After updating the app to use Spring Security 5 (for OAuth2) we had this to happen:
- hit rates doubled
- half of the hits are reported as bounces
Could it be that Matomo tracker manages to log an unauthenticated user session? And when they authenticate and come in with a new session they are reported again?