If you want to see loads of stats for your web site try installing awstats.
Installing the software and some packages necessary for the geo and net IP location stats.
sudo apt-get install awstats libgeo-ipfree-perl libnet-ip-perl
This post assumes your domain is example.com.
sudo cp /etc/awstats/awstats.conf /etc/awstats/awstats.example.com.conf
These are the options I changed, read through the file looking at the comments.
LogFile="/var/log/apache2/access.log" LogFormat=1 SiteDomain="example.com" HostAliases="localhost 127.0.0.1 example.com" DirCgi="/awstats" LoadPlugin="tooltips" LoadPlugin="graphgooglechartapi" LoadPlugin="geoipfree" SkipDNSLookupFor="REGEX[^192\.168\.]" AllowFullYearView=3
Manually Run The Update
Once you have made the changes above and saved the file run your first update, to gather stats.
sudo /usr/lib/cgi-bin/awstats.pl -config=example.com -update
The output should look similar to the following
Create/Update database for config "/etc/awstats/awstats.example.com.conf" by AWStats version 7.2 (build 1.992) From data in log file "/var/log/apache2/access.log"... Phase 1 : First bypass old records, searching new record... Searching new records from beginning of log file... Phase 2 : Now process new records (Flush history on disk after 20000 hosts)... Jumped lines in file: 0 Parsed lines in file: 135678 Found 0 dropped records, Found 4 corrupted records, Found 0 old records, Found 135674 new qualified records.
Automatic Stat Updates
To maintain the stats on a regular basis you will need a cron job to run the awstats update script. Change the user who will be running the script from www-data to root. There area bunch of permission errors when run as www-data.
sudo nano /etc/cron.d/awstats
The cron job below will run every 10 minutes, adjust the time to your needs.
*/10 * * * * root /usr/lib/cgi-bin/awstats.pl -update > /dev/null
To access awstats from a browser, this assumes you are using Apache2. update the default virtual host with the following, to tell Apache where to find the awstats start script.
sudo nano /etc/apache2/sites-available/000-default.conf
Add the following line to the end of the file before the closing </VirtualHost> tag.
Note: All the posts I’ve seen fail to use the ‘+’ in front of the ExecCGI option which will break your Apache config and it will not restart.
Alias /awstatsclasses "/usr/share/awstats/lib/" Alias /awstats-icon/ "/usr/share/awstats/icon/" Alias /awstatscss "/usr/share/doc/awstats/examples/css" ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ ScriptAlias /awstats/ /usr/lib/cgi-bin/ Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Restart your Apache server.
sudo service apache2 restart
You should now be able to browse to https://example.com/awstats/ and get the main awstats page.
Stop Unauthorised Users
As the above setup stands anyone, that is the world and his dog can now see your web serrver stats. Probably not a good idea or something you want. We can let Awstats protect itself with the rather well named parameter AllowAccessFromWebToFollowingIPAddresses or as it is also simple to restrict access by forcing the user to enter a password or simple only allow IP addresses on your local LAN not from external IPs.
To allow awstats to protect itself edit the config file and add a list of IP addresses or ranges see the comment above the option of the syntax.
sudo nano /etc/awstats/awstats.example.com.conf
Access via a User Name and Password
To only allow access for users configured in the auth_users file we can use the following addition at the end of /etc/apache2/sites-available/000-default.conf. To create a new user file and add the username “richard” to the file /etc/apache2/auth_users. To append other users do not use the -c flag.
htpasswd -c /etc/apache2/auth_users richard
<Directory /usr/lib/cgi-bin/> AuthName "Enter Your User Name and Password" AuthType Basic AuthUserFile /etc/apache2/auth_users Require valid-user </Directory>
sudo service apache2 restart
Access Blocked via IP Address
To only allow access from your local LAN in this case 192.168.0.0/16, we can use the following addition at the end of /etc/apache2/sites-available/000-default.conf
<Directory /usr/lib/cgi-bin/> Order Deny,Allow Deny from all # this ALLOWS the range 192.168.0.0 - 192.168.0.255 Allow from 192.168.0.0/16 </Directory>
sudo service apache2 restart
Logging Data From Old logs
If you want to log the data in old log files rotated out of the way you can do that using a command line similar to the below. This may take some time depending on the number and size of your log files and the files need to be run in chronological order. If you ran the manual update above you will need to delete the database. Anyway, it was worth while as that is generally very quick and you can see some data being displayed. Also, it is worth moving the cron file for awstats to stop that from running.
The database files are where ever you pointed the option DirData to, it defaults to /var/lib/awstats. The second command mv the awstats cron job out of the way.
sudo rm /var/lib/awstats/* sudo mv /etc/cron.d/awstats /root
Now we can run the log import or update from the command line. My Apache logs are compressed and called access.log, access.log.1 or access.log.n.gz. Giving the following command line to import them all. Depending on the size and number of files this may put a heavy load on the server, so i also run the command through nice.
Note: the command should all be on one line.
sudo nice /usr/lib/cgi-bin/awstats.pl -update -config="example.com" -LogFile="/usr/share/awstats/tools/logresolvemerge.pl /var/log/apache2/access.log* |"
Remember to put the cron file back again.
sudo mv /root/awstats /etc/cron.d