How to access raw log files

An important part of the cPanel control panel is the Metrics Section which contains several tools to review the activity on your website and hosting account.

The first tool available under the Metrics section is the Visitors icon. This feature displays up to 1000 of the most recent entries in the web server log for any of your configured domains. To review the logs simply click on the icon next to your domain name. This will display the latest lines of your access logs which include the IP address of your website visitor, the exact URL, the request date, request size, referring URL and the visitor's user agent.

 

Further reading:

CPanel Security

CPanel Login Tutorial

CPanel Account Information Tutorial

Backup mysql database tutorial

I have a full backup of account through cPanel. How do I restore it?

Cannot See My Website Online After Upload, Why?

Character encoding in cPanel file manager

Custom error page is not working

Default Home Directory Folders

Getting Familiar With the cPanel User Environment

 

Another useful icon in the cPanel Metrics section is the Raw Access Logs icon. Raw Access allow you to see who has visited your website without displaying graphs, charts or other graphics. You can use the Raw Access menu to download a zipped version of the server's access log for your site. This can be very useful when you want to quickly be able to see who is visiting your site.

To download the Raw Access log of your domain name simply click on the domain name from the Download section.

If you are debugging your application or script and need access to your error log, the cPanel Error Log icon can be a good start.

It will display the last 300 lines of your site's error log with the exact date and error type as well as the IP address of the visitor that generated the error.

 

Related Topics for Further reading:

How To Create, Edit, and Delete a File in CPanel Using File Manager

I have a full backup of account through cPanel. How do I restore it?

Backup mysql database tutorial

Beginner Guide to cPanel Control Panel

CPanel Account Information Tutorial

 

Removing Awstats Logs

 

We now show you how to remove access logs from cPanel's Awstats tool. While you can remove only the IP address list of your visitors, it is also possible to completely erase all of the statistics for a certain month. However, to make any of these actions, you will first have to find the Awstats file containing all of the data.

As with most tutorials, you will start by logging in the cPanel of your hosting account. Once there, click on the File Manager icon which should be one of the first icons you see in cPanel.

As an example, if we now check the Hosts section in Awstats for a domain for the month of May, we will see a list of visitor IP addresses like the one below.

To access the file containing that information, navigate from your File Manager to the /tmp/awstats folder with a path home/yourusername/tmp/awstats. Here you will have to look for the appropriate file, especially if you have multiple domains and subdomains. In our case, the file's name is awstats052018.test.com.txt. As you can see the month and year are part of the name of the file, for an easy search.

In the file editor, you can use Ctr+F to search for "BEGIN_VISITOR". This is the start of the IP address list, and there will be all of the IP addresses that have accessed that domain.

To remove them all, select all of the IP addresses from "BEGIN_VISITOR" until you get to "END_VISITOR". Don't forget to click on the Save Changes button to save the file.

Now if you go again in your Awstats and click on the same domain, you will see an empty Hosts section.

If you wish to remove all of the statistics for that month and that domain, delete the entire text file. Please note, that removing the file without creating a backup of it will result in that statistic information being lost. In our case, if we remove awstats052018.test.com.txt, we will then see the following in Awstats.

With this, you can remove sensitive information and entire months of logs from Awstats.

 

Also read:

How Do I Create and Delete a Parked Domain

How do I create and remove an Addon Domain?

How to Backup My Website in cPanel

How to Create a MySQL Database, a User and Delete Database in Cpanel

 

Understanding the Different Raw Access Logs

 

1. Archived Raw Logs

Currently there are no archived log files. Do not worry about this message. This simply means that cPanel has not archived (backed up) any of your raw access logs.

You can enable this at the top. Go to Configure Logs: and check the box next to "Archive Logs in your home directory at the end of each stats run[ [every 24 hour(s)~]] ."

 

Location of Common Log Files

 

cPanel has a way of keeping files on servers and making the easily accessible. That had been one of the lovely features of the cPanel file system. This system is not distorted by new updates and versions of the software. This consistency makes file system access and understanding quite an easy task for every user.

2. Apache Logs

Apache is the web server that is typically utilized by cPanel. On cPanel servers Apache does write to a rather high number of logs as each site has its own traffic log.

/usr/local/apache/logs/access_log

The access_log is used to log all http requests to ether the hostname of the server, requests directed at the servers IPs, or sites that resolve to the server but are no longer hosted on it.

/usr/local/apache/logs/error_log

On cPanel servers all Apache errors, regardless of site, are logged in the error_log.

/usr/local/apache/domlogs

Within the domlogs folder each site on the server will have its own log file. These files will be the fully qualified domain name for the domain, ie domain1.com, domain2.com. All http traffic to a site will be logged in this log file.


3. Exim Logs

Exim is the MTA(Mail Transfer Agent) that cPanel uses. Exim has three primary logs, but only two of these logs contain useful information

/var/log/exim_mainlog

The exim_mainlog contains ALL interactions that exim handles, so both incoming and outgoing mail transactions.

/var/log/exim_rejectlog

The exim_rejectlog contains all connection attempts that were denied. This information is also logged in the exim_mainlog.

cPanel

Cpanel does log all http traffic to WHM, webmail, and cPanel access. All cPanel logs are located in the /usr/local/cpanel/logs directory.

/usr/local/cpanel/logs/access_log

This access_log contains all traffic to WHM, cPanel, and webmail over http.

/usr/local/cpanel/logs/error_log

This error_log contains all errors that occur when accessing a cPanel related site over http or https.
FTP

Regardless of FTP deamon in use, cPanel does log connections, uploads, and downloads. However, FTP does not have its own log file it is instead threaded into the systemside messages log file.

/var/log/messages

All FTP transactions are recorded in messages. They are however interwoven with all other system messages that are logged in this file.

SSH

SSH (otherwise called Secure Shell) is a secure way of logging into a server remotely from another computer. On almost all servers the SSH service will be logging into the secure & systemside messages log files.

/var/log/secure
/var/log/messages

All authentication related SSH transactions are recorded in secure & commands issued over an SSH connection will be logged in messages


4. Reading Apache Error Logs

How to read Apache Error Logs. When you check the error logs, you can see many things.

Some things you can ignore:

File does not exist: home/somtin/public_html/robots.txt
File does not exist: home/somwon/public_html/favicon.ico
File does not exist: home/somwer/public_html/500.shtml

Web browsers, search engines and robots sometimes look for these files, but these files are optional and nothing bad happens when they cannot find them.

robots.txt is optional and is used to tell search engines and robots whether you want them to visit or not. If the file does not exist, it is the same as saying everyone is welcome.
favicon.ico is an optional 16x16 or 32x32 pixel icon file and if it exists, most modern web browsers will display the icon when mentioning your web page (such as in a tab or in a favorites menu).
500.shtml and similar files are used for custom error messages.

Some things you can fix:

File does not exist: /home/yousir/public_html/gallery/pic.jpg

The file is either in the wrong place or needs to be republished. Be sure that all of your files and folders are uploaded inside the public_html.

(13)Permission denied: file permissions deny server access: /home/sumuser/public_html/index.html

This is the most common 403 error. We can help you fix this.

error: file is writable by others: (/home/sumwon/public_html/index.php)

This is the most common 500 error. We can help you fix this.

error: file has no execute permission: (/home/inono/public_html/cgi-bin/img2txt.cgi)

This can be fixed by adding executable permissions [755] to the file.

perhaps mis-spelled or defined by a module not included in the server configuration

This means there is something bad in the .htaccess file. Perhaps there is a php_flag line needs to be deleted.

Premature end of script headers: /home/gyms/public_html/cgi-bin/index.pl

Possibly this is a perl script and needs to say #!/usr/bin/perl -w on the first line.

5. How to access latest visitors page in cpanel

The cPanel control panel really makes things easy. By default, most web hosting service comes with cPanel control panel. One of the features of cPanel enables you to track the traffic generated on your website. It is called "Latest Visitors". In this article, we will show you how to access the Latest Visitors page in cPanel.

1) Login to cPanel. This will usually be accessed with a url like yourdomain.com/cpanel To login to this environment, you will be reuired to enter a username and password for authentication.

2) Click the Latest Visitors link from the Logs section of the panel.

3) Click the view button for the domain you wish to see. You will then be able to view the visitors who have being to your site recently.

Other Features of the cPanel Control Panel

cPanel offers great features and we will also like to take a look at some of the other great features of cPanel. One of the reasons why cPanel leads and remain a popular control panel is that it is easy to use. The cPanel is a Linux-based GUI (graphical user interface) and automation tool. It is very popular among website owners, administrators and resellers who use it to control and manage their websites and servers without any etra installation as it compatible with all of the most common web browsers. cPanel, Inc. the product owners are based in Houston, TX. cPanel was first developed as a control panel for Speed Hosting. It now well transformed to serve all hosting environments after the company merged with Webking, another provider.

The popularity of Linux-based hosting has made cPanel a household name in web hosting. One of the ey reasons for this popularity is that it is easy to use and master within a a short time.

6. Accessing FTP Log Files

Log files are generally very useful as they keep track of user access and file modifications. You can access your FTP Log Files in cPanel by following these proceedures.

On Shared and Reseller Accounts:

For Shared and Reseller accounts, users can access their FTP logs via an FTP account created directly by cPanel. By logging into FTP with the username $user_logs (replacing $user with the actual cPanel username) and the cPanel password, users are able to obtain FTP logs from the last time the stat program such as AWStats or Webalizer ran; this will not include the logs from within the last 24 hours.

If you would like the FTP logs from the same day, please submit a ticket to Support to request a copy of the logs Todhost has. Please note that we do not keep the logs for more than a few days, so our logs will be limited.


On VPS and Dedicated Servers:

On a VPS or Dedicated Server, FTP log files are located in the /var/log/messages directory.

cPanel based servers has an advantage in the way that they keep log fies in a location in the same place across all of the various cPanel versions. This consistency makes it easy for one to locate where to find logs files for all services running on a cPanel server.

Apache

On cPanel servers Apache does write to a rather high number of logs as each site has its own traffic log.

/usr/local/apache/logs/access_log

The access_log is used to log all http requests to ether the hostname of the server, requests directed at the servers IPs, or sites that resolve to the server but are no longer hosted on it.

/usr/local/apache/logs/error_log

On cPanel servers all Apache errors, regardless of site, are logged in the error_log.

/usr/local/apache/domlogs

Cpanel does log all http traffic to WHM, webmail, and cPanel access. All cPanel logs are located in the /usr/local/cpanel/logs directory.

/usr/local/cpanel/logs/access_log

This access_log contains all traffic to WHM, cPanel, and webmail over http.

/usr/local/cpanel/logs/error_log

This error_log contains all errors that occur when accessing a cPanel related site over http or https.

FTP

Regardless of FTP deamon in use, cPanel does log connections, uploads, and downloads. However, FTP does not have its own log file it is instead threaded into the systemside messages log file.

/var/log/messages

All FTP transactions are recorded in messages. They are however interwoven with all other system messages that are logged in this file.

SSH

SSH (aka Secure Shell) is a secure way of logging into a server remotely from another computer. On almost all servers the SSH service will be logging into the secure & systemside messages log files.

/var/log/secure
/var/log/messages

All authentication related SSH transactions are recorded in secure & commands issued over an SSH connection will be logged in messages.


How to Access Email Log Files


Shared and Reseller Accounts

For shared and reseller hosting accounts, we do not provide access to email logs for your account. However, we can provide your email logs per domain name by request. There is however no guarantees that the logs will always be available as we do not maintain logs for a long period on our servers. Please contact us via phone or create a ticket to request a copy of the logs we have available at a particular moment.

Note: We do not keep long-term email logs on our servers. Retrieval of logs via call or chat may be limited to those from the past 24 hours. A ticket will be required to search for older log files.

VPS and Dedicated Accounts

The default path to exim logs is /var/log/exim_mainlog. If you log in with SSH, you can easily use the cat or more command to view your logs.


How to Manage Raw Access Logs

Raw Access Logs allow you to see who has accessed your site without the use of graphs, charts or other graphics. To do this, you need to be logged into your cPanel. If you are having trouble doing that, please see the tutorial named "How to Login to cPanel".

On your cPanel main page, scroll down to the section called Logs, and click on the icon named Raw Access Logs.
This takes you to the Raw Access Logs Main page, which is where you tell the system how to manage the raw access log files that are generated daily for your account.

The first check box will tell your system to archive the logs every month, and the second asks to have the previous months logs deleted at the end of each month. If you mark either check box, click on the Save button. This will take you to a confirmation screen. If you check both boxes, now the raw access logs will be archived at the end of every month in the home directory, and the previous months will be deleted. Click on Go Back.

Scroll Down on the page. You will find a list of all available Raw Access Logs that you can download and use in a statistics program for analysis. Click on the log you wish to download, and a pop- up will open. Click OK to download these logs. That downloads the logs, and you can now open them in a statistical program for analysis.


You can now return to the main cPanel page by clicking on HOME in the upper left corner. This ends this tutorial. You now know how to archive, delete and download your raw access logs.

You can now exit cPanel by closing your browser, or by using the Logout button in the upper right corner. Remember, if you are using a public computer, ALWAYS Logout of cPanel before closing due to security reasons.

How to use log programs in cPanel


Let us now look at the log programs available in cPanel for your website, how to enable them, and how to view their information.


cPanel's log programs

Depending upon the type of web hosting service that ou may be running, cPanel offers up to three log programs for viewing site statistics:

Analog
AWStats
Webalizer

Each of these log programs display various statistics for your web site in different ways; which program you use is a matter of personal preference.

Choosing a log program

Before you choose a log program to view site statistics, you will first need to enable log program cPanel.
When a log program is enabled for the first time, it takes up to 48 hours for the server to complete initial log file processing.

Working with the Paper Lantern theme


To enable a log program in the Paper Lantern cPanel theme, follow these steps:

Log in to cPanel.
If you do not know how to log in to your cPanel account, please see this article.
In the METRICS section, click Metrics Editor.
On the Metrics Editor page, select the check box for the log program that you want to use for your web site. (You can select more than one log program if you want.)
Click Save.

x3 theme

The x3 theme has been depreciated on Todhost servers. However, if it is still support on your web server, depending on the version of cPanel web host manager you are running, you will need to follow these steps to enable a log program in the x3 cPanel theme:

Log in to cPanel.
If you do not know how to log in to your cPanel account, please see this article.
In the Logs section of the cPanel home screen, click Choose Log Programs.
Select the check box for the log program that you want to use for your web site.
Click Save.

Analog

The Analog reporting program combines comprehensive coverage of web server statistics for your web site.

To view Analog statistics, follow these steps:

Log in to cPanel.
If you do not know how to log in to your cPanel account, please see this article.
In the METRICS (Paper Lantern) or Logs (x3) section of the cPanel home screen, click Analog Stats.
Click the magnifying glass icon to view statistics for the domain that you want.
Click the month and year that you want to view.

Awstats

The Awstats reporting program combines comprehensive coverage of web server statistics for your web site with attractive reporting pages.

To view Awstats statistics, follow these steps:

Log in to cPanel.
If you do not know how to log in to your cPanel account, please see this article.
In the METRICS (Paper Lantern) or Logs (x3) section of the cPanel home screen, click Awstats.
Click the magnifying glass icon to view statistics for the domain that you want.
Select the month and year that you want to view, and then click OK.

Webalizer

The Webalizer reporting program combines comprehensive coverage of web server statistics for your web site.

To view Webalizer statistics, follow these steps:

Log in to cPanel.
If you do not know how to log in to your cPanel account, please see this article.
In the METRICS (Paper Lantern) or Logs (x3) section of the cPanel home screen, click Webalizer.
Click the magnifying glass icon to view statistics for the domain that you want.

  • 2 Users Found This Useful
Was this answer helpful?

Related Articles

I have a full backup of account through cPanel. How do I restore it?

It is recommended that you maintain healthy backup of your website and possibly download the...

How To Create, Edit, and Delete a File in cPanel Using File Manager

This tutorial will be useful for you to understand how to create a file, edit a file or delete...

How to Create and Manage a MySQL Database

Create MySQL Database and User via cPanel The MySQL Database Wizard is another useful tool...

How do I create and remove an Addon Domain?

An add-on domain is a separate domain name that you add to your web hosting subscription with...

How to Set Up and Delete a Cron Job

A cron job allows you to run a certain command at times set by the job. For example, you could...