nano /etc/fail2ban/jail.local

In the jail.local file, you can configure parameters such as bantime (ban time), findtime (period during which failed attempts are considered), and maxretry (maximum number of attempts). Ensure that sections for sshd and nginx-http-auth (needed later) are enabled (enabled = true). Restart Fail2Ban after changes:


sudo systemctl restart fail2ban

6. Installing Basic Utilities

Let's install a few useful utilities that may come in handy during the installation process and for monitoring.


sudo apt install git curl wget htop unzip -y

Now your server is ready for the installation of the core software for Matomo.

Software Installation — Step-by-Step

Diagram: Software Installation — Step-by-Step
Diagram: Software Installation — Step-by-Step

Now that the server is prepared, let's proceed with installing the necessary software: Nginx (web server), PHP-FPM (PHP processor), MySQL/MariaDB (database), and finally, Matomo itself. We will focus on the current software versions for 2026.

1. Nginx Installation

Nginx will act as a high-performance web server. Ubuntu 24.04 LTS usually comes with a sufficiently recent version of Nginx.


sudo apt install nginx -y              # Install Nginx
sudo systemctl enable nginx            # Enable Nginx autostart
sudo systemctl start nginx             # Start Nginx
sudo ufw allow 'Nginx Full'            # Allow HTTP/HTTPS in UFW for Nginx
sudo ufw delete allow 'Nginx HTTP'     # Delete old HTTP rules, if any
sudo ufw delete allow 'Nginx HTTPS'    # Delete old HTTPS rules, if any
sudo ufw delete allow http             # Delete HTTP rule, if any
sudo ufw delete allow https            # Delete HTTPS rule, if any
sudo ufw reload                        # Reload UFW rules

Check Nginx status:


sudo systemctl status nginx

You should see the status active (running).

2. PHP-FPM and Required Extensions Installation

Matomo is written in PHP. We will need PHP 8.3 or 8.4 (current versions for 2026) with PHP-FPM (FastCGI Process Manager) for efficient Nginx request processing. Let's install the necessary extensions.


sudo apt install php8.3-fpm php8.3-mysql php8.3-cli php8.3-gd php8.3-curl php8.3-xml php8.3-mbstring php8.3-intl php8.3-zip php8.3-opcache php8.3-dom -y

This command will install PHP 8.3 FPM, the MySQL driver, the CLI version of PHP, as well as important extensions for Matomo: GD (for graphs), cURL (for HTTP requests), XML/DOM (for XML processing), Mbstring (for multibyte strings), Intl (for internationalization), Zip (for archives), and Opcache (for accelerating PHP scripts).

Enable and start PHP-FPM:


sudo systemctl enable php8.3-fpm
sudo systemctl start php8.3-fpm

Check PHP-FPM status:


sudo systemctl status php8.3-fpm

You should see the status active (running).

3. MySQL/MariaDB Installation

Matomo requires a database to store all analytical information. We will install MariaDB Server 11.x (a modern alternative to MySQL).


sudo apt install mariadb-server -y     # Install MariaDB Server
sudo systemctl enable mariadb          # Enable MariaDB autostart
sudo systemctl start mariadb           # Start MariaDB

Run the MariaDB secure installation script to enhance security:


sudo mysql_secure_installation

Follow the instructions: set a password for the database root user, remove anonymous users, disallow remote root login, and remove the test database. Answer Y to all questions.

Create a database and user for Matomo:


sudo mysql -u root -p

Enter the password you set for the MySQL root user. Then execute the following SQL commands. Replace matomo_user and your_strong_password with your own values.


CREATE DATABASE matomo_db CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'matomo_user'@'localhost' IDENTIFIED BY 'your_strong_password';
GRANT ALL PRIVILEGES ON matomo_db. TO 'matomo_user'@'localhost';
FLUSH PRIVILEGES;
EXIT;

These commands create the matomo_db database, the matomo_user user with the specified password, and grant them all necessary access rights to this database.

4. Downloading and Installing Matomo

Let's download the latest stable version of Matomo (Matomo 5.x is assumed for 2026) from the official website and place it in a suitable directory.


cd /tmp
wget https://builds.matomo.org/matomo.zip # Download the latest version of Matomo
sudo mkdir -p /var/www/matomo            # Create directory for Matomo
sudo unzip matomo.zip -d /var/www/matomo # Unpack to target directory
sudo chown -R www-data:www-data /var/www/matomo # Set correct permissions
sudo find /var/www/matomo -type d -exec chmod 755 {} \; # Permissions for directories
sudo find /var/www/matomo -type f -exec chmod 644 {} \; # Permissions for files
rm matomo.zip                            # Delete archive

Setting www-data:www-data permissions is critically important, as the web server (Nginx) and PHP-FPM will operate under this user. This allows Matomo to create and modify necessary files (e.g., cache, logs).

Configuration

Diagram: Configuration
Diagram: Configuration

After installing all components, they need to be configured correctly for Matomo to function properly and securely.

1. Nginx Configuration for Matomo

Let's create a new Nginx configuration file for your domain. Replace your_domain.com with your actual domain.


sudo nano /etc/nginx/sites-available/matomo.conf

Insert the following configuration block. This configures Nginx to serve Matomo, using PHP-FPM and providing basic security. Pay attention to fastcgi_pass unix:/run/php/php8.3-fpm.sock; – this is the path to the PHP-FPM socket.


server {
    listen 80;
    server_name your_domain.com www.your_domain.com;
    root /var/www/matomo;
    index index.php index.html index.htm;

    # Ensure Matomo can be accessed via HTTPS
    # This block will be updated by Certbot for HTTPS
    location / {
        try_files $uri /index.php$is_args$args;
    }

    # Block access to sensitive Matomo files
    location ~ /(config|tmp|core|vendor)/ {
        deny all;
        return 404;
    }
    location ~ /\. {
        deny all;
        return 404;
    }
    location ~ \.ini$ {
        deny all;
        return 404;
    }

    # PHP-FPM configuration
    location ~ \.php$ {
        fastcgi_pass unix:/run/php/php8.3-fpm.sock;
        fastcgi_index index.php;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
        fastcgi_buffer_size 128k;
        fastcgi_buffers 4 256k;
        fastcgi_busy_buffers_size 256k;
        fastcgi_temp_file_write_size 256k;
    }

    # Static file caching configuration
    location ~ \.(js|css|png|jpg|jpeg|gif|ico|svg|webp)$ {
        expires 365d;
        add_header Cache-Control "public, no-transform";
    }

    # Additional security headers
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";
    add_header Referrer-Policy "no-referrer-when-downgrade";
}

Save the file, create a symbolic link, and test the Nginx configuration:


sudo ln -s /etc/nginx/sites-available/matomo.conf /etc/nginx/sites-enabled/
sudo nginx -t                          # Test config syntax
sudo systemctl reload nginx            # Reload Nginx

If the test is successful, Nginx should be ready.

2. PHP-FPM Configuration

For Matomo, it is recommended to increase some PHP limits. Open the php.ini file for PHP-FPM:


sudo nano /etc/php/8.3/fpm/php.ini

Find and modify the following parameters:


memory_limit = 512M               ; Minimum 256M, 512M is better for large installations
max_execution_time = 300          ; Increase for long archiving operations
post_max_size = 64M
upload_max_filesize = 64M
date.timezone = Europe/Berlin     ; Set your timezone, e.g., "Europe/Moscow"

Save changes and restart PHP-FPM:


sudo systemctl restart php8.3-fpm

3. SSL/TLS Installation with Certbot

Using HTTPS is absolutely essential for any web analytics. Let's install Certbot for automatic issuance and renewal of Let's Encrypt SSL certificates.


sudo apt install certbot python3-certbot-nginx -y
sudo certbot --nginx -d your_domain.com -d www.your_domain.com

Follow the Certbot instructions. It will ask for your email for notifications and agreement to the terms of service. After successful certificate issuance, Certbot will automatically update your Nginx config to redirect HTTP to HTTPS and use the new certificate. It will also configure automatic certificate renewal.

Check that automatic renewal is working:


sudo certbot renew --dry-run

If you see the message The dry run was successful, then everything is configured correctly.

4. Completing Matomo Installation via Web Interface

Now that the entire stack is configured, open your domain (https://your_domain.com) in a web browser. You will see the Matomo welcome page.

  1. Welcome: Click "Next".
  2. System Check: Matomo will check all system requirements. Ensure all items are marked green. If there are warnings, revisit PHP settings or access permissions.
  3. Database Setup: Enter the details you created earlier:
    • Database Server: 127.0.0.1 or localhost
    • Login: matomo_user
    • Password: your_strong_password
    • Database Name: matomo_db
    • Table prefix: matomo_ (can be left as default)
    • Adapter: PDO\MYSQL
    Click "Next". Matomo will create all necessary tables.
  4. Super User: Create a Matomo super user account. This is the main administrator account. Remember the login and password.
  5. Website Setup: Enter information about your first website to track (URL, timezone, etc.).
  6. JavaScript Tracking Code: Matomo will provide you with JavaScript code to embed on your website. Copy it and paste it before the closing </body> tag on all pages you want to track.

After this, you will be redirected to the Matomo dashboard.

5. Configuring Cron Jobs for Matomo

Matomo uses cron jobs for archiving reports. This is critically important for performance, as without it, Matomo will process reports in real-time, which will slow down the interface. Open crontab for the www-data user:


sudo -u www-data crontab -e

If this is the first time, choose an editor (e.g., nano). Add the following lines to the end of the file:


# Matomo archive processing
5     /usr/bin/php8.3 /var/www/matomo/console core:archive --url=https://your_domain.com/ > /var/www/matomo/tmp/logs/matomo-archive.log 2>&1

This command will run Matomo archiving every hour at 5 minutes past the hour, saving the output to a log file. Replace your_domain.com with your domain. Ensure the path to php8.3 is correct (you can find it using which php8.3).

6. Verifying Functionality

Ensure Matomo is accessible and working:

  • Open https://your_domain.com in your browser. You should see the Matomo login panel.
  • Try logging in with the super user account.
  • Check Nginx logs: sudo tail -f /var/log/nginx/access.log and sudo tail -f /var/log/nginx/error.log.
  • Check PHP-FPM logs: sudo tail -f /var/log/php8.3-fpm.log (path may vary).
  • Check Matomo archiving logs: sudo tail -f /var/www/matomo/tmp/logs/matomo-archive.log.

If you see traffic on your website, data will start appearing in Matomo after some time.

Backups and Maintenance

Diagram: Backups and Maintenance
Diagram: Backups and Maintenance

Regular backups and timely maintenance are key to Matomo's stable and reliable operation. Loss of analytics data can be critical, so it's important to have a recovery strategy.

1. What to Back Up

For Matomo, two main categories of data need to be backed up:

  • Matomo Database: Contains all collected analytical data, reports, website, and user information. This is the most crucial part.
  • Matomo Files:
    • /var/www/matomo/config/config.ini.php: Matomo's main configuration file, containing database connection details and other settings.
    • /var/www/matomo/plugins/: If you installed additional plugins, they need to be backed up.
    • /var/www/matomo/misc/: May contain custom files, such as favicons.
    • /var/www/matomo/js/: If you customized tracking JavaScript files.

2. Simple Auto-Backup Script

Let's create a simple script that will archive the Matomo database and key files, then move them to a separate directory. For greater reliability, it is recommended to use remote storage.


sudo mkdir -p /opt/backups/matomo
sudo nano /opt/backups/matomo/backup_matomo.sh

Insert the following script, replacing the database credentials, domain, and Matomo directory path:


#!/bin/bash

# Настройки
DB_USER="matomo_user"
DB_PASS="your_strong_password"
DB_NAME="matomo_db"
MATOMO_DIR="/var/www/matomo"
BACKUP_DIR="/opt/backups/matomo"
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
BACKUP_FILE_DB="${BACKUP_DIR}/matomo_db_${TIMESTAMP}.sql.gz"
BACKUP_FILE_FILES="${BACKUP_DIR}/matomo_files_${TIMESTAMP}.tar.gz"
LOG_FILE="${BACKUP_DIR}/backup_matomo.log"
RETENTION_DAYS=7 # Сколько дней хранить бэкапы

echo "--- Starting Matomo backup at ${TIMESTAMP} ---" >> "${LOG_FILE}"

# Бэкап базы данных
echo "Backing up database..." >> "${LOG_FILE}"
if mysqldump --user="${DB_USER}" --password="${DB_PASS}" "${DB_NAME}" | gzip > "${BACKUP_FILE_DB}"; then
    echo "Database backup successfully created: ${BACKUP_FILE_DB}" >> "${LOG_FILE}"
else
    echo "Error creating database backup!" >> "${LOG_FILE}"
    exit 1
fi

# Бэкап файлов Matomo (только конфиг и плагины)
echo "Backing up Matomo files..." >> "${LOG_FILE}"
if tar -czf "${BACKUP_FILE_FILES}" \
    "${MATOMO_DIR}/config/config.ini.php" \
    "${MATOMO_DIR}/plugins" \
    "${MATOMO_DIR}/misc" \
    "${MATOMO_DIR}/js"; then
    echo "Files backup successfully created: ${BACKUP_FILE_FILES}" >> "${LOG_FILE}"
else
    echo "Error creating Matomo files backup!" >> "${LOG_FILE}"
    exit 1
fi

# Удаление старых бэкапов
echo "Deleting old backups (older than ${RETENTION_DAYS} days)..." >> "${LOG_FILE}"
find "${BACKUP_DIR}" -type f -name "matomo_*.gz" -mtime +"${RETENTION_DAYS}" -delete
echo "Old backups deletion completed." >> "${LOG_FILE}"

echo "--- Matomo backup finished ---" >> "${LOG_FILE}"

Make the script executable:


sudo chmod +x /opt/backups/matomo/backup_matomo.sh

3. Setting Up Cron for Auto-Backup

Let's add this script to crontab so it runs automatically, for example, daily at 2 AM.


sudo crontab -e

Add the following line to the end of the file:


0 2 * * * /opt/backups/matomo/backup_matomo.sh >> /opt/backups/matomo/backup_cron.log 2>&1

This command will run the backup script every day at 02:00. The cron job output will be redirected to /opt/backups/matomo/backup_cron.log.

4. Where to Store Backups

Storing backups on the same server as the main service is extremely risky. In the event of a server failure, you will lose both the service and the backups. It is recommended to use:

  • External S3-compatible storage: Services like Amazon S3, DigitalOcean Spaces, Backblaze B2 offer reliable and inexpensive storage. You can use utilities like s3cmd, rclone, or awscli for uploading, integrating them into your backup script.
  • Separate VPS: You can set up a second, smaller VPS and use rsync or scp to transfer backups to it.
  • Local NAS/server: If you have your own infrastructure.

Integrating rclone into the script will allow sending backups to multiple cloud storage providers. Example of adding to the script (after archive creation):


# Добавьте в скрипт backup_matomo.sh после создания архивов
# rclone copy "${BACKUP_FILE_DB}" "my-s3-remote:matomo-backups/" >> "${LOG_FILE}"
# rclone copy "${BACKUP_FILE_FILES}" "my-s3-remote:matomo-backups/" >> "${LOG_FILE}"

You will need to configure rclone beforehand and create a remote repository (e.g., my-s3-remote).

5. Updates: rolling vs maintenance window

Keep Matomo and all components (Nginx, PHP, MySQL, OS) up to date for security and new features.

  • OS and Software Updates: Regularly run sudo apt update && sudo apt upgrade -y. For minor versions (e.g., PHP 8.3.x to 8.3.y), this can be done during working hours. For major updates (e.g., PHP 8.3 to 8.4), plan a maintenance window, as changes to Matomo's configuration or code may be required.
  • Matomo Updates:
    1. Always back up the Matomo database and files before updating.
    2. Download the new Matomo version from the official website.
    3. Unpack the files over the existing installation (excluding config/config.ini.php and tmp/).
    4. Run the update via the web interface or CLI: sudo -u www-data php /var/www/matomo/console core:update.
    Matomo usually offers "one-click updates" via the web interface, but for production servers, CLI updates are safer and more controlled.

Troubleshooting + FAQ

In this section, we will cover common issues you might encounter during Matomo installation and operation, and provide answers to frequently asked questions.

Matomo does not load or returns a 500/502 error

What to check: This is a common issue indicating problems with PHP-FPM or Nginx operation.

  1. Nginx Logs: Check /var/log/nginx/error.log for errors related to fastcgi_pass or access permissions.
  2. PHP-FPM Logs: Check /var/log/php8.3-fpm.log (or similar path) for PHP errors.
  3. PHP-FPM Status: Ensure PHP-FPM is running: sudo systemctl status php8.3-fpm.
  4. Nginx Status: Ensure Nginx is running: sudo systemctl status nginx.
  5. Permissions: Ensure the www-data user has full permissions for the Matomo directory: sudo ls -la /var/www/matomo.

How to fix: Restart Nginx and PHP-FPM. If it's a 502 error, increasing fastcgi_buffers in the Nginx config or memory_limit in php.ini often helps. Verify that the PHP-FPM socket path in the Nginx config (fastcgi_pass unix:/run/php/php8.3-fpm.sock;) matches the actual path.

Slow loading of Matomo pages or reports

What to check: Slow performance can be caused by several factors.

  1. Cron Jobs: Ensure that Matomo archiving cron jobs are configured and running. If archiving is not happening, Matomo will generate reports in real-time, which is very resource-intensive. Check sudo -u www-data crontab -l and the archiving logs.
  2. Opcache: Verify that PHP Opcache is enabled and correctly configured. Increase opcache.memory_consumption in php.ini if necessary.
  3. Server Resources: Use htop or top to monitor CPU and RAM usage during report loading. If CPU or RAM is consistently at 100%, your VPS might not be powerful enough.
  4. MySQL Settings: For very large databases, MySQL optimization may be required (e.g., indexing, configuring innodb_buffer_pool_size).

How to fix: Configure cron jobs. Increase PHP memory_limit and Opcache parameters. If server resources are insufficient, consider upgrading to a more powerful VPS. For MySQL, consult a DBA or use optimization tools.

Data is not being collected, although the tracking code is installed

What to check: This means Matomo is not receiving information from your website.

  1. Tracking Code: Ensure that the Matomo JavaScript code is correctly embedded on all pages of your website, and that the domain in the code matches the Matomo domain.
  2. Network Requests: Open the browser's developer console (F12) and go to the "Network" tab. Check if your website is sending requests to Matomo (usually to matomo.php). There should be a request with a 200 OK status.
  3. Nginx Logs: Check Nginx's access.log for requests to matomo.php.
  4. Firewall: Ensure your firewall (UFW) is not blocking incoming connections on port 80/443.
  5. Trusted Hosts: In Matomo's config/config.ini.php, check the [General] section and the trusted_hosts[] parameter. Ensure your Matomo domain is listed there.

How to fix: Correct the tracking code. Check firewall settings. Add your domain to trusted_hosts[] in Matomo. Restart Nginx.

How to update Matomo safely?

Answer: A safe Matomo update always begins with a full backup of the database and files. Then, you can use the built-in update mechanism via the web interface (if available) or the command line. For CLI updates, navigate to the Matomo directory and execute the command sudo -u www-data php console core:update. This method is preferred for production servers as it is more controlled and helps avoid browser timeouts. After updating, always check logs for errors.

What is the minimum VPS configuration suitable for Matomo?

Answer: For small websites (up to 10,000 visits per day), a minimum VPS with 2 CPU cores, 4 GB of RAM, and 100 GB NVMe SSD will be required. An NVMe disk is critical for Matomo database performance. The network should be at least 200 Mbps. This will be sufficient for stable Matomo operation and comfortable report loading.

What to choose — VPS or dedicated for Matomo?

Answer: The choice between a VPS and a dedicated server depends on the scale of your project. For most small to medium-sized websites (up to 100,000 - 200,000 visits per day), a powerful VPS will be an optimal solution, offering a good balance between performance and cost. A dedicated server becomes necessary for very high loads (hundreds of thousands or millions of visits), when maximum performance, full control over hardware (e.g., for specific RAID arrays), or strict resource isolation requirements are needed. If you are just starting, always choose a VPS and scale up as your needs grow.

How to protect Matomo from spam and incorrect data?

Answer: Matomo has built-in features for spam protection. In the website settings, you can enable filtering by IP addresses or ranges, and exclude specific URLs or parameters from tracking. It is also recommended to use the "Bots & Spiders" functionality to automatically exclude known search bots. For more advanced protection, you can use additional Matomo plugins or configure Nginx rules to block suspicious requests to matomo.php.

Conclusions and Next Steps

Diagram: Conclusions and Next Steps
Diagram: Conclusions and Next Steps

Congratulations! You have successfully installed and configured Matomo on your VPS using Nginx, PHP-FPM, and MySQL/MariaDB. You now have a powerful, private, and fully controlled web analytics system that gives you complete control over your data and its security. You have built a robust foundation for collecting and analyzing information about your website visitors, while ensuring high performance and readiness for scaling.

Here are a few next steps you can take to further develop your analytics system:

  • Configuring Additional Websites and Users: If you have multiple projects, add them to Matomo and create separate users with restricted access rights for each team or client.
  • Exploring Advanced Matomo Features: Explore features such as goal tracking, conversion funnels, custom variables, heatmaps (via plugins), A/B testing, and audience segmentation to gain a deeper understanding of user behavior.
  • Monitoring Performance and Resources: Regularly monitor CPU, RAM, and disk usage on your VPS, especially after traffic increases. This will help you timely identify the need for scaling or optimization.
  • Implementing CDN for Matomo Static Assets: To improve the loading speed of the Matomo interface, you might consider using a CDN for static files (CSS, JS, images).

Поділитися цим записом:

share
Matomo (Piwik) installation on VPS: high-performance analytics with Nginx, PHP, and MySQL
support_agent
Valebyte Support
Usually replies within minutes
Hi there!
Send us a message and we'll reply as soon as possible.