Redistats Blog

Fixing the Heartbleed bug

10 Apr 2014

There is a vulnerability in the popular OpenSSL library called the Heartbleed bug.

We have now updated OpenSSL to the patched version and rebooted the server. Redistats was down for around 2 minutes while the server was rebooting and when all the stats data was loaded back to memory. We also reissued our SSL certificate.

All is back to normal.

We are now blocking

9 Apr 2014

As of now is blocked from Redistats and you won't get more hits from them. is operating a bot and has been using a tactic called referer spamming to make it look like you get visitors from these type of pages:

Redistats want you only to see human visitors and we have now blocked this large scale spam.

If you are operating a website with a large number of subdomains I urge you to also block this bot at the server level in order to save resources.

With .htaccess in Apache:

# block visitors referred from
RewriteEngine on
RewriteCond %{HTTP_REFERER} [NC]
RewriteRule .* - [F]


if ($http_referer ~* (
{ return 403; }

Changes in AdWords tracking

10 Feb 2014

Due to an error in the AdWords tracking (changes by AdWords) around half of the AdWords click was counted with the referrer as "Direct" instead of AdWords. We are very sorry for this and this is now fully fixed as of today 10th of February 2014.

This means that if you were using Redistats and got traffic from AdWords you will now see that the number of referrals from AdWords will go up around 50% to the correct number and the "Direct" referrers will go down with the same amount.

We are also as of today stripping out the gclid parameter. For example:
This URL:
Will now bee seen as:

Again, we are sorry for this.

Changing from unique visitors to visits

23 Aug 2013

Today I implemted a change in the tracking.

We are using both a cookie and an identifier based on IP and user agent (if cookies are turned off) to see if a visitor is returning or not.

Before we counted unique visitors and it was based on 24 hours. The cookie and identifier was set once with a 24 hour expiration.  If a visitor did not have a cookie or identifier it was counted as a unique visitor.

Now we are instead counting visits and it is based on 30 minutes but the cookie or identifier are extended 30 minutes with each page view. If a visitor do not have a cookie or identifier it is counted as a visit.

This is the same a Google Analytics are doing and it is the new industry standard. It is important for Redistats to follow the industry standard.

We decided to do this now right away before we get a lot of users to Redistats. So far it is only a handful.

The graph of unique visitors has been renamed to visits and unfortunaly it will now increase slightly. I estimate around 5%.

Further reading

Our new API

22 Aug 2013

Our API is just released.

With a simple GET request you receive a simple JSON that you can use to display data in your own system.

See our API documentation for more details.

Redistats free beta starting now

14 Aug 2013

Today our free beta is open for all our plans until 2014.

Please let us know any feedback, anything is welcome.

If you are using WordPress, use our plugin.

Hacker News

We had some attention and diskussion here on Hacker News. Around 2K visitors from there took a look at the project.

This website was built using - try it yourself for free.    (Click here to renew the premium)(info & kontakt)