Description
This howto will show you how to configure Apache httpd to display unique stats on http://stats.example.com from http://www.example.com for as many domains as you have configured.
We’ll assume:
- You are the owner of your domain
- You are the owner of your system
- You are running an official copy of Centos and not a datacenter clone/image, cPanel or other Centos derivative
- You have SELinux enabled.
The purpose of this particular setup is to give a stats link to your customers or for your own sites that will show the actual stats as recorded by the Apache httpd log files so you or your customers can contrast and compare with Google Analytics or other stats.
Requirements
Explanation of requirements.
- Administrative control over your domain and DNS.
- Root access to an official current Centos system.
- Apache httpd configured properly with the domain you want to track with Awstats.
Doing the Work
In this howto we will assume: you are root, you own example.com and have administrative access to create the subdomain stats.example.com.
- Installing the EPEL software repository, Awstats and optional components for Geo tracking:
- After successful install of the above software we will make a copy of the default Awstats config that we can use over and over:
- Next we create the directories for the new subdomain stats.example.com. For security purposes the default Apache httpd documentRoot in Centos is
/var/www/ - Next we copy the Awstats program files to our newly created stats.example.com/cgi-bin directory:
- Next let’s alter the Apache httpd vhosts.conf file and add an entry for our new subdomain:
- Next we’ll edit
/etc/httpd/conf.d/awstats.confto include information about our new subdomain at/var/www/example.com/stats/ - Now let’s edit the
awstats.stats.example.com.confwe created above - LogFile=”/var/log/httpd/example.com_access_log”
- SiteDomain=”stats.example.com”
- HostAliases=”stats.example.com”
- DirData=”/var/www/example.com/stats”
- LoadPlugin=”geoip GEOIP_STANDARD /var/lib/GeoIP/GeoIP.dat”
- LoadPlugin=”geoip GEOIP_STANDARD /var/www/GeoIP/GeoIP.dat”
- LoadPlugin=”geoip_city_maxmind GEOIP_STANDARD /var/www/GeoIP/GeoLiteCity.dat”
- Next let’s restart Apache httpd so our changes take effect:
- Next we’ll call the Awstats perl script to automatically update our stats right now:
- Finally, to update our stats automatically every hour via cron we do the following:
- We can also use htpasswd to require usernames and passwords for basic access to the directory from prying eyes
Click the EPEL link for more verbose instructions or give this command:
C6: su -c "https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm"
C7: su -c "https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm"
Then issue this command:
yum --enablerepo=epel install awstats GeoIP-data perl-Geo-IP
Since there is no Centos package for the GeoLiteCity.dat you can get the single file from MaxMind as well as updated GeoIP.dat files here:
http://www.maxmind.com/app/geolitecountry
http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
http://www.maxmind.com/app/geolitecity
http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
If you choose to use only the MaxMind files directly, you can put them in /var/www/GeoIP as follows:
sudo mkdir /var/www/GeoIP; cd /var/www/GeoIP
sudo wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
sudo wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
sudo gunzip GeoIP.dat.gz GeoLiteCity.dat.gz
Copy default conf so we always have a clean starting point if something goes wrong.
cp /etc/awstats/awstats.model.conf /etc/awstats/awstats.model.conf.orig
Make another copy for our example site.
cp /etc/awstats/awstats.model.conf.orig /etc/awstats/awstats.stats.example.com.conf
mkdir /var/www/stats.example.com && mkdir /var/www/stats.example.com/cgi-bin
cd /usr/share/awstats/wwwroot/ && cp -R * /var/www/example.com/stats/
(For this example we’re using: awstats-7.0-3.el6.noarch)
Add this information in /etc/httpd.conf.d/vhosts.conf
create this file if it does not exist
You should already have a domain configured that you’d like to track the stats of like this:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
################### ### Example.com ### ################### <VirtualHost *:80> ServerAdmin admin@example.com ServerName example.com ServerAlias www.example.com DocumentRoot /var/www/example.com ScriptAlias /cgi-bin/ /var/www/example.com/cgi-bin/ CustomLog logs/example.com_access_log combined ErrorLog logs/example.com_error_log </VirtualHost> We'll be adding this subdomain to track the above domains stats: ########################### ### Example.com Awstats ### ########################### <VirtualHost *:80> ServerAdmin root@localhost ServerName stats.example.com DocumentRoot /var/www/example.com/stats/ ScriptAlias /cgi-bin/ /var/www/example.com/stats/cgi-bin/ CustomLog logs/stats.example.com_access_log combined ErrorLog logs/stats.example.com_error_log ## Awstats ## Alias /classes "/var/www/example.com/stats/classes/" Alias /css "/var/www/example.com/stats/css/" Alias /icon "/var/www/example.com/stats/icon/" ScriptAlias /awstats/ "/var/www/example.com/stats/cgi-bin/" ## End Awstats ## <Directory /var/www/example.com/stats/> Options +ExecCGI +Indexes DirectoryIndex awstats.pl AllowOverride All Order allow,deny Allow from all #Access AuthName "Restricted Area" AuthType Basic AuthBasicProvider file AuthUserFile /var/www/example.com/stats/.htpasswdstats AuthGroupFile /dev/null require valid-user </Directory> </VirtualHost> |
vi /etc/httpd/conf.d/awstats.conf
|
1 2 3 4 5 6 7 8 9 |
<Directory "/var/www/example.com/stats/"> DirectoryIndex awstats.pl Options ExecCGI Options FollowSymLinks Options None AllowOverride None Order allow,deny Allow from all </Directory> |
vi /etc/awstats/awstats.stats.example.com.conf
We will be editing the following lines:
(using the MaxMind direct download method)
(using the MaxMind direct download method)
Note: The LogFile directive must be the same as the httpd CustomLog directive for the site we actually want the stats from (example.com).
C6: service httpd restart
C7: systemctl restart httpd.service
perl /var/www/stats.example.com/cgi-bin/awstats.pl -config=stats.example.com -update
vi /etc/cron.hourly/awstats
Add this line before exit 0, save and exit:
|
1 |
perl /var/www/stats.example.com/cgi-bin/awstats.pl -config=stats.example.com -update > /dev/null 2>&1 |
C6: service crond restart
C7: systemctl restart crond.service
Do not confuse this with security of any kind, this is easily bypassed, use mod_authz instead and load the domain over ssl
We’ll be doing this work as root in the directory: /var/www/example.com/stats/
(In the vi editor use i for insert text, esc + :wq to write and quit vi)
htpasswd -s .htpasswds joe
New password:
(This is the user Joe’s password to access the stats.)
Re-type new password:
Adding password for user joe
Let’s Check to see the password was actually added as expected:
vi .htpasswds
|
1 |
joe:{SHA}9Q+DCACuf4OZs8b0E8eR5j1aIVU= |
vi /etc/httpd/conf/httpd.conf
Add this to the virtualhost entry for stats.example.com:
|
1 2 3 4 5 6 7 8 |
<Directory "/var/www/example.com/stats/"> AuthName "Restricted Area" AuthType Basic AuthBasicProvider file AuthUserFile /var/www/stats.example.com/.htpasswds AuthGroupFile /dev/null require valid-user </Directory> |
Now, try hitting your site at: http://stats.example.com You should be prompted for a username and password for your user.
If it does not work, try double checking the steps or join #centoshelp or #httpd on Freenode for further assistance.
Troubleshooting & Testing
Explanation troubleshooting basics and expectations.
- Testing your configuration:
- If this does not work for you, please go through the howto more slowly and double check every setting as well as your Apache httpd error logs:
- If you do not see the GeoIP data, but the rest of Awstats works, check the SELinux file contexts for the GeoIP files:
You should now be able to go to: http://stats.example.com/ or http://stats.example.com/cgi-bin/awstats.pl and see your sites stats.
Common mistakes are: Typos, file permissions, file ownership, improper or conflicting Apache httpd Options directives or other Apache httpd config errors. The first place to check is always the error logs specified in your VirtualHost config above.
Incorrect SElinux context:
|
1 2 3 |
ls -alsZ /var/lib/GeoIP/ -rw-r--r-- root root system_u:object_r:var_lib_t GeoIP.dat -rw-r--r-- root root system_u:object_r:var_lib_t GeoLiteCity.dat |
Fix:
|
1 2 |
sudo chcon -t httpd_sys_content_t /var/lib/GeoIP/GeoIP.dat sudo chcon -t httpd_sys_content_t /var/lib/GeoIP/GeoLiteCity.dat |
Correct SElinux context:
|
1 2 3 |
ls -alsZ /var/lib/GeoIP/ -rw-r--r-- root root system_u:object_r:httpd_sys_content_t GeoIP.dat -rw-r--r-- root root system_u:object_r:httpd_sys_content_t GeoLiteCity.dat |
You should be able to see country/city GeoIP data now if you refresh the page.
Added Reading
Disclaimer
We test this stuff on our own machines, really we do. But you may run into problems, if you do, come to #centoshelp on irc.freenode.net