Install & Configure AWStats
Now that YUM has its additional repository we are ready to install. From the commandline type:
yum install awstats
Modify AWStats Apache Configuration:
nano /etc/httpd/conf.d/awstats.conf
...#Options ExecCGI #AddHandler cgi-script .pl Options None AllowOverride None ..# Apache 2.4 Require all granted # Apache 2.2 Order allow,deny Allow from all DirectoryIndex awstats.pl AuthType basic AuthName "Authentication" AuthUserFile /etc/awstats/.htpasswdRequire valid-user
Edit the following lines in the default awstats configuration file /etc/awstats/awstats.localhost.localdomain.conf:
SiteDomain=”yourdomain.tld”
HostAliases=”
etc.:
LogFile="/var/www/in1/logs/access.log" SiteDomain="in1.lt" HostAliases="in1.lt www.in1.lt"
Rename or copy config file:
mv /etc/awstats/awstats.localhost.localdomain.conf /etc/awstats/awstats.yourdomain.tld.conf
cp /etc/awstats/awstats.localhost.localdomain.conf /etc/awstats/awstats.in1.lt.conf
Verify:
perl /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=in1.lt -update
Schedule a cron job to regularly update AWStats database using newly created log entries. Add new cron job in crontab like below :
*/5 * * * * /usr/bin/perl /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=yourdomain.tld -update > /dev/null
OR update all:
*/5 * * * * /usr/bin/perl /usr/share/awstats/tools/awstats_updateall.pl now -awstatsprog=’/usr/share/awstats/wwwroot/cgi-bin/awstats.pl’ > /dev/null
Create password:
htpasswd -c /etc/awstats/.htpasswd username
service httpd restart
Go to http://in1.lt/awstats/awstats.pl?config=in1.lt
Done!
Securing AWStats
Setting File System Permissions
The webserver needs only read-access to your files in order for you to be able to access AWStats from the browser. Limiting your own permissions will keep you from accidentally messing with files. Just remember that with this setup you will have to run perl to execute scripts rather than executing the scripts themselves.
$ find ./awstats -type d -exec chmod 701 '{}' \; $ find ./awstats -not -type d -exec chmod 404 '{}' \;
Apache doesn’t need direct access to AWStats configuration files therefore we can secure them tightly and not affect the relationship between them. To ensure that your .htaccess files are not readable via browser:
chmod 400 /etc/awstats/*.conf