JavaScript tracking punks given a thrashing by good old-fashioned server log analytics

Netlify this week whipped the covers off its take on dealing with the rise of ad blockers in analytics - do it on the server.

With many analytic tools requiring tracking pixels, cookies or JavaScript in the webpage, the arms race in blocking the things - either unintentionally through ad-blockers or intentionally because of privacy concerns - is proving a headache for website operators.

The solution is, Netlify told London's JAMstack conference, to use all those log files generated on the web server itself. After all, unless you have more nefarious aims in mind, that information should be all developers need to keep things humming along. Marketeers, however, may be in for a disappointment.

The first cut of the system will track the usual things - page views, unique visitors, bandwidth, top pages and, most usefully, where resources are not found (such as a missing image or 404).

It seems like obvious stuff - one would hope that a missing resource would show up somewhere in testing as part of CI/CD, but the number of borked sites out there indicates that this is not the case.

Of course, Netlify is by no means the only game in town when it comes to ingesting analytics data from its edge server nodes. That log data has always been lurking around, but shoving the analytics onto the client makes things that bit more personal. For those who want to use the server log files, there are competing tools such as Matomo.

But the likes of Matomo are heavy on the features and costly. While Matomo starts at around $59/month for its "Essential" package and 300,000 page views monthly, Netlify is $9/month for 250,000 page views a month.

That $9 is on top of whatever you're paying Netlify at the moment, of course, and you have to join the 600,000 or so users of the web-hosting-for-dummies platform. Matomo, on the other hand, is a tad more cross-platform.

Still, for Netlify users (and there seem to be quite a few opting for the outfit's take on multicloud-hosting-without-the-tears), the new functionality is an intriguing alternative to JavaScript tracking, with the added bonus of GDPR compliance.

Certainly, privacy is a hot topic these days, and the gang hopes that by merely capturing the IP address of a user and not sharing it in the analytics tool, such issues are skipped over. Netlify keeps those IPs in its logs in order to fight off DDoS attacks and such.

Another downside is that by using the logs for analytics, there is no simple way for a user to opt out. It's up to the website operator to make such options available.

Logs are kept for 30 days and, to be frank, with just an IP address that is likely assigned dynamically by an ISP or masking an organisation of users, individual tracking to the level enjoyed by some script at the client is going to be difficult with this tool, something the Netlify team acknowledged when we spoke with them earlier this week.

Netlify CEO Mathias Biilmann Christensen and president Christian Bach told The Register that plans were afoot to make future versions a little more granular in order to track a users's path through a site, as well as introduce alerts and notifications when thresholds are reached.

In the meantime, the function, which works from data slurped from the logs once an hour, shows its metrics in dashboards within the Netlify suite and requires a developer only enable it (and start paying) in order to use it. Since it pulls from logs, there is also no performance impact.

It's a neat tool, giving developers a handy insight into how things are running. The inability to trace a user's path will, however, annoy some. And some organisations will miss the ability to festoon a user's browser with tracking JavaScript.

And that, to be honest, is probably no bad thing. ®

Software News

Jul 22
Taking the reins after Nils Brauckmann retires in August
Jul 22
Better iterators, generators... Semicolons? Who needs 'em?
Jul 18
Co-founder and chief data officer at NPM Inc, moves on
Jul 18
'Empowering' if you've got $$$
Jul 18
Redmond engineer hints at taking super-lang for a spin
Jul 18
Software testing just ain't that special, sniff immigration bod
Jul 18
'No safeguards' on QA accounts, and suddenly this guy gets a Tesla and $1.6m home, say prosecutors