Archiving Your Logs In cPanel®

by The Business Protector on July 11, 2011

cPanel® is, in my opinion, a great way to help maintain your website. And far from merely being a place where you can administer your web site, there are also some thing you can do “in there” to improve your security. This article tells you how you can back up your web server logs inside the cPanel® admin area.

First, log in to the admin area. I’m using the X3 theme of Version 11 of cPanel®; if you are using a different version, you may have to “dig” a bit to find the stuff; if you can’t find it, ask the support desk at your web hosting company for help.

In the “Logs” section, you’ll see an icon labeled, “Raw Access Logs”. Click on that icon and you’ll be taken to the “Raw Access Log” page.

On that page, you’ll see two check boxes on the page, under “Configure Logs:”. Ensure that they are checked as follows:

  • Ensure that “Archive logs in your home directory at the end of each stats run” IS checked.
  • Ensure that “Remove the previous month’s archived logs from your home directory at the end of each month” is NOT CHECKED.

Don’t forget to click on the “SAVE” button when done or your changes won’t take effect.

So what does this do for you? The system will now archive your logs at the end of each stats run (most web hosting companies do this once a day or so) and add the log entries for that day to the file for the current month. At the start of the next month, the entire log file will be archived and a new log started for the new month.

You can access these logs from the “Raw Access Log” page (the same one where you made the configuration changes). The logs for the current month will be in the “Download Current Raw Access Logs” area of the page, and logs from previous months will be in the “Archived Raw Logs” area of the page.

I recommend that you download a copy to your local computer, then make an additional copy and store them somewhere else. You’ll want to delete the logs from your web server if space is limited; otherwise it won’t hurt to keep a copy there (although, over time, you will get a lot of entries that could make management of the logs somewhat cumbersome).

You won’t be able to delete the logs from the “Raw Access Logs” page; to do that, you’ll need to use the File Manager function of cPanel® or delete them using your FTP software. They are stored one level above your web root (the files that are actually served when somebody visits your site) in a directory (folder) called “logs”. You can also directly download them to your computer from this directory using your FTP software to save time.

Why do you want to archive your logs and store them in more than one place? Beyond the benefits to your business from studying your logs for traffic sources and etc., access to web server logs is crucial for anybody who is investigating a web server compromise. They can also help identify “probes”, which can be used to ensure that your web site is not vulnerable to specific hacking threats. And “life happens”, so having them in more than one location helps ensure that they are available, even if something bad happens to one copy of the logs.

Please take a few moments to set up your web server so that your logs are archived. And if you are looking for a good hosting company, I recommend Dathorn, my hosting company (affiliate link). If nothing else, you know that these exact instructions will work when you take action to archive your web server logs… :)

NOTE: cPanel® is a trademark of cPanel, Inc.

Comments on this entry are closed.

Previous post:

Next post: