CHANGELOG

Ditching Google Analytics, Expanding Infrastructure, and Blocking Fake Signups

This spring we've been focused on privacy, security, and infrastructure improvements. We've removed nearly all 3rd party trackers, including Google Analytics, and expanded our infrastructure to more redundant datacenters.


Justin Britten

· 3 min read
Ditching Google Analytics, Expanding Infrastructure, and Blocking Fake Signups

Personally, the Big Brother-esq data collection practices by tech companies such as Google have always made me uncomfortable. I surf the web with Brave, a privacy-focused alternative to Chrome. I search the web with DuckDuckGo, a privacy-focused alternative to Google Search. I wanted to bring these same privacy-minded practices to my business, Prefinery.

Replaced Google Analytics with Fathom, Privacy-focused Analytics

We have chosen Fathom, a simple, privacy-focused alternative to Google Analytics. Fathom collects zero personal or personally identifiable information from you. Plus, we get actionable data, such as page views and referrers, on a single page.

Fathom Analytics (screenshot)
Fathom, privacy-focused analytics

In addition to ditching Google Analytics, we've also removed all remarketing advertising trackers, including Facebook Pixel and Perfect Audience. We no longer use third-party analytics and advertising cookies when you visit Prefinery. In fact, we've removed all third-party cookies from our homepage and removed that annoying cookie consent notice. We've updated our cookie policy to reflect these changes.

Presently, the only third-party cookies we use in-app (when you're signed into your Prefinery account) are Mixpanel and Stripe's mandatory fraud protection cookies. Completely anonymized data (no personal information) is sent to Mixpanel, where we analyze funnels such as where customers got stuck in the project creation wizard, or how many were able to successfully validate their email domain, etc. As we are one of the few companies which actually respect your browser's Do Not Track (DNT) setting, you can opt out of sending analytics data to Mixpanel by enabling DNT in your browser.

Scaled Infrastructure to 3 AZs & Moved to Serverless Aurora Database

Prefinery has always had a Highly Available (HA) architecture spread across 2 AWS Availability Zones (AZs), which are physically isolated datacenters. If one datacenter has a power outage or is affected by a lightning strike, tornado or earthquake, our services keeps operating without downtime. For even greater redundancy, we've now spread our entire infrastructure across 3 AZs.

This June, we moved from a provisioned Aurora database cluster with readers spread across 2 AZs to Serverless Aurora, spread across 3 AZs. Our new Serverless database automatically scales capacity up or down based on load. This will help us better handle huge spikes of traffic when your launches go viral. Some of you manage to attract 50,000 signups in a few hours and that had put a strain on our database in the past. With Aurora Serverless, Prefinery can now handle huge spikes of traffic in real-time with immediate scaling up of the database.

As part of this seamless move, we migrated 360GB of data with 0 seconds of downtime. In fact, Prefinery has never had a planned maintenance outage in our 12 year history. We work extra hard to ensure 99.999% (yes, five nines) uptime. That means less than 26 seconds of downtime a month.

Blocking Fake Accounts

For months now, we've been suffering from dozens of fake accounts created daily. These fake accounts created by bots and spammers often use a real person's email address. When this person receives our welcome email, they often mark the email as spam (as they never knowingly signed up for Prefinery). This increased spam rate affects our general email deliverability. Additionally, these fake accounts skew our metrics, such as signup conversion rate, subscription rate, and more.

Our solution was three-fold, as described below. Upon release, the number of daily fake accounts has dropped to zero!

Invisible reCAPTCHA

Our signup page now uses an invisible reCAPTCHA which gives the visitor a score representing how likely they are a bot. If less than a certain threshold, we display a visible reCAPTCHA requiring the visitor to complete a challenge. Our data shows that very few real people are ever required to complete a challenge and that the invisible reCAPTCHA does a great job at detecting bots.

Blocking 88,863 Temporary Email Domains

We maintain a blocklist of over 88k email domains, which represent temporary email providers or domains known to send spam.

Blocking 17,321 Bad IP Addresses

We maintain a blocklist of over 17k IP addresses, from which attacks, spyware, and viruses have originated in the past 30 days. We update this blocklist nightly by downloading the latest ipset from FireHOL.