Description
To guarantee data collection in the best conditions, we provide the ability to send hits to our servers with a CNAME from one of your subdomains.
By using a custom domain, you keep your hits, and collect more while keeping our SLAs, you even can get the best cookie configuration (ITP).
Note
To find out more about the Custom Domain Data Collection (CDDC), please reach out to our support teams.Creation
Strategy
There are several ways to configure your custom domain to site mapping with several implications.
Here is a list of possible configurations to identify the best architecture:
|
Case |
Site |
Data collection |
Cookie deposit |
Cookie |
CDDC |
Analysis |
|
1 |
www.site.com | data.site.com | data.site.com | 1st | ✔ | Same domain: no blocking |
|
2 |
test.site.com | data.site.com | data.site.com | 1st | ✔ | Same domain: no blocking |
|
3 |
www.sitea.com | data.site.com | data.site.com | 3rd | ✔ | Different domain but not associated to analytics. Can be blocked because it's 3rd. |
|
4 |
www.siteb.com | data.siteb.com | data.siteb.com | 1st | ✔ | Same domain: no blocking |
|
5 |
www.sitec.com | xiti.com | xiti.com | 3rd | ✘ | Analytics associated domain, and 3rd party. Cookies and hits can be blocked. |
Explanation
Best case scenarii: #1, #2 and #4.1 CDDC per domain, but please note cross-site analysis will only work between case #1 and #2.
Process
Setting up a custom domain to suit your need, can only be done after reaching out your Key Account Manager or Customer Success Manager.
Once the project is all validated with our teams, you can set your custom domain through a 10 step process:
1. You: pick/create your site subdomain
2. You: give our consultant the CSR information
3. AT: validates the CSR information
4. You: buy a SSL certificate with the CSR information (no wild-card)
5. AT: imports the certificate in Data Collection Portal
6. You: setup a client-side DNS redirection (CNAME)
7. AT: checks DNS and collection status in Data Collection Portal
8. AT: manually checks CDDC is ready
9. AT: notifies you that the CDDC is ready
10. You: have 28 days to edit your tagging for CDDC
After these 28 days, hits with the former collection domain will no longer be processed.
Certificate Signing Request (CSR)
Here is all the information required to generate your CSR.
|
Information |
Example |
Details |
|
E-mail address |
support@atinternet.com |
Email address linked to the collection domain. As the email address will be used to send SSL certificate expiration notifications, we recommend the email address be a technical one, and generic instead of personal so that alerts can be correctly distributed. You may enter several email addresses, separating each one with a comma. |
|
Time zone |
UTC+1 |
Collection domain’s time zone |
|
Common name |
collect.atinternet-solutions.com |
The collection domain. Wildcards (*) are not authorised. |
|
Organisation |
AT INTERNET |
Name of the company covered by the SSL certificate linked to the collection domain. |
|
Organisational unit |
Technical Department |
Name of the technical department associated with the certificate. (optional) |
|
Locality |
MERIGNAC |
City where company is located. |
|
State |
GIRONDE |
Province/region where company is located. |
|
Country |
FR |
ISO code (2 capital letters) of the country where the company is located. |
Security
CSR and private key managementAT Internet takes responsability in generating the CSR and the certificate's private key to ensure its security.
This way, AT Internet will be the only owner of the private key which will not be shared to the customer to ensure the certificate associated to the CDDC is not used in any other purpose.
Approved certificates
AT Internet does not allow wildcard certificates (*) to make sure the certificate can only be used for the concerned CDDC.
CSRs generated are based on RSA encryption with a 2048 bits private key. EEC certificates are not supported by the CDDC setup.
The CDDC is compatible with all browsers supporting SNI.
Validity of the certificate
Becareful, Safari will soon no longer allow certificates for bigger period than a year generated after September 1st 2020.
Please make sure your certificates do not exceed this period to avoid any potential trafic loss (hit not sent).
Also, note that the minimum period for a valid certificate is currently 9 months.
Certificate's authority
It's up to the customer to choose a known certification authority and a type of certificate matching its own security requirements.
List
Once you set up at least one custom domain, you will find a new item for it in the interface.
It shows you the main information to monitor and identify your CDDCs:
- Collection domain
- Status
- Expiration date
If you click on this item you will get the overview of all its configuration and associated sites.
Overview
The custom domain overview shows you all technical details about its setup:
- Status
- Expiration date
- Alias
- DNS Check
- AT Internet Collection
- Email(s) to reach for certificate renewal
Sites
Next to the overview section, is the site section, where you can find all sites associated to the custom domain according to your setup.
Here is all the information you will find:
- Site name
- Site ID
- Migration date (when the site was first associated to the CDDC)
Note
You may want to add new sites to already existing CDDC setup later on, to do so please get on the site's page in Site management.After clicking on Edit this site button, you will find a Switch to custom collection domain link, leading you to a dedicated form.
In this form, please specify the CDDC you want to use for the site, and when the migration should start.
Then click on I am ready to migrate, and type GO in the dedicated field to confirm migration process.
Tagging
Recommended update
Generate a new SmartTag file from your Tag Composer configuration, that will automatically update the concerned logs and tag parameters.
Manual update
If you don't want to update your SmartTag, you can manually edit the file to change its collection parameters accordingly.
| SmartTag < 5.13.0 | SmartTag > 5.13.0 | |
| Tag parameters to update |
log: cddc subdomain logSSL: cddc subdomain domain: current domain |
collectDomain: subdomain.domain.com collectDomainSSL: subdomain.domain.com |
|
pixelPath: toto cookieDomain: .domain.com |
||
Cookie deposit
Visitor identification cookies
Browsers like Safari now require cookies to be first party (deposited from the current domain), server-side (deposited by a server not by JavaScript) and secured (https).
To match these requirements we provide a visitor's cookie setup that prevents potential restrictions or blockings that would impact your audience analysis.
In your Tag Composer configuration make sure to have the Client-Side User ID enabled.
Also in its settings make sure the "Visitor identification mode" is set to "always" and the "Secure the cookie" option ticked.
Finally in its Advanced settings, tick the ITP compliant checkbox, and fill the Website domain field with your domain (mysite.com).
By doing so your tracking will deposit our visitors cookies (idrxvr, atidx, atid) from your CDDC, meaning through your subdomain, by our servers.
Other cookies
Some plugins may rely on dedicated cookies that are not handled by our servers but by JavaScript.
These will be deleted 7 days after their deposit on your visitor's browsers due to Safari's ITP policy.
Since these are generated by JavaScript, the only setting you have to think about is the cookie domain when deploying your SmartTag configuration.
In this dedicated field, please specify your site's domain (.mysite.com) to make allow cookie generation.
Security
Please check with your IT teams that any sensitive cookie is deposited on the parent domain used for the CDDC.AT Internet does not store or exploit cookies that are not generated by its servers or tags.
To avoid the transmission of these sensitive cookies to our servers, please use them only on a specific domain (with subdomain), or use another parent domain than the one used for the custom domain data collection.