Server logs (server log) are files that contain data on server operation in chronological order , all visitors’ actions on a web resource are recorded (where they came from, which browser they are in, which IP address, how long they stayed, which data they received or sent), as well as information by which the site and its visitors are analyzed and evaluated.
Why do we need logs?
There are several types of logs:
- Access logs. They show which user, at which date and time, by which link he went to the resource and what was the answer. These records help to find a vulnerability if the resource is hacked.
- Error logs. They show the errors issued when the site is functioning or in the process of accessing some of its functions. There is an opportunity to find and eliminate the bug that leads to an error.
- Other logs. They record events in various server components: server mail logs, etc.
If the website is working normally, in normal mode, there is no need to view the log files. But there are cases when the server is suddenly overloaded, the resource is subjected to spam, gives an abundance of errors or there are problems in ranking in the search engines.
In this case, system administrators or seo specialists begin to analyze visitors, identify access to files by an outsider, namely the IP address from which it was made, and then draw the appropriate conclusions.
On a note. For a regular user, such files will represent a random set of characters, but for website developers, seo specialists and system administrators, the logs are readable and carry important information.
How to enable the journal entries?
In most cases, the hoster disables the logging feature on the hosting in order to save more disk space. Using the Beget.com hosting admin example, let’s look at how to activate logging:
- Go to the admin panel and find the Logs tab – access logs .
- In the box, select the resource domain and click on sliders access log , error log , so he moved to the position ON .
Here you see the path where your logs are located
If your hosting in the admin panel does not have the option to enable the recording yourself, then to receive the logs you will need to contact the hosting technical support and request them, since they can be simply disabled.
How to view server logs?
Turning on the log files on the server, after an hour a rather large number of records will be collected, after which you can download the file to the site directory and open it through a visual editor for viewing.
Logs are stored in the access.log file in the system folder of any server, be it Nginx, Apache or any other. Log files are opened through text editors. Any line here corresponds to no more than one treatment.
Logs can also be found through the hosting control panel, namely in the Logs or Logs sections .
Server Log Analysis
Consider a line taken from one of the server logs:
And consider the meaning of all the characters that are here:
- site.ru – the address of the resource in question
- 188.8.131.52 – IP-address of the user who visited the site, after which there is a date and time to go to the page and time zone
- GET is a request that means receiving data. There may be another POST request, that is, sending data, for example, authorization on the site
- page / 3 – appeal to the 3rd page
- HTTP / 1.0 – user protocol through which he entered the resource
- 200 – response code sent by server to visitor
- 70214 – the number of bytes sent to the user
- Ahrefs Bot (http://www.ahrefs.com/bot; [email protected]) – data about the user or bot, from which device he came in, what OS he uses, etc. In our case, this is the bot parser ahrefs.
This is one of many logs, and to read them all manually, you need to spend an incredible amount of time and effort. But webmasters come to the aid of special data analyzers that are difficult to read by humans. They analyze the data and then structure it. Commonly used programs include:
- WebAlyzer ;
- Webtrends ;
- Awstats .
And this is not all software that can be found on the net. They are both in paid and free access.
On some hosts, they can be set when logging is enabled. For example, in the previously reviewed hosting Beget.com, when we enable logs, we are offered to install Awstats.
Successfully analyzing the log files, you can find a weak spot on the site, because of which it is unstable, or identify the IP from which you want to harm. Especially it is worth paying attention to POST requests, because it is with their help that fraudsters hack resources more often.
Error log error.log
This is a file where logs are also logged, but they are not related to users, but to errors that occur on the server. Same as access file . log , in error. log every single line shows a record of only one error. Thanks to this file, you can find out the cause of the error and its type, as well as the IP of the user to whom it was shown. Consider an example:
- First line: date and time / record type error (error), as well as the IP address of the user.
- The second: PHP Notice event – notification, decoding. Undefined variable – unknown variable.
- Third: the path to the file with the notification and the string.
Here we see an error in the contacts module, in the default.php file in line 14.
Server log is an effective tool that allows you to quickly get information about where the site has a loophole, due to which the server is overloaded. But viewing the logs manually is a troublesome business, which is why such special analyzer services were created, which help to find errors much faster and point out the weak points of the web resource.