Statistics for webserver on CentOS7

Install & Configure AWStats

Now that YUM has its additional repository we are ready to install. From the commandline type:
yum install awstats

Modify AWStats Apache Configuration:

nano /etc/httpd/conf.d/awstats.conf

...

    #Options ExecCGI
    #AddHandler cgi-script .pl
    Options None
    AllowOverride None
    
        # Apache 2.4
        Require all granted
    
    
        # Apache 2.2
        Order allow,deny
        Allow from all
    
DirectoryIndex awstats.pl

AuthType basic
AuthName "Authentication"
AuthUserFile /etc/awstats/.htpasswd


Require valid-user


..

Edit the following lines in the default awstats configuration file /etc/awstats/awstats.localhost.localdomain.conf:

SiteDomain=”yourdomain.tld”
HostAliases=”

etc.:

LogFile="/var/www/in1/logs/access.log"
SiteDomain="in1.lt"
HostAliases="in1.lt www.in1.lt"

Rename or copy config file:
mv /etc/awstats/awstats.localhost.localdomain.conf /etc/awstats/awstats.yourdomain.tld.conf
cp /etc/awstats/awstats.localhost.localdomain.conf /etc/awstats/awstats.in1.lt.conf

Verify:
perl /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=in1.lt -update

Schedule a cron job to regularly update AWStats database using newly created log entries. Add new cron job in crontab like below :
*/5 * * * * /usr/bin/perl /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=yourdomain.tld -update > /dev/null

OR update all:
*/5 * * * * /usr/bin/perl /usr/share/awstats/tools/awstats_updateall.pl now -awstatsprog=’/usr/share/awstats/wwwroot/cgi-bin/awstats.pl’ > /dev/null

Create password:
htpasswd -c /etc/awstats/.htpasswd username

service httpd restart

Go to http://in1.lt/awstats/awstats.pl?config=in1.lt

Done!

Securing AWStats
Setting File System Permissions

The webserver needs only read-access to your files in order for you to be able to access AWStats from the browser. Limiting your own permissions will keep you from accidentally messing with files. Just remember that with this setup you will have to run perl to execute scripts rather than executing the scripts themselves.

$ find ./awstats -type d -exec chmod 701 '{}' \;
$ find ./awstats -not -type d -exec chmod 404 '{}' \;

Apache doesn’t need direct access to AWStats configuration files therefore we can secure them tightly and not affect the relationship between them. To ensure that your .htaccess files are not readable via browser:

chmod 400 /etc/awstats/*.conf