sorted by: recent | see : popular

Content Tagged with configure + Apache

AWStats is a free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically. This log analyzer works as a CGI or from command line and shows you all possible information your log contains, in few graphical web pages. It uses a partial information file to be able to process large log files, often and quickly. It can analyze log files from all major server tools like Apache log files (NCSA combined/XLF/ELF log format or common/CLF log format), WebStar, IIS (W3C log format) and a lot of other web, proxy, wap, streaming servers, mail servers and some ftp servers.

Install awstats in Debian

#apt-get install awstats

This will complete the installation

Configuring Awstats

Now you need to Run the awstats configure script located at cd /usr/share/doc/awstats/examples/awstats_configure.pl to setup awstats for the domain you want to monitor. You need to repeat the configuration process for each domain you want to monitor.

perl /usr/share/doc/awstats/examples/awstats_configure.pl

when this script starts it will prompt for some configuration questions first one is setup from non standard directory type yes and press enter

Webserver install location type /etc/apache2/httpd.conf and press enter

Need to create new config file type y and press enter

Define config file path as default one and and press enter

This will complete the configuration script setup

Now you need to set up an alias for awstats-icons in httpd.conf. Inserted it in the Aliases section. The awstats_configure.pl script adds it in the end of httpd.conf you need to comment or remove it.

Your entry for /awstats-icon/ in the Aliases section should look like:

Alias /awstats-icon/ /usr/share/awstats/icon/
<Directory /usr/share/awstats/icon>
Options None
AllowOverride None
Order allow,deny
Allow from all
</Directory>

Now you can restart apache using the following command

#/etc/init.d/apache2 reload

Now you need to configure for domain configuration file located at /etc/awstats/awstats.full-domain-name.conf and change the following parameters save and exit the file

1)LogFile=”/var/log/apache/access.log”

to

LogFile=”/var/log/apache2/access.log”

2)LogFormat=4

to

LogFormat=1

3)SiteDomain=” ”

to

SiteDomain=”your domain name”

Generate stats the first time by using the following command

#/usr/lib/cgi-bin/awstats.pl -config=awstats.full-domain-name.conf
Update for config “/etc/awstats/awstats.full-domain-name.conf”
With data in log file “/var/log/apache2/access.log”…
Phase 1 : First bypass old records, searching new record…
Searching new records from beginning of log file…
Phase 2 : Now process new records (Flush history on disk after 20000 hosts)…
Jumped lines in file: 0
Parsed lines in file: 1585
Found 0 dropped records,
Found 0 corrupted records,
Found 0 old records,
Found 1585 new qualified records.

You can now check the stats in your browser by point it to http://serverip/cgi-bin/awstats.pl?config=full-domain-name.You should see similar to the following screen

Cron Job Setup

If you want to get your website stats update every 5min you can use the following command

*/5 * * * * www-data [ -x /usr/lib/cgi-bin/awstats.pl -a -f /etc/awstats/awstats.conf -a -r /var/log/apache2/access.log ] && /usr/lib/cgi-bin/awstats.pl -config=full-domain-name -update >/dev/null

Possible error and Solution

When run awstats config script at the end you might see similar to the following error

Error

—–> Create config file ‘/etc/awstats/awstats.Test.conf’
Error: Failed to open ‘/usr/share/doc/awstats/examples/wwwroot/cgi-bin/awstats.model.conf’ for read.

Solution

make sure you unzipped the awstats.model.conf file:

gunzip /usr/share/doc/awstats/examples/awstats.model.conf.gz

Then, edit

/usr/share/doc/awstats/examples/awstats_configure.pl

where you will find some important parameters near head of file, which are meant to be edited by package maintainers. Unfortunately this seems not to have happened for Debian.

Note:- You also may have to modify these paths in the generated apache2.conf manually afterwards.

If you want to install apache2 with SSL support check here once you have everything ready you need to configure your SSL for good security.

SSL is the most known and the most popular, it is not the only protocol that has been used for the purpose of securing web transactions. It is important to know that since invention of SSL v1.0 (which has never been released, by the way) there have been at least five protocols that have played a more-or-less important role in securing access to World Wide Web, as we see below:

SSL v2.0

Released by Netscape Communications in 1994. The main goal of this protocol was to provide security for transactions over the World Wide Web. Unfortunately, very quickly a number of security weaknesses were found in this initial version of the SSL protocol, thus making it less reliable for commercial use:

weak MAC construction

possibility of forcing parties to use weaker encryption

no protection for handshakes

possibility of an attacker performing truncation attacks

SSL v3.0

Released in 1996 by Netscape Communications. SSL v3.0 solved most of the SSL v2.0 problems, and incorporated many of the features of PCT. Pretty quickly become the most popular protocol for securing communication over WWW.

TLS v1.0 (also known as SSL v3.1)

Published by IETF in 1999 (RFC 2246). This protocol is based on SSL v3.0 and PCT and harmonizes both Netscape’s and Microsoft’s approaches. It is important to note that although TLS is based on SSL, it is not a 100% backward compatible with its predecessor. IETF did some security improvements, such as using HMAC instead of MAC, using a different calculation of the master secret and key material, adding additional alert codes, no support for Fortezza cipher suites, and so on. The end result of these improvements is that these protocols don’t fully interoperate. Fortunately enough, TLS has also got a mode to fall back to SSL v3.0.

Configuring SSLv3 and TLSv1 in Apache Hosts

If you want to enable SSL Version 3 and TLS v1.0 for more security you need to add the following lines under SSL section in your apache hosts configuration file

SSLProtocol -all +SSLv3 +TLSv1
SSLCipherSuite SSLv3:+HIGH:+MEDIUM

Once you add these line you need to restart your apache webserver with the following command

#/etc/init.d/apache2 restart

Testing your SSL Version

If you want to test your ssl version details of perticular host use the following command

#openssl s_client -connect localhost:443

You need to replace localhost to your website hostname

Output looks like below

New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
SSL-Session:
Protocol : SSLv3
Cipher : DHE-RSA-AES256-SHA
Session-ID: 62EA68A5750511917CC42A1B134A8F218C27C9C0241C35C53977A2A8BBB9986A
Session-ID-ctx:
Master-Key: 303B60D625B020280F5F346AB00F8A61A7C4BEA707DFA0ED8D2F52371F8C4F087FB6EFFC02CE3B48F912D2C8929DB5BE
Key-Arg : None
Start Time: 1101164382
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
—