Usertrack module

Usertracking via cookies

Overview

What are cookies?

Cookies are small (less than 1k) pieces of information returned by the web server, which a user's browser will return next time they make a request to the same site. In effect, they store state, and make writing applications that rely on state easier, since HTTP is a stateless protocol.

Users can decide to turn off cookies in their browser, and some may consider them a breach of privacy. Many e-commerce sites use cookies to store user's preferences, and are often used for (re)identifying the user. In the usertrack module, they could be used to establish "click-trails", the routes which users traverse a web site. Of course, there is not always a one-to-one mapping between users and browsers.

How does the usertrack module work?

When enabled, this module adds cookies in the HTTP headers to requests that don't already have a usertrack cookie set. Browsers return these cookies to the server at the next request from the same site, if the cookie has not expired.

The name of the cookie and expiry time can be configured. If the cookie has an expiry time it will last for longer than the current browser session. This allows you to track a user over a longer period of time. For example, if the browser (which probably has a one-to-one mapping with a user) returns a week later, this can be detected. This assumes, of course, that the user hasn't turned off cookie support in their browser, or re-installed the browser.

In addition to this module, you may wish to use a web log analysis program which supports cookie analysis. In this case, you should modify the log format for this Virtual Server to include %{cookie}i, so that cookies are logged. Alternatively, you may wish to use the cookies for other reasons, for example, in a FastCGI authorizer program which you have written.

Configuration