User-friendly collection proxy

 

Principle

AT Internet offers assistance with implementing a proxy server in order to collect data on a domain specific to your company. For example, visitors to the website example.com may send information collected to stats.example.com, instead of sending them to log.xiti.com.

In order to implement this mechanism, you must set up a proxy which redirects requests to the collection server specific to your site. To ensure an optimal configuration, please keep the following in mind:

  • The creation of the “idrxvr” cookie must be propagated to the Internet user by modifying the domain
  • The “idrxvr” cookie must be transmitted to the AT Internet servers
  • The client’s source IP address must be indicated in the X-Forwarded-For header
  • All headers in the initial request must be transmitted, notably User-Agent, Accept-Language, Referrer.

In order to be compliant with the GDPR, it is recommended to not store any data on the proxy server (logs for example).

 

Architecture

The following diagram depicts the architecture:

Without a “user-friendly” proxy

With a “user-friendly” proxy

 

Tagging

From a tagging point of view, you’ll need to modify your SmartTag’s configuration, in order to insert the correct values.
An example in JS (documentation):

var tag = new ATInternet.Tracker.Tag({log: 'stats', logSSL: 'stats', domain: 'example.com'});
 

Modification of the pixelPath

You may also change the name of the loaded resource (hit.xiti by default).

var tag = new ATInternet.Tracker.Tag({log: 'stats', logSSL: 'stats', domain: 'example.com', pixelPath: '/customhitpage'});

The corresponding proxy configuration is indicated in the below configuration example.

 

Configration example

This configuration only serves as an example; it must be adapted, notably with regards to security and performance, depending on anticipated traffic levels.

To help guide you with the implementation of this proxy, here’s an example of configuration for Nginx:

 

HTTP

server {

	listen 80;

	# Hide Nginx version
	server_tokens off;

	# Configure DNS resolver used by the server
	resolver A.B.C.D;

	# Append source IP address to the initial request's X-Forwarded-For 
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

	# Change cookie domain
	proxy_cookie_domain ~.* example.com;

	# Set AT Internet collection domain
	set $logati log.xiti.com;

	# Customize pixel path to /customhitpage
	location /customhitpage {
		proxy_pass http://$logati/hit.xiti$is_args$query_string;
		proxy_redirect /hit.xiti /customhitpage;
	}

	# No change for any other ressource
	location / {
		proxy_pass http://$logati$request_uri;
	}

}
 

HTTPS

server {

	listen 80;

	# Hide Nginx version
	server_tokens off;

	# Configure DNS resolver used by the server
	resolver A.B.C.D;

	# SSL
	ssl_certificate     /etc/nginx/ssl/cert.pem;
	ssl_certificate_key /etc/nginx/ssl/key.pem;
	ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers         HIGH:!aNULL:!MD5;

	# Append source IP address to the initial request's X-Forwarded-For 
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

	# Change cookie domain
	proxy_cookie_domain ~.* example.com;

	# Set AT Internet collection domain
	set $logati log.xiti.com;

	# Customize pixel path to /customhitpage
	location /customhitpage {
		proxy_pass http://$logati/hit.xiti$is_args$query_string;
		proxy_redirect /hit.xiti /customhitpage;
	}

	# No change for any other ressource
	location / {
		proxy_pass http://$logati$request_uri;
	}

}
Was this post helpful?
Yes
No
Last update: 08/03/2019