HOWTO Setup AWStats

From Research
Revision as of 18:31, 28 November 2008 by Gordp (talk | contribs) (→‎Restricted Access to AWStats Vhost)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

This shows how to setup awstats on an apache server with vhosting. Make sure you have the vhosts use variable set on Gentoo. This article is aimed for AWStats on tirpitz.

Install AWStats

# emerge awstats

Note: it's more fun to edit /etc/portage/package.use and add the geoip USE-flag.

Use webapp-config

The standard projects directory must be listed in /etc/vhosts/webapp-config using the VHOST_ROOT variable. Currently this is set for any project that exists in: /home/projects/*/htdocs, as most projects on tirpitz have their webspace here.

To setup another project, use webapp-config to add it to your project's htdocs directory:

# webapp-config -I -h <projectname> -u root -d /awstats awstats 6.5

For machines other than tirpitz you can install with this command, which will place your app under /var/www/localhost/htdocs:

# webapp-config -I -h localhost -d /awstats awstats 6.5

webapp-config will output a lot of text, ignore it.

Typical upgrade commands:

# webapp-config -U -d /awstats awstats 6.9

Apache VHost Configuration

Copy this following section into your vhost file: /etc/apache2/vhosts.d/<projectname>.conf

# awstats
Alias /awstats/classes "/usr/share/webapps/awstats/6.5/htdocs/classes/"
Alias /awstats/css "/usr/share/webapps/awstats/6.5/htdocs/css/"
Alias /awstats/icons "/usr/share/webapps/awstats/6.5/htdocs/icon/"
ScriptAlias /awstats/ "/usr/share/webapps/awstats/6.5/hostroot/cgi-bin/"
ScriptAlias /awstats "/usr/share/webapps/awstats/6.5/hostroot/cgi-bin/awstats.pl"
ScriptAlias /awstats.pl "/usr/share/webapps/awstats/6.5/hostroot/cgi-bin/awstats.pl"

<Directory "/usr/share/webapps/awstats/6.5/htdocs">
    Options None
    AllowOverride None
    <IfModule mod_access.c>
        Order allow,deny
        Allow from all
    </IfModule>
</Directory>
<Directory "/usr/share/webapps/awstats/6.5/hostroot/cgi-bin">
    Options ExecCGI
    AllowOverride None
    <IfModule mod_access.c>
        Order allow,deny
        Allow from all
    </IfModule>
</Directory>
# awstats

Restricted Access to AWStats Vhost

This is a variation on the above file you can use if you want to only permit certain users to see your stats. Place the following in your /etc/apache2/vhost.d/ directory, perhaps naming this file awstats.conf, or 000_awstats.conf:

Alias /awstats/classes "/srv/www/localhost/htdocs/awstats/classes/"
Alias /awstats/css "/srv/www/localhost/htdocs/awstats/css/"
Alias /awstats/icons "/srv/www/localhost/htdocs/awstats/icon/"
ScriptAlias /awstats/ "/srv/www/localhost/cgi-bin/"
ScriptAlias /awstats "/srv/www/localhost/cgi-bin/awstats.pl"
ScriptAlias /awstats.pl "/srv/www/localhost/cgi-bin/awstats.pl"



#
# Let's control access to awstats, so not everyone in the whole wide world can see them
# Unfortunately, we'll have to make this protection a bit over-broad, and lock down the
# whole cgi-bin directory.
#

<IfModule authnz_ldap_module>

<Directory /srv/www/localhost/cgi-bin>
#
#   don't give an .htaccess any any cred :-)
    AllowOverride None
    Order allow,deny
    Allow from all

         options +ExecCGI
#        Do basic password authentication in the clear
         AuthType Basic
#        LDAP Authentication & Authorization is final; do not check other databases
         AuthzLDAPAuthoritative on
#        Name which will appear in the browser's user/pass dialogue (realm)
         AuthName "Statistics - Restricted Access"
         AuthBasicProvider ldap
         AuthLDAPURL ldap://192.168.0.11:389/ou=users,dc=put_yours_here?uid?one
         AuthLDAPBindDN "<quite_secret>"
         AuthLDAPBindPassword <supersecret>

# Use only one of the following possible sections.

#        Explicitly list the permitted users, ~after~ authentication has succeeded.
#        Effectively a 2nd gate, at the authourization phase.
#        Add as many as desired.
         require ldap-user clown

#        There will be times when it's sufficient for an authenticated-user to be
#        authourized and granted access; it they're good in LDAP, they're OK by me.
#        In this case, any LDAP valid user is fine; apache won't restrict further.
#         require valid-user

</Directory>
</IfModule>

Create the AWStats Config File

# cd /etc/awstats
# cp awstats.researchtemplate.conf awstats.<projectname>.conf

Now edit that file to suit your project.

Note: most of this information is in your apache vhost file: /etc/apache/vhosts.d/<projectname>.conf

These are the variables you need to edit:

  • LogFile="/var/log/apache2/<projectname>/access_log"
  • SiteDomain="<projectname>.research.iat.sfu.ca"
  • HostAliases"<projectname>.research.iat.sfu.ca www.<projectname>.research.iat.sfu.ca localhost 127.0.0.1 REGEX[myserver\.com$]"

These HostAliases must match all ServerAliases in your vhosts config file!

  • DirData="/home/projects/<projectname>/htdocs/awstats

Un-comment (around line 1270):

LoadPlugin="geoip GEOIP_STANDARD"

Restart apache for the settings to take effect

# /etc/init.d/apache2 restart

Schedule Daily Log Updates

Add the project to the daily cronjob: /etc/cron.daily/awstats

/usr/share/webapps/awstats/6.5/hostroot/cgi-bin/awstats.pl -config=<projectname> -update

Run that command once for the logs to be analysed the first time.

If you prefer Hourly log-updates, then create a file /etc/cron.hourly/awstats with this sort of content:

#
# /etc/cron.hourly/awstats
#
# parses apache log-files, and prepares them for viewing
#

cd /var/www/localhost/cgi-bin/ && ./awstats.pl -config=localhost -update > /dev/null

Access the Stats Website

http://research.iat.sfu.ca/awstats.pl?config=<projectname>

For reference, the current awstats running on tirptitz can be found at:

http://research.iat.sfu.ca/awstats.pl?config=infrastructure