Comment by gregable

Agreed, the first-party cookie is pretty self-evidently not a web-wide tracker.

There are lots of config options. Here's what I like to use:

  // Google Analytics Code.
  (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
  (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
  m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
  })(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
  window.ga=window.ga||function(){(ga.q=ga.q||[]).push(arguments)};

  // https://developers.google.com/analytics/devguides/collection/analyticsjs/field-reference
  ga('create', 'UA-XXX-XX', 'auto', {
      // The default cookie expiration is 2 years. We don't want our cookies
      // around that long. We only want just long enough to see analytics on
      // repeat visits. Instead, limit to 31 days. Field is in seconds:
      // 31 * 24 * 60 * 60 = 2678400
      'cookieExpires': 2678400,
      // We don't need a cookie to track campaign information, so remove that.
      'storeGac': false,
      // Anonymize the ip address of the user.
      'anonymizeIp': true,
      // Always send all data over SSL. Unnecessary, since the site only loads on
      // SSL, but defense in depth.
      'forceSSL': true});
  // Now, record 1 pageview event.
  ga('send', 'pageview');