Google Analytics Just Got Banned Again—Here’s How to Own Your Data in 60 Seconds
The privacy crackdown on Google Analytics keeps escalating. Regulators in Austria, France, Italy, Denmark, and Norway have all ruled that GA violates GDPR by transferring European visitor data to US servers—and Wired reports the dominoes are still falling. Meanwhile, GA4 forces you through a 45.7 KB tracking script, complex event-based reporting that even experienced marketers struggle with, and a data model that Search Engine Journal calls “a mess”. Your visitors’ data flows through Google’s servers, gets sampled at high traffic volumes, and fuels an advertising machine you have zero control over.
There’s a better path. Umami is an open-source, privacy-first analytics platform that runs entirely on your own server—no cookies, no consent banners, no data leaving your infrastructure. And thanks to a one-command installer called SelfHostedAnalytics, you can deploy a production-ready Umami instance with PostgreSQL, automatic SSL, and a reverse proxy in under a minute. The tracking script is under 1 KB—75 times smaller than Google Analytics—so your pages load faster and your visitors never see a cookie banner.
This guide walks through everything: why self-hosted analytics matter in 2026, how the one-command installer works, step-by-step deployment on a VPS, day-to-day management, security hardening, scaling for high traffic, and a full cost comparison against Google Analytics and managed alternatives.
Why Self-Hosted Analytics in 2026
The shift away from third-party analytics isn’t ideological—it’s practical. Here’s what you gain by running your own analytics server:
| Concern | Google Analytics | Self-Hosted Umami |
|---|---|---|
| GDPR compliance | Ruled illegal in 5+ EU countries | Compliant by default—data never leaves your server |
| Cookie consent banner | Required in EU/UK | Not needed—no cookies used |
| Tracking script size | 45.7 KB | <1 KB |
| Data sampling | Yes, at high traffic | Never—100% of events recorded |
| Ad blocker resistance | Frequently blocked | Custom script name bypasses blocklists |
| Data ownership | Google processes and retains data | 100% yours on your server |
| Cost at scale | Free (you pay with data) | Fixed VPS cost regardless of traffic |
The accuracy advantage alone is significant. Google Analytics gets blocked by 30–40% of visitors using ad blockers or privacy browsers. Self-hosted Umami with a custom script name (the installer defaults to getinfo instead of umami) flies under the radar, giving you a far more accurate picture of your actual traffic.
What Umami Gives You
Umami isn’t a stripped-down toy—it’s a full-featured analytics platform built on Next.js and PostgreSQL. Here’s what you get out of the box:
- Real-time visitor tracking—see who’s on your site right now
- Pageviews, unique visitors, bounce rate, and session duration
- Referrer source tracking—see where your traffic comes from
- UTM campaign tracking—measure marketing campaign effectiveness
- Browser, OS, device, and country demographics
- Custom event tracking with data payloads for conversions, purchases, and interactions
- Multiple website management—track dozens of sites from a single dashboard
- API access—pull your data programmatically for custom dashboards or reports
- No cookies whatsoever—GDPR, CCPA, and PECR compliant without any configuration
The dashboard is clean, fast, and shows everything on a single page—no navigating through nested reports like GA4 forces you to do. If you’ve ever wanted Google Analytics but simpler, faster, and private, Umami is the answer.
What You Need Before Starting
The SelfHostedAnalytics installer handles almost everything automatically, but you need three things ready:
- A VPS with root access—Ubuntu 22.04+ or Debian 12+ recommended (RHEL/CentOS/AlmaLinux also supported)
- A domain or subdomain pointed to your server’s IP address (e.g.,
analytics.yourdomain.com) - An email address for Let’s Encrypt SSL certificate notifications
The installer automatically provisions Docker, Docker Compose, your choice of reverse proxy (Caddy or Nginx), firewall rules, and the full Umami + PostgreSQL stack. Minimum hardware is 1 GB RAM and 1 CPU core, though 2 GB RAM is recommended for production workloads.
Recommended Hosting: ScalaHosting Self-Managed VPS
For self-hosting Umami, you want a provider that gives you full root access, guaranteed resources, and SSD storage without the markup of managed hosting. ScalaHosting’s Self-Managed VPS plans are purpose-built for this:
| Plan | RAM | CPU | Storage | Best For |
|---|---|---|---|---|
| Build #1 | 2 GB | 1 core | 50 GB SSD | Personal sites, blogs, small projects |
| Build #2 | 4 GB | 2 cores | 80 GB SSD | Business sites, multiple domains |
| Build #4 | 8 GB | 4 cores | 160 GB SSD | High-traffic sites, agencies tracking 50+ domains |
ScalaHosting uses NVMe SSD storage and guarantees your CPU and RAM aren’t shared—critical for analytics workloads that spike during traffic surges. Check current ScalaHosting pricing →
Step-by-Step: Deploy Umami Analytics in One Command
Once your VPS is running and your domain’s DNS is pointing to its IP address, the entire deployment is a single line:
Step 1: SSH Into Your VPS
Connect to your server from your local terminal:
ssh root@your-server-ipStep 2: Run the One-Command Installer
curl -fsSL https://raw.githubusercontent.com/loponai/selfhostedanalytics/main/install.sh | sudo bashThe interactive installer walks you through four prompts:
- Domain name—enter the domain or subdomain you pointed to this server (e.g.,
analytics.yourdomain.com) - Email address—used for Let’s Encrypt SSL certificate renewal notifications
- Reverse proxy choice—Caddy (recommended, automatic SSL) or Nginx + Certbot (if you prefer manual control)
- Tracker script name—defaults to
getinfoto avoid ad blocker detection (instead of the easily-blockedumami)
Behind the scenes, the installer:
- Installs Docker and Docker Compose if not already present
- Generates secure PostgreSQL credentials using OpenSSL
- Deploys the Umami + PostgreSQL stack via Docker Compose
- Configures your chosen reverse proxy with automatic HTTPS
- Opens ports 80 and 443 in the firewall (UFW or Firewalld)
- Saves your credentials securely to
/opt/umami/credentials.txt
Step 3: Log In and Change the Default Password
Open https://analytics.yourdomain.com in your browser. The default credentials are:
- Username:
admin - Password:
umami
Change this immediately after your first login. Go to Settings → Profile and set a strong, unique password.
Step 4: Add Your First Website
In the Umami dashboard, go to Settings → Websites → Add website. Enter your site’s name and domain. Umami will generate a tracking snippet like this:
<script defer src="https://analytics.yourdomain.com/getinfo.js"
data-website-id="YOUR_WEBSITE_ID"></script>Paste this into the <head> of every page you want to track. If you use a CMS like WordPress, drop it into the header injection field. For static sites, add it to your base template. Data starts flowing within seconds.
Custom Event Tracking
Beyond pageviews, Umami lets you track any interaction—button clicks, form submissions, purchases, signups—with a simple JavaScript call:
# Track a simple event
umami.track('signup-button-clicked')
# Track an event with data payload
umami.track('purchase', { plan: 'pro', price: 9.99, currency: 'USD' })
# Track form submissions
umami.track('contact-form', { source: 'homepage', topic: 'pricing' })Event data appears in your dashboard under the Events tab, giving you conversion tracking without the complexity of GA4’s event configuration. No tag managers, no data layers—just a single function call.
Day-to-Day Server Management
All services run as Docker containers in /opt/umami/. Here are the commands you’ll use most:
# Check container status
cd /opt/umami && docker compose ps
# View real-time Umami logs
docker compose logs -f umami
# Restart all services
docker compose restart
# Update Umami to the latest version
docker compose pull && docker compose up -d
# Back up your PostgreSQL database
docker compose exec db pg_dump -U umami umami > backup_$(date +%Y%m%d).sqlUmami publishes regular updates with new features and security patches. The update process is non-destructive—docker compose pull downloads the latest image, and docker compose up -d recreates the container while preserving your database volume. Downtime is typically under 10 seconds.
Security Hardening for Your Analytics Server
Your analytics server handles traffic data for every site you track, so locking it down is essential:
- Change the default admin password immediately after first login
- Disable SSH password authentication—use key-based auth only
- Keep the firewall strict—the installer opens only ports 80 and 443. Keep it that way.
- Enable automatic security updates—
sudo apt install unattended-upgradeson Ubuntu/Debian - Restrict SSH access by IP if you connect from a static address
- Use a VPN for admin access—route your SSH sessions through NordVPN so your real IP never appears in server logs. Check our VPN tier list for the top-ranked options.
The installer already generates cryptographically random database credentials using OpenSSL and stores them with restricted permissions (chmod 600). Your PostgreSQL instance is not exposed to the internet—it only accepts connections from the Umami container via Docker’s internal network.
Automated Backups
Your analytics data lives in a PostgreSQL database inside a Docker volume. If the server dies without a backup, that data is gone. Set up automated daily backups with a simple cron job:
# Create a backup directory
mkdir -p /opt/umami/backups
# Add this to your crontab (crontab -e)
0 3 * * * cd /opt/umami && docker compose exec -T db pg_dump -U umami umami | gzip > /opt/umami/backups/umami_$(date +\%Y\%m\%d).sql.gz
# Optional: delete backups older than 30 days
0 4 * * * find /opt/umami/backups -name "*.sql.gz" -mtime +30 -deleteFor off-server backup redundancy, sync the backup directory to cloud storage (S3, Backblaze B2, or rsync to a second VPS). If you’re running on ScalaHosting, their VPS plans include snapshot capabilities for full-server recovery.
Scaling for High Traffic
Umami is remarkably lightweight—the Next.js application and PostgreSQL database together consume under 300 MB of RAM at idle. But as your tracked sites grow, here’s how resource needs scale:
| Monthly Pageviews | RAM | CPU | Storage | Recommended Plan |
|---|---|---|---|---|
| Up to 100K | 1 GB | 1 core | 20 GB | ScalaHosting Build #1 |
| 100K–500K | 2 GB | 2 cores | 50 GB | ScalaHosting Build #2 |
| 500K–2M | 4 GB | 2 cores | 80 GB | ScalaHosting Build #3 |
| 2M+ | 8 GB | 4 cores | 160 GB | ScalaHosting Build #4 |
Umami uses roughly 50% fewer resources than Plausible Analytics (which requires ClickHouse) and a fraction of what Matomo needs. This means you can track millions of pageviews on hardware that would barely run a WordPress site. Check current ScalaHosting pricing →
Cost Comparison: Self-Hosted vs. Managed Analytics
Here’s what you’d pay across different analytics approaches for a site doing 500,000 pageviews per month:
| Solution | Monthly Cost | Owns Your Data | Cookie-Free | GDPR Safe |
|---|---|---|---|---|
| Google Analytics (GA4) | $0 (you pay with data) | No | No | No |
| Plausible Cloud | $39+ | Partial | Yes | Yes |
| Fathom Analytics | $25+ | Partial | Yes | Yes |
| Self-hosted Umami on ScalaHosting | ~$10–15 (VPS only) | Yes | Yes | Yes |
The self-hosted option is the only one that checks every box. You get full GDPR compliance, complete data ownership, no cookies, and a fixed monthly cost that doesn’t climb as your traffic grows. Managed services like Plausible Cloud and Fathom are excellent products, but you’re still trusting a third party with your data—and paying a premium that scales with pageviews.
Umami vs. Other Self-Hosted Analytics
If you’re researching self-hosted analytics, you’ve probably come across Plausible, Matomo, and GoAccess. Here’s how they compare:
| Feature | Umami | Plausible CE | Matomo |
|---|---|---|---|
| Minimum RAM | 500 MB | 2 GB | 2 GB |
| Database | PostgreSQL | ClickHouse + PostgreSQL | MySQL/MariaDB |
| Docker containers | 2 | 3 | 3–6 |
| Script size | <1 KB | <1 KB | ~23 KB |
| Cookie-free | Yes | Yes | Optional (default uses cookies) |
| Heatmaps / Session replay | No | No | Yes (premium) |
| One-command installer | Yes (SelfHostedAnalytics) | No | No |
| License | MIT | AGPL | GPL |
Umami hits the sweet spot: lightweight enough to run on a $5 VPS, powerful enough for serious analytics, and the only option with a one-command automated installer that handles the entire stack including SSL and reverse proxy configuration.
Frequently Asked Questions
Is self-hosted Umami really GDPR compliant?
Yes. Umami does not use cookies, does not collect personal data, and does not transfer data to any third party. When self-hosted on an EU-based VPS, no data leaves the jurisdiction. This satisfies the strictest interpretation of GDPR. Unlike Google Analytics, which has been ruled non-compliant by multiple European data protection authorities, self-hosted Umami has never been challenged—because there’s nothing to challenge.
Can I track multiple websites from one Umami instance?
Absolutely. Umami supports unlimited websites from a single installation. Each site gets its own tracking ID and dashboard. Agencies and developers commonly track 20–50+ sites from one instance running on a single ScalaHosting VPS.
Will ad blockers block my Umami tracking?
The SelfHostedAnalytics installer renames the tracking script from umami to getinfo by default, which isn’t on any major ad blocker list. Since the script is served from your own domain (not a third-party analytics domain), most ad blockers won’t touch it. This gives you significantly more accurate data than Google Analytics, which gets blocked by an estimated 30–40% of visitors.
How do I update Umami?
Two commands:
cd /opt/umami && docker compose pull && docker compose up -dThis pulls the latest Umami image and recreates the container. Your database volume persists through updates. Downtime is typically under 10 seconds.
Should I use Caddy or Nginx as my reverse proxy?
The installer gives you both options. Caddy is the better choice for most users—it handles SSL certificate provisioning and renewal completely automatically with zero configuration. Nginx is available for users who already have Nginx infrastructure or want more granular control over caching, headers, and rate limiting.
How do I keep my analytics admin panel secure?
Beyond changing the default password: disable SSH password authentication, use key-based auth, keep your firewall limited to ports 80 and 443, and route your admin connections through NordVPN so your real IP never appears in server access logs. Check our VPN tier list for the top-ranked options for server administration.
Can I migrate from Google Analytics to Umami?
You can’t directly import historical GA data into Umami (different data models), but you can run both simultaneously during a transition period. Add the Umami tracking script alongside your GA snippet, let both collect data for 30–60 days, then remove GA once you’re confident in the Umami data. Most users find the accuracy improvement from avoiding ad blockers more than compensates for losing historical GA data.
The Bottom Line
Google Analytics was a reasonable default when it launched in 2005. Two decades later, it’s a privacy liability, a performance drag, and increasingly inaccurate as browsers and ad blockers fight back. Self-hosted Umami gives you everything you actually need—real-time traffic data, referrer tracking, demographics, custom events, and campaign measurement—without the cookies, consent banners, legal risk, or data sampling.
The SelfHostedAnalytics installer makes deployment trivial: one command, four prompts, and you’re running a production-ready analytics stack with automatic SSL. Pair it with a ScalaHosting Self-Managed VPS for guaranteed resources and NVMe storage, and you’ll have a faster, more accurate, and legally compliant analytics setup for a fraction of what managed alternatives charge.
Your traffic data belongs to you. Stop giving it away.
Resources: