npm install shadow-track

Shadow Track

Make Matomo/Piwik analytics undetectable by ad blockers through parameter encryption and endpoint obfuscation.

How it works

Shadow Track protects your Matomo analytics from being blocked by:

1. Endpoint Obfuscation: Renames tracking endpoints to innocent-looking names
2. Parameter Encryption: Encrypts all tracking parameters into a single obfuscated parameter
3. Pattern Breaking: Removes recognizable Matomo/Piwik parameter patterns that ad blockers detect

Instead of sending:
``POST /matomo.php?idsite=1&rec=1&action_name=Home&url=https://example.com`

Shadow Track sends:`POST /waschbaerenparadies?d=a7x9k2FibGUiLCJjb2RlX25hbWUiOiJIb21lIn0=k9x7a`

`Installation`

`bash npm install -g /root/shadow-track`

Or run directly:`bash cd /root/shadow-track npm install ./cli.js --help`

`Usage`

`$3`

Run the complete setup with one command:

`bash shadow-track full-setup \ --domain analytics.example.com \ --path /var/www/matomo \ --js-endpoint tracker.js \ --tracking-endpoint analytics \ --secret your-secret-key-2024`

`$3`

#### 1. Generate Nginx Configuration

`bash shadow-track nginx \ --domain analytics.example.com \ --path /var/www/matomo \ --js-endpoint tracker.js \ --tracking-endpoint analytics \ --output /etc/nginx/sites-available/matomo-shadow.conf`

#### 2. Patch matomo.js

`bash shadow-track patch-js \ --input /var/www/matomo/matomo.js \ --tracking-endpoint analytics \ --secret your-secret-key-2024`

#### 3. Patch matomo.php

`bash shadow-track patch-php \ --input /var/www/matomo/matomo.php \ --secret your-secret-key-2024`

#### 4. Enable and reload services

`bash

`Enable nginx config`


ln -s /etc/nginx/sites-available/matomo-shadow.conf /etc/nginx/sites-enabled/
Test and reload nginx

nginx -t
systemctl reload nginx
Restart PHP-FPM to clear opcache

systemctl restart php8.2-fpm


Configuration Options
$3

-

--js-endpoint: Name for the JavaScript file (default: loewenzahntiger.js

)
-

--tracking-endpoint: Name for the tracking endpoint (default: waschbaerenparadies

)
Choose innocent-looking names that don't contain words like:
- track, analytics, matomo, piwik, stats, metrics, telemetry
$3

-

--secret: Encryption key (default: shadow-track-secret-2024

)
⚠️ Important: Use the same secret key for both JS and PHP patching!
Update Tracking Code
After setup, update your website's tracking code:

`html

`Testing`

1. Check if the obfuscated JS loads:`bash curl https://analytics.example.com/tracker.js`

2. Test tracking endpoint:`bash curl -X POST "https://analytics.example.com/analytics?d=test"`

3. Monitor nginx logs:`bash tail -f /var/log/nginx/analytics.example.com.matomo.access.log`

`Troubleshooting`

`$3`


- Check nginx configuration is loaded:

nginx -T | grep shadow


- Verify file paths in nginx config
- Check PHP-FPM socket path
$3

- Clear browser cache
- Check browser console for errors
- Verify same secret key used for JS and PHP
- Restart PHP-FPM:

systemctl restart php8.2-fpm`

$3

- Try different endpoint names
- Avoid patterns like sequential numbers or common words
- Consider using subdomains instead of paths

Security Notes

- Keep your secret key private
- Use HTTPS only
- Regularly rotate endpoint names if they get detected
- Monitor access logs for suspicious activity

License

MIT

npm install shadow-track

Shadow Track

Make Matomo/Piwik analytics undetectable by ad blockers through parameter encryption and endpoint obfuscation.

How it works

Shadow Track protects your Matomo analytics from being blocked by:

Instead of sending:
``POST /matomo.php?idsite=1&rec=1&action_name=Home&url=https://example.com`

Shadow Track sends:`POST /waschbaerenparadies?d=a7x9k2FibGUiLCJjb2RlX25hbWUiOiJIb21lIn0=k9x7a`

`Installation`

`bash npm install -g /root/shadow-track`

Or run directly:`bash cd /root/shadow-track npm install ./cli.js --help`

`Usage`

`$3`

Run the complete setup with one command:

`bash shadow-track full-setup \ --domain analytics.example.com \ --path /var/www/matomo \ --js-endpoint tracker.js \ --tracking-endpoint analytics \ --secret your-secret-key-2024`

`$3`

#### 1. Generate Nginx Configuration

#### 2. Patch matomo.js

`bash shadow-track patch-js \ --input /var/www/matomo/matomo.js \ --tracking-endpoint analytics \ --secret your-secret-key-2024`

#### 3. Patch matomo.php

`bash shadow-track patch-php \ --input /var/www/matomo/matomo.php \ --secret your-secret-key-2024`

#### 4. Enable and reload services

`bash

`Enable nginx config`


ln -s /etc/nginx/sites-available/matomo-shadow.conf /etc/nginx/sites-enabled/
Test and reload nginx

nginx -t
systemctl reload nginx
Restart PHP-FPM to clear opcache

systemctl restart php8.2-fpm


Configuration Options
$3

-

--js-endpoint: Name for the JavaScript file (default: loewenzahntiger.js

)
-

--tracking-endpoint: Name for the tracking endpoint (default: waschbaerenparadies

)
Choose innocent-looking names that don't contain words like:
- track, analytics, matomo, piwik, stats, metrics, telemetry
$3

-

--secret: Encryption key (default: shadow-track-secret-2024

)
⚠️ Important: Use the same secret key for both JS and PHP patching!
Update Tracking Code
After setup, update your website's tracking code:

`html

`Testing`

1. Check if the obfuscated JS loads:`bash curl https://analytics.example.com/tracker.js`

2. Test tracking endpoint:`bash curl -X POST "https://analytics.example.com/analytics?d=test"`

3. Monitor nginx logs:`bash tail -f /var/log/nginx/analytics.example.com.matomo.access.log`

`Troubleshooting`

`$3`


- Check nginx configuration is loaded:

nginx -T | grep shadow


- Verify file paths in nginx config
- Check PHP-FPM socket path
$3

- Clear browser cache
- Check browser console for errors
- Verify same secret key used for JS and PHP
- Restart PHP-FPM:

systemctl restart php8.2-fpm`

$3

- Try different endpoint names
- Avoid patterns like sequential numbers or common words
- Consider using subdomains instead of paths

Security Notes

- Keep your secret key private
- Use HTTPS only
- Regularly rotate endpoint names if they get detected
- Monitor access logs for suspicious activity

License

MIT