Web servers do a good job of maintaining logs of any errors the server has. However, for people who are not used to using Linux systems, it can be hard to know where to find these logs. Hopefully this wiki article will help you by listing their locations in the Linux filesystem.
Apache has three different logs. Each of these serves a different purpose and logs a different activity within the HTTP server.
The first log (access_log), keeps a log of all HTTP requests to sites which have the server as their hostname or are directed to the server’s IP:
The second Apache log (error_log) stores all errors, on all sites hosted on the web server:
The final error log (domlogs) organises the error logs and gives each site its own folder:
Exim has two main error logs.
The first contains details of incoming and outgoing connections:
The second log contains information of all rejected connections:
Your FTP server will create a log of all connections, downloads and uploads in the same location no matter which FTP daemon you have installed. The log can be found in:
If you have the ConfigServer Security & Firewall WHM plugin installed, you will be able to access firewall logs.
To find these in the WHM Graphical User Interface, you should look for the Plugins section in the left sidebar. Once you have found it, click it, then click ConfigServer Security & Firewall (highlighted in orange below).
You should then be taken to the main page which has many options. You’ll need to look in the top box (Server Information), then click the Watch System Logs box.
Once you click Watch System Logs, you’ll be taken to a page which refreshes every 5 seconds and shows one of 15 different logs. You can select the log you would like to look at via the drop-down menu.
When you first navigate to the page, you’ll be shown the log located at /var/log/lfd.log
The logs you can choose from are:
- /var/log/lfd.log (you’ll be shown this log by default when you visit the log page)
You will notice many of these logs were mentioned earlier in the article. This is because it looks for any other logs on the server.
Was this article helpful?