MackPexton.com

Installing Awstats for Multiple Web Sites on Debian Linux

Finding instructions on the web to install Awstats for multiple hosts on a Linux system is difficult. And Debian packages Awstats differently that the default installation available from awstats.org. I recently installed Awstats on a Debian Linux 7 (Wheezy) server hosting multiple web sites. These are my notes.

In the following script notes below, substitute your own names for WWW.DOMAIN.COM

Note: The Awstats update program automatically processes every configuration file in the /etc/awstats directory that begins with awstats. and ends with .conf. When a server hosts more than one web site, the convention for awstats config files is to have one config file for each web site and each is named awstats.WWW.DOMAIN.COM.conf.

Note: Awstats recommends that each web site have their own access log. My convention is to place each web sites' log file into a file in /var/log/apache2 with names like WWW.DOMAIN.COM_access.log.

First time install. The following only needs to be done one time.

# Install awstats
apt-get update
apt-get install awstats

# Install awstats sample config file for apache
cp /usr/share/doc/awstats/examples/apache.conf /etc/apache2/conf.d/awstats

# Edit awstats config for apache and comment out the ScriptAlias line.
# Each VirtualHost stanza will define their own ScriptAlias setting.
perl -pi -e 's/^(ScriptAlias)/#$1/;' /etc/apache2/conf.d/awstats

# Copy installed config file to pattern file and edit it
# Only files ending with .conf are processed by awstats.
mv /etc/awstats/awstats.conf awstats.conf.template

# Edit template config file.
# Ensure LogFormat=1 which corresponds with apache directive:
#  CustomLog ${APACHE_LOG_DIR}/WWW.DOMAIN.COM_access.log combined
perl -pi -e 's/^(LogFormat=).*/${1}1/;' /etc/awstats/awstats.conf.template
# Comment out the last line including local settings.
perl -pi -e 's/^(Include )/#$1/;' /etc/awstats/awstats.conf.template

# Install script to update awstats before rotating web log files.
mkdir /etc/logrotate.d/httpd-prerotate
cat <<EOF >/etc/logrotate.d/httpd-prerotate/awstats
[ -x /usr/share/awstats/tools/update.sh ] && /usr/share/awstats/tools/update.sh
EOF

# Edit logrotate script to change permissions assigned to new log files so awstats can read them.
perl -pi -e 's/create 640 root adm/create 644 root adm;' /etc/logrotate.d/apache2

# Change access permissions on /var/log/apache2 so awstats (www-data) can access log files.
chmod o+x /var/log/apache2

# Change ownership of apache log files so they can be read by awstats (www-data).
cd /var/log/apache2
chmod o+r *.log

Now for each new web site, do the following:

# Customize domain config files
cp /etc/awstats/awstats.conf.template /etc/awstats/awstats.WWW.DOMAIN.COM.conf

# Edit /etc/awstats/awstats.WWW.DOMAIN.COM.conf
# Change LogFile setting to be the web site's log file.
perl -pi -e 's/^(LogFile=).*/$1"/var/log/apache2/WWW.DOMAIN.COM_access.log"/;' /etc/awstats/awstats.WWW.DOMAIN.COM.conf
# Change SiteDomain setting to be the domain name of the web site.
perl -pi -e 's/^(SiteDomain=).*/$1"WWW.DOMAIN.COM"/;' /etc/awstats/awstats.WWW.DOMAIN.COM.conf

And add the following to the <VirtualHost> stanza for the web site:

#
# Awstats configuration
#

CustomLog ${APACHE_LOG_DIR}/WWW.DOMAIN.COM_access.log combined

# Use /awstats/ location to restrict access to domain statistics.
ScriptAlias /awstats/cgi-bin/ /usr/lib/cgi-bin/

# Uncomment following to require password to access awstats
#<Location /awstats/>
#       AuthName "Awstats"
#       AuthUserFile /home/OWNER/WWW.DOMAIN.COM/passwd
#       AuthType Basic
#       Require valid-user
#</Location>

# Use Rewrite rules to restrict access to awstats.
RewriteEngine on
RewriteOptions inherit

# Uncomment following to turn on log file for debug
#RewriteLog /var/log/apache2/rewrite.log
#RewriteLogLevel 4

# Restrict awstats access to the following sites.
#
# Allow my administration console to see the stats
#RewriteCond %{HTTP_REFERER} !^https://ADMIN\.MYDOMAIN\.COM [NC]
#
# Allow each domain to see their own stats. (necessary)
RewriteCond %{HTTP_REFERER} !^https://%{HTTP_HOST} [NC]
# Following necessary because awstats uses frames, which changes the referer.
RewriteCond %{QUERY_STRING} !\&framename=
# Redirect non-privileged domains to Error 403 Forbidden page
RewriteRule ^/awstats(/.*)? - [F]

# Require the awstats config parameter to be only for this domain.
RewriteCond %{QUERY_STRING}  .*(?:^|&)config=[^&]+(?:&|$)
RewriteCond %{QUERY_STRING} !.*(?:^|&)config=WWW.DOMAIN.COM(?:&|$)
RewriteRule ^/awstats(/.*)? - [F]

# Expand a lone /awstats/ url into url for awstats with this site's config.
RewriteRule ^/awstats/?$        /awstats/cgi-bin/awstats.pl?config=%{HTTP_HOST} [L,R]

Tell Apache to reload its configuration files.

service apache2 reload

Awstats recommends that you initially run the update process from the command line to ensure things are working.

# Update stats for the first time from the command line
perl /usr/lib/cgi-bin/awstats.pl -config=WWW.DOMAIN.COM -update

# Ensure awstats files are owned by www-data after updating stats by hand above.
cd /var/lib/awstats
chown www-data:www-data *

Thats it. To access awstats for a web site, a link must be made on that web site or on your admin web site that points to http://WWW.DOMAIN.COM/awstats/. To simply enter the url into your browser probably won't work because of the rewrite rules above that restrict access to the stats to certain domains.

Hope this might help someone. You are free to use this anyway you can without permission.

Top of page.