Jan
16
Configuring AWStats on Ubuntu Server
Filed Under Server
Last nite I sat down and configured AWStats on my Ubuntu 7.10 server. I had previously been using statcounter, a free stat service, but I had noticed that it was one of the causes of slowdown on my page loads. Having to access an external site and javascript wasn’t helping. I also run the server so I have full access to the server logs, why not just use those directly.
So far I am really happy with AWStats. It appears to be running properly and pulling in a lot more data than statcounter ever did. It actually is showing me that I had much more traffic than I thought. I had mentioned 5,000 the other day, which I have long since surpassed based on AWStats output.
I’d like to share the steps I took for installing and configuring AWStats on my Ubuntu Server.
Installation
Ubuntu has the AWStats package available in the repositories, which we can install with:
sudo aptitude install awstats
This will install the basic files, but there is still a bit of configuring to do, so we’ll dive into that next.
Auto Configuration
From the tutorials that I found elsewhere in my searching there is a awstats_configure.pl file that will try to configure it for you. I did not use this personally, but if you’d like to try it you can run:
sudo perl /usr/share/doc/awstats/examples/awstats_configure.pl
The rest of this tutorial will discuss manual configuration, but if anyone can offer feedback concerning the configure script I’m sure many would be interested.
Manual Configuration
I configured my system manually, which I will outline below. The only requirements here are that you have access to the apache2 logs, or that you have custom log locations for each of your virtual domains (if used). For more information on custom log locations for virtual domains see my previous post, Configuring Virtual Hosting on Ubuntu with Apache2.
The first step is creating an awstats.conf file for your domain. This can be done by moving or copying the /etc/awstats.conf, and giving it a more unique name:
sudo cp /etc/awstats/awstats.conf /etc/awstats/awstats.domain.tld.conf
I created a unique file, using the syntax awstats + domain.tld + conf for each of the domains hosted on my server. Each of these also has their own unique log file as well.
We’ll then edit our new /etc/awstats with custom values for that domain. The main points you’ll want to look for within this file:
- LogFile=”/path/to/your/domain/access.log”
- LogFormat=1 (this will give you more detailed stats)
- SiteDomain=”domain.tld”
- HostAliases=”www.domain.tld localhost 127.0.0.1″
Once you’ve made these changes you’ll want to build your initial statistics, which will be generated from the current logs on your machine. We can do this using:
sudo /usr/lib/cgi-bin/awstats.pl -config=domain.tld -update
What this will do is scan the /etc/awstats folder for anything of the pattern awstats + domain.tld + conf, reading that config to generate its output. You should see some output here, and depending on the size of your logs it’ll take anywhere from a few seconds to a few minutes or hours. Each time it is run after that will be minimal, as it only updates the information, but the initial generation can take some time.
Configure Apache to Display AWStats
At this point our statistics should be generated (if not, go back and double check you haven’t missed anything!), but we need a way to see them. We’ll need to configure Apache2 to show us these stats. The way I did this was by using an Include in my apache2.conf, instead of cluttering up the default config file. This is generally my preferred method.
Apache2.conf already has a line near the botton Include /etc/apache2/conf.d/, which will read anything in there as additional data. What I did was create a new file in the /etc/apache2/conf.d/ directory called awstats, and filled it with the following content:
Alias /awstatsclasses "/usr/share/awstats/lib/"
Alias /awstats-icon/ "/usr/share/awstats/icon/"
Alias /awstatscss "/usr/share/doc/awstats/examples/css"
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
ScriptAlias /awstats/ /usr/lib/cgi-bin/
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
This is basically creating some access aliases, and defining the cgi-bin paths, etc. Once this is saved you should be able to restart Apache2 and we’ll should be able to access our stats. Restart Apache2 using:
sudo /etc/init.d/apache2 restart
You should now be able to access your statistics using:
http://domain.tld/awstats/awstats.pl
Assuming you didn’t get any errors during your stats generation, and Apache2 didn’t complain when you restarted the service, you should see statistics at this point.
Continually Updating Your Stats
The last thing you’ll probably want to do is update your statistics via cron. This will allow you to have your site statistics updated on a regular basis, not requiring intervention on your part. What I have done is added a line to my /etc/crontab file telling AWStats to update every ten minutes. I have seen minimal system load even when updating a dozen sites on that interval. To update every ten minutes we’ll add the following line:
*/10 * * * * root /usr/lib/cgi-bin/awstats.pl -config=domain.tld -update >/dev/null
Repeat this line, updating the domain.tld value for any site you want continually updated.
Securing Statistics
If you’d like to make your statistics private you might be interested in one of my previous posts, Limiting Access To Websites & Directories with .htaccess.
If this site has been useful, please consider participating in the Fundraiser.
Other Points of Interest
Comments
9 Responses to “Configuring AWStats on Ubuntu Server”
Leave a Comment
-
Blogroll
Subscribe to the RSS feed!
Ubuntu Tutorials Fundraiser
Please Donate to
Server Improvement
Target amount: USD1,000.00
Total Donations: USD328.00
Amount Needed: USD672.00
Thank you for your support!
About securing AWstats. I’m able to secure AW with htaccess but every site has the same username and password because I can only secure the file awstats.pl.
my htaccess:
AuthName “Login Required”
AuthType Basic
AuthUserFile
require valid-user
Do you have a better solution, so every website has it’s own user/pass?
Keeeping awstats or any other oss web apps on their default /awstats location is lame and stupid. Automatically you becoming a victim of scriptkiddies.
Changing address to /statz or /aws or /awz or any other helps a lot. Keep it as a rule. Never use a default locations for any dirty shit like this coz u never know when new hole will be found.
Nice, clean tutorial.
You might include using it in conjunction with logrotate.
@avb: You’re absolutely right about changing the default the folder. Going through my own stats today made me realise how many default path attacks people have tried on my site.
Awstats can handle Include statements. I use my heavy count of awstats statistics with a so called awstats.model.conf where i leave out everything whats unique for a site, but declare every common setting.
The unique thins come into the awstats.www.domain.tld.conf like these things:
LogFile=
DirData=
HostAliases=
SiteDomain=
AllowAccessFromWebToFollowingAuthenticatedUsers=
Include “thepathto/awstats.headless.conf”
And some Extrasection conditions after the include
One solution to secure each site individually is to generate static HTML reports in separate folders.
When I restart apache I get the following warnings:
[warn] The Alias directive in /etc/apache2/awstats.conf at line 1 will probably never match because it overlaps an earlier Alias.
[warn] The Alias directive in /etc/apache2/awstats.conf at line 2 will probably never match because it overlaps an earlier Alias.
[warn] The Alias directive in /etc/apache2/awstats.conf at line 3 will probably never match because it overlaps an earlier Alias.
[warn] The ScriptAlias directive in /etc/apache2/awstats.conf at line 4 will probably never match because it overlaps an earlier ScriptAlias.
[warn] The ScriptAlias directive in /etc/apache2/awstats.conf at line 5 will probably never match because it overlaps an earlier ScriptAlias.
Any ideas what’s happening?
I also get the same issue!
Although this thread has not been active for a while, I will post this in hope that someone will read it and help.
I have followed this guide in setting up awstats on an Ubuntu 8.04-server machine and have only differed my setup in the following ways(for the sake of security): please let me know which one is giving me errors (error below)
-changes in awstats.domain.tld.conf:
Line: 327 AllowAccessFromWebToAuthenticatedUsersOnly=1
Line: 338 AllowAccessFromWebToFollowingAuthenticatedUsers=”myuser”
Line: 448 DefaultFile=”index.php”
-Also wanted to use .htaccess for security but wasn’t sure where to create the .htaccess file, so I created it in /etc/awstats assuming the webserver will be reading that directory when generating the awstats.pl page
-created my .htpasswd file in a location outside the webroot, but chowned the file www-data:\
-changed ScriptAlias /awstats to ScriptAlias /something_else assuming this would have the following effect http://domain.tld/something_else/awstats.pl would work instead of the defaults awstats/awstats.pl
So the error I am getting via my browser is “Error: Access to statistics is only allowed from an authenticated session to authenticated users.”
Setup (’/etc/awstats/awstats.domain.tld.conf’ file, web server or permissions) may be wrong.
so where did I mess things up? or is everything I did done wrong?
Thanks for the tutorial. I used google analytics as well and i noticed that i wasn’t getting all the analytics data like awstats gives you.
Thanks for the Tutorial.
Does anyone know of any awstats howto guides?