Forbidden access to awstats html content
Yes, I know this topic has been discussed all over the web during years. After a few hours struggling, again, back to linuxquestions!
I've tried a few solutions such as chown -R rroopt:rroopt /var/lib/awstats chmod -R g+rw /var/lib/awstats chmod 755 /var/lib/awstats Otherwise configuration looks fine, I am actually getting my first linux emails from localhost logging website activity every half an hour (maybe I'll reconfigure that default time later). # ls -l /var/lib/awstats total 36 -rw-rw-r-- 1 rroopt rroopt 8846 May 28 21:47 awstats052016.localhost.localdomain.txt -rw-rw-r-- 1 rroopt rroopt 8845 May 28 21:47 awstats052016.mlp.riverocooper.com.txt -rw-rw-r-- 1 rroopt rroopt 8762 May 28 22:00 awstats052016.riverocooper.com.txt on my browser: "Forbidden: You don't have permission to access /awstats/awstats.pl on this server." from configuration file: "# When AWStats updates its statistics, it stores results of its analysis in # files (AWStats database). All those files are written in the directory # defined by the "DirData" parameter. Set this value to the directory where # you want AWStats to save its database and working files into. # Warning: If you want to be able to use the "AllowToUpdateStatsFromBrowser" # feature (see later), you need "Write" permissions by web server user on this # directory (and "Modify" for Windows NTFS file systems). # Example: "/var/lib/awstats" # Example: "../data" # Example: "C:/awstats_data_dir" # Default: "." (means same directory as awstats.pl) # DirData="/var/lib/awstats" " |
I also included some info on main httpd.conf based on the official http://www.awstats.org/docs/awstats_setup.html
<IfModule alias_module> # # Redirect: Allows you to tell clients about documents that used to # exist in your server's namespace, but do not anymore. The client # will make a new request for the document at its new location. # Example: # Redirect permanent /foo http://www.example.com/bar # # Alias: Maps web paths into filesystem paths and is used to # access content that does not live under the DocumentRoot. # Example: # Alias /webpath /full/filesystem/path # # If you include a trailing / on /webpath then the server will # require it to be present in the URL. You will also likely # need to provide a <Directory> section to allow access to # the filesystem path. The statistics are generated constantly, it's just that I am unable to see them in their html presentation |
Quote:
Quote:
And again, you're trying to shovel out 24,000 emails at a time...spammers don't get much help. |
Quote:
|
Is there a ScriptAlias /awstats/ that points to /usr/share/awstats/wwwroot/cgi-bin/ in your http conf file?
|
Greetings Keefaz,
/etc/httpd/conf.d/awstats.conf requests that their contents are pasted into httpd.conf so I did it to the best of my knowledge but it still doesn't work out. Yes, the ScriptAlias you mention is there and reproduced it for you in bold. <IfModule alias_module> # # Redirect: Allows you to tell clients about documents that used to # exist in your server's namespace, but do not anymore. The client # will make a new request for the document at its new location. # Example: # Redirect permanent /foo http://www.example.com/bar # # Alias: Maps web paths into filesystem paths and is used to # access content that does not live under the DocumentRoot. # Example: # Alias /webpath /full/filesystem/path # # If you include a trailing / on /webpath then the server will # require it to be present in the URL. You will also likely # need to provide a <Directory> section to allow access to # the filesystem path. Alias /awstatsclasses "/usr/share/awstats/wwwroot/classes/" Alias /awstatscss "/usr/share/awstats/wwwroot/css/" Alias /awstatsicons "/usr/share/awstats/wwwroot/icon/" # # ScriptAlias: This controls which directories contain server scripts. # ScriptAliases are essentially the same as Aliases, except that # documents in the target directory are treated as applications and # run by the server when requested rather than as documents sent to the # client. The same rules about trailing "/" apply to ScriptAlias # directives as to Alias. # ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" ScriptAlias /awstats/ "/usr/share/awstats/wwwroot/cgi-bin/" # # This is to permit URL access to scripts/files in AWStats directory. # <Directory "/usr/share/awstats/wwwroot"> Options None AllowOverride None <IfModule mod_authz_core.c> # Apache 2.4 Require local </IfModule> <IfModule !mod_authz_core.c> # Apache 2.2 Order allow,deny Allow from 127.0.0.1 Allow from 5.226.169.119 Allow from ::1 </IfModule> </Directory> # Additional Perl modules # Additional Perl modules <IfModule mod_env.c> SetEnv PERL5LIB /usr/share/awstats/lib:/usr/share/awstats/plugins </IfModule> |
This is interesting from error log:
[Sun May 29 08:08:09.435636 2016] [alias:warn] [pid 12533] AH00671: The ScriptAlias directive in /etc/httpd/conf/httpd.conf at line 252 will probably never match because it overlaps an earlier ScriptAlias. [Sun May 29 08:08:09.435677 2016] [alias:warn] [pid 12533] AH00671: The Alias directive in /etc/httpd/conf.d/awstats.conf at line 15 will probably never match because it overlaps an earlier Alias. [Sun May 29 08:08:09.435682 2016] [alias:warn] [pid 12533] AH00671: The Alias directive in /etc/httpd/conf.d/awstats.conf at line 16 will probably never match because it overlaps an earlier Alias. [Sun May 29 08:08:09.435685 2016] [alias:warn] [pid 12533] AH00671: The Alias directive in /etc/httpd/conf.d/awstats.conf at line 17 will probably never match because it overlaps an earlier Alias. [Sun May 29 08:08:09.435688 2016] [alias:warn] [pid 12533] AH00671: The ScriptAlias directive in /etc/httpd/conf.d/awstats.conf at line 18 will probably never match because it overlaps an earlier ScriptAlias |
I think you should remove all references to awstats in your main httpd.conf configuration file as it seems configuration for awstats are defined in separate file in /etc/httpd/conf.d which are included in httpd.conf (search for Include directive in httpd.conf to verify)
|
Quote:
Your observation seems very logical. At the end of my httpd.conf there is indeed # Supplemental configuration # # Load config files in the "/etc/httpd/conf.d" directory, if any. IncludeOptional conf.d/*.conf IncludeOptional sites-enabled/*.conf /etc/httpd/conf.d also includes autoindex.conf awstats.conf awstats.conf.rpmsave geoip.conf mpm_prefork.conf userdir.conf welcome.conf In particular it sounds like GeoIP is already running? :)COOL:) <IfModule mod_geoip.c> GeoIPEnable On GeoIPDBFile /usr/share/GeoIP/GeoIP.dat </IfModule> In that case I will go ahead and erase reference to awstats in main httpd.conf I learned how to browse directly from my linux server: lynx http://localhost/server-status (for APACHE MOD STATUS) lynx http://localhost/awstats/awstats.pl?config=mlp (for AWSTATS) so no longer getting access to server generated html is an issue. The errors 403 of connection refused came from apache as I tried to access content from insecure internet connection of dynamic IP addresses from my ISP. I had lots of duplicate test configuration files mixed up and the challenge now is to restore Cron because it refers to a deleted configuration and the working configuration for stats now has a different name. But awstats software is working. I should configure differentiated logs and conf files for each of my sites. |
Cron has been restored and there are conf files for each website, the only issue left is that statistics are not being generated since day one. This seems a problem that other users have also faced according to web search:
# perl awstats.pl -update -config=mlp Create/Update database for config "/etc/awstats/awstats.mlp.conf" by AWStats version 7.4 (build 20150714) From data in log file "/var/log/httpd/access_log"... Phase 1 : First bypass old records, searching new record... Direct access after last parsed record (after line 525) Jumped lines in file: 525 Found 525 already parsed records. Parsed lines in file: 0 Found 0 dropped records, Found 0 comments, Found 0 blank records, Found 0 corrupted records, Found 0 old records, Found 0 new qualified records. |
Quote:
|
Not anymore, I created new access logs for each site
access_log access_log_riv access_log_rro access_log_rub error_log |
Uninstalled awstats, installed GoAccess works very well, it's simple command line, no html
|
All times are GMT -5. The time now is 08:31 AM. |