L'Altro Wiki/ informatica/ soft/ awstats-debian

 

Awstats on Debian (squeeze) running Apache

About

AWStats is a free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically. This log analyzer works as a CGI or from command line and shows you all possible information your log contains, in few graphical web pages.

homepage

doc

Debian How-to

# apt-get install awstats

In this case I think it may be useful to install even the suggested packages.... but that's up to you.

Now let's edit the default configuration file:

# nano /etc/default/awstats

If you've read the Debian readme (as you should), located at "/usr/share/doc/awstats/README.Debian.gz" you will know how to behave regarding those options, more specifically about the static stats pages generation.

Now we have to configure the webserver (apache here) in order to serve the stats properly.

# cp /usr/share/doc/awstats/examples/apache.conf /etc/apache2/conf.d/awstats.conf

The default configuration should be good for the most cases. Restart apache2 for the configuration to take effect:

# /etc/init.d/apache2 restart

At this point we have to configure awstats in order to make it update our access log records correctly; copy the /etc/awstats/awstats.conf to some new conf:

# cp /etc/awstats/awstats.conf /etc/awstats/awstats.your.domain.tld.conf

The name of this new configuration file is totally up to you: just leave the "awstats." prefix and the ".conf" suffix - usually you want to name it as the FQDN of your website, like the above example shows.

Now edit it, following your preferences - just a sidenote: be sure to set the "LogFormat=1" because the Default "LogFormat=4" does not show some informations on your stats, like Browsers, OS, keywords and such.. Moreover, if you'd like awstats doing Reverse DNS for IPv6 addresses too, make sure to uncomment the LoadPlugin="ipv6" directive in in this very same configuration file.

Now we have to consider the case where you have a webserver which has been running for "some" time yet or the case in which yours is a fresh install:

  • Case 1: you have a bunch of gizipped logs, like access.log.##.gz (where "##" is a number): we need to parse those first.
  • Case 2: fresh-install - skip the next paragraph entirely.

Importing old data

Awstats package includes a useful script, named logresolvemerge.pl, which can be used to parse all of your gizipped logs at once: if you want to look directly to the doc, it can be found here. Otherwise, here is how I've done:

Copy all of your gzipped access.logs to a tempdir and issue the following command inside that directory:

$ perl /usr/share/awstats/tools/logresolvemerge.pl *.gz > biglog.log

Finally let's import those records into awstats:

# perl /usr/lib/cgi-bin/awstats.pl -config=your.domain.tld -LogFile=/path/to/biglog.log -update

Wait some time, go have a coffee :-)

$ rm /path/to/biglog.log

If you don't need to import old data, just run the following command:

# perl /usr/lib/cgi-bin/awstats.pl -config=your.domain.tld -update

And that's all: You can now check the stats in your browser at http://your.domain.tld/cgi-bin/awstats.pl?config=your.domain.tld

  • If you have not yet read the "README.Debian.gz", please do it now: there are some other steps to complete your awstats' installation and be sure it will work fine.

    $ zless /usr/share/doc/awstats/README.Debian.gz

Securing

I spent quite some time trying to get an authenticated access to the stats and i came to this solution..

Even if the official documentation talks about using the .htaccess file to achieve this goal, i've not been able to make it work; furthermore the apache doc is more prone to the use of "Directory section" rather than .htaccess.

So, the first step is about to enable the "AllowAccessFromWebToAuthenticatedUsersOnly" options in your awstats config (set it to 1) Second step is to add a "Files" section under your apache's virtualhost, in this case it will be "/etc/apache2/sites-enabled/000-default".

Edit it and modify the Directory "/usr/lib/cgi-bin" section adding these lines:

<Files awstats.pl>
AuthName "PRIVATE AREA"
AuthUserFile /path/to/your/authfile
AuthGroupFile /dev/null
AuthType Basic
Require valid-user
</Files>

Now it's time to restart apache and create the authfile (which should not be placed under the webserver root).

# htpasswd -c /etc/awstats/authfile fred
New password: mypassword
Re-type new password: mypassword
Adding password for user fred

If you want to add more users to the authfile just run the same command removing the "-c" parameter and change username, obviously. Next time you'll access the awstats page you'll be prompted for an username and password.