Deal with adblockers etc. better

[arp242]

GoatCounter got added to EasyList Privacy as follows:

||gc.zgo.at^$third-party
||goatcounter.com/count^$third-party

That was bound to happen sooner or later, and I guess it's not a bad sign that GoatCounter is deemed worthy of inclusion 😅 Because of the third-party option it only gets blocked if it's loaded as 3rd-party script, so goatcounter.com and such still work fine.

However, I've had some people report that AdGuard simply blocks all of the goatcounter.com domains; the reason for this is that their DNS filter simply includes:

||gc.zgo.at^
||goatcounter.com^

That's ... a rather crude approach, but it is what it is.

It would perhaps be better if a different domain was used for the tracking; I already have goatanalytics.com so that's kind of an obvious choice. That way ad blockers can block that, and keep goatcounter.com unblocked.

[resynth1943]

+1 for this, and a -respect to AdGuard for blocking it. I would like to allow ethical analytics services. I'll reach out to AdGuard, and send any correspondence here.

[arp242]

I would like to allow ethical analytics services

Yeah, the "all trackers are equal"-approach isn't necessarily the best one, IMO; but it is what it is. Some people have really strong feelings about this kind of stuff. People have told me that GoatCounter is "morally wrong" 🤷‍♂️

AdGuard just copies EasyList Privacy, so it should probably be fixed/changed there. But reading through some of the issues I don't think the maintainers would be very open to that (see e.g. https://github.com/easylist/easylist/pull/1855#issuecomment-440241758 or https://github.com/easylist/easylist/issues/4023), so I never really bothered to ask.

I'm not really sure anything can be done here as such.

[ghost]

Hi! I found this coming from Easylist trying to figure out why CNAME blocking wasn't working for a site using simpleanalytics.

I'm at least mildly disappointed at this kind of opinion, like it's a "problem to deal with" -- attempting to bypass or break through a user's choice to enable privacy filters feels incredibly hostile and anti-enduser to me. This is something I'd happily click whitelist in uBlock for if I was informed of it prior to any requests being made, and educated on what it collected and how it is different from most analytics services, but something I would absolutely despise if I found out sites were silently using it and trying various combinations to bypass my decision.

While I support "ethical analytics with consent", please try to see it from the other side where treating it as a user-added roadblock that you need to run over is really demeaning to end-users.

See also: https://news.ycombinator.com/item?id=24239508

[arp242]

You have misunderstood the issue @edensverse; which is that everything related to goatcounter.com and zgo.at (also used for some other things) is blocked by some tools, even if you type "goatcounter.com" in your URL bar. This is certainly a problem which needs to be dealt with.

[ghost]

Ah. Sorry, it's not my first language, I mostly saw it linked to related comments regarding the blocking.

Usually if you shove everything onto a subdomain (completely separating your primary site) AdGuard will remove the block, at least they have on previous issues. Make sure it is actually separate: The tracking.js static asset should not be on the same host/origin as your primary sales site's images or CSS (that is, don't share a "cdn.goatcounter"-equivalent, but instead have "cdn.goatcounter" and "cdn-tracking.goatcounter")

[resynth1943]

Well, as far as I understand, the short URL is only used for serving the tracking script...

[karmanyaahm]

I just realized uBlock was blocking count.js on my site. Would it be possible to circumvent that if I copied the contents of https://gc.zgo.at/count.js into my site's main JS? I could possibly write a Jekyll hook to keep it updated.

[arp242]

That would work for the count.js @karmanyaahm, but it still needs to send a request to yoursite.goatcounter.com, which would still be blocked. There isn't really a workaround for this (and as I mentioned, it's also undesired) other than self-hosting goatcounter I'm afraid.

[tijptjik]

Would you consider (optionally) allowing for count.js to be initialized with a proxy API end-point? This could use nginx's proxy_pass or similar to pass it on to yoursite.goatcounter.com again. This would circumvent the block.

The Mixpanel Nginx proxy repo is a good reference, and in their case they just initialise their tracker with a different api_host.

[arp242]

Would you consider (optionally) allowing for count.js to be initialized with a proxy API end-point?

What do you mean exactly with "proxy API end-point"?

I think you can already proxy it with nginx or something else if you want to? I'm not sure if any action is needed for this on my part?

[tijptjik]

I think... I think you're right! I overlooked the use of data-goatcounter attribute.

So if we operated wowsite.com and used hosted tracking at wowsite.goatcounter.com, we could simply serve include:

<script data-goatcounter="https://wowsite.com/count" async src="//wowsite.com/count.js"></script>

and on nginx proxy https://wowsite.com/count to https://wowsite.goatcounter.com/count and wowsite.com/count.js to https://gc.zgo.at/count.js.

[arp242]

Yeah, hosting the count.js script from somewhere else has always been supported; see: https://www.goatcounter.com/code/countjs-host

On my own website I don't use it either but include the JS in the page itself:

<script data-goatcounter="https://stats.arp242.net/count">
// GoatCounter: https://www.goatcounter.com
    // This file (and *only* this file) is released under the ISC license:
    // https://opensource.org/licenses/ISC
    [..]
</script>

That https://stats.arp242.net isn't even goatcounter.com but a "self-hosted" instance (mostly so I have a SQLite version to test to spot potential problems sooner rather than wait for people to report them).

Nothing is really tied to goatcounter.com – self-hosting has always been a first-class use case, and by extension this also means you can do stuff like proxying and such. It's just that https://gc.zgo.at/count.js is a good default if you use it, but you can basically do whatever.

[tijptjik]

fantastisch! Thanks Martin :)