Understanding Unique Hit Tracking
What are Unique Hits?
Unique hits represent distinct visits to your website pages. While total hits count every page view (including refreshes and repeat visits), unique hits provide a more accurate picture of individual visitor sessions on a per-page basis.
How We Track Unique Hits
Our unique hit tracking system is built with privacy at its core, using advanced anonymisation techniques:
Data Collection
- Page Information:
- Current URL path
- Page title
- Referrer (when available)
- Browser Data:
- User agent string (truncated for privacy)
- Request Data:
- Cloudflare-provided information
- Timestamp
- Geographic region (country only)
Privacy-First Processing
- Anonymisation: All potentially identifying information is stripped or truncated before processing
- Hash Generation: We combine the collected data with:
- Current date
- Rotating salt (changes every 12 hours)
- Site identifier and page path
- Anonymised request data
- One-Way Encryption: The final hash is irreversible, ensuring visitor privacy
Privacy and Security Measures
- Zero personal data storage
- IP addresses from Cloudflare edge locations are used only for hash generation (which are not the same as your visitor’s IP address)
- Regular salt rotation (every 12 hours)
- Cloudflare as a privacy buffer
- GDPR and CCPA compliant approach (learn more about our compliance)
- No cookies or local storage used
- Rate limiting to prevent abuse
What This Means for Site Owners
- Accurate Analytics: Get meaningful visitor insights without compromising privacy
- Time-Based Stats: View unique visitors within a 24-hour window
- Geographic Insights: Country-level analytics without personal tracking
- Zero Setup: Privacy protection works out of the box
Technical Considerations
- Unique hits reset daily at midnight UTC
- Geographic data is approximate (country-level only)
- Bot traffic and other automated requests are automatically filtered
- Cached responses don’t trigger new hits
- Rate limiting of 25 hits per minute per source, and other limits to prevent abuse
- User agent strings are truncated to 50 characters
For implementation details and get started, see our script embedding guide.