Last night we performed a migration on the way custom domains work. Historically, any IP blocking you did or allowing of domains was implemented at a network level (on the custom domain itself). We moved this to act as part of our ingest, as we wanted all customers to benefit from it, and we've dropped support for custom domains.
With IP blocking, that was simple, we moved the IPs into an array, and those are checked during ingest. Where we faced a problem was with allowed domains. A handful of customers who had entered *.website.com, and not included website.com would've been impacted here. Long story short, our custom domain provider would take *.website.com and allow website.com to come through. This was never expected behaviour, and the majority of customers had entries for both *.website.com and website.com, so the root was tracked. For customers who only had *.website.com, but not website.com added too, your root pageviews weren't tracked between late last night and early this morning. We thought hard about how to backward support this bug, which was a bug, to begin with (since *.website.com should never have matched website.com, it should only have matched abc.website.com, etc.), and we concluded that we'd add website.com to allowed domains whenever someone had used *.website.com. This way, we mimic the old buggy behaviour but, moving forward, we don't have to continue doing this for newly allowed domains.
In addition, a bug we deployed that our tests didn't catch was for customers using multi-domains -> unique per domain. This only impacted a tiny number of customers, but we include it here for transparency purposes too. From late last night to early this morning, multiple domains tracked just fine, but website visitors would've been treated as unique across all of those domains vs unique per domain. We've now fixed the tests and deployed a fix.
We apologize to the handful of customers that this impacted. The majority of you did have entries for both *.website.com and website.com when you wanted root tracking, but some of you didn't. Moving forward, honestly, we're focusing more on building functionality vs outsourcing it. So here, we blocked IPs and allowed domains via an external provider (our custom domain provider). This meant that we relied on their rules, and we couldn't see the code for that. Moving forward, we will bring more things under our control so that we know how they work.
Posted Mar 24, 2023 - 09:45 PDT