Fix Log Rotation Problems cPanel

Fix Log Rotation Problems cPanel

Since the beginning of time, cPanel has had logs that it simply does not rotate properly. Why this has been an ongoing problem that has never been fixed is beyond me, but it CAN be fixed and we’ll go through what is needed to accomplish this.

The most important logs that are missed are the Apache system logs that are located in /usr/local/apache/logs. SSH into your server as root.

pico /etc/logrotate.d/httpd
(on some servers this file is called apache)

The first line should read:

/usr/local/apache/logs/*log {

Also you need to change the line that reads:

/bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null || true

to:

/bin/kill -HUP `cat /usr/local/apache/logs/httpd.pid 2>/dev/null` 2> /dev/null || true
(the above line should all be on ONE LINE!)

The next log file that needs to be dealt with is /var/log/xferlog. This is your FTP transfer log.

pico /etc/logrotate.d/ftp

This will create a new file. If you are running ProFTP, paste the following snippet into this file:

/var/log/xferlog {
postrotate /bin/kill -HUP `cat /var/proftpd.pid 2> /dev/null` 2> /dev/null || true
endscript
missingok
}

If you are running PureFTP then paste this into the file:

/var/log/xferlog {
postrotate /bin/kill -HUP `cat /var/run/pure-ftpd.pid 2> /dev/null` 2> /dev/null || true
endscript
missingok
}

The next item we need to deal with is for any sites for which you have installed SSL certificates for. If you have not installed any SSL certificates, then you can skip this section. Any domain that you have installed an SSL certificate for gets a log file for tracking SSL traffic and it is located in /var/log. These are pretty simple to add.

pico /etc/logrotate.conf

Add an entry styled like the one below for each secure domain you have on your server at the end of the file:

/var/log/securedomain.tld {
weekly
rotate 1
}

Take a look in /var/log to make sure that you have the proper filename i that first line. It will match exactly as you have it set up in WHM.

One other stray log that cPanel ignores is /var/log/chkservd.log. Add this section to the same file (/etc/logrotate.conf) that you were just editing:

/var/log/chkservd.log {
weekly
rotate 1
}

To add insult to injury, cPanel is not rotating its own logs either. Place this in the same file we have been editing:

/usr/local/cpanel/logs/stats_log {
weekly
rotate 1
}

/usr/local/cpanel/logs/access_log {
weekly
rotate 1
}

/usr/local/cpanel/logs/error_log {
weekly
rotate 1
}

That is all the logs in my systems that I found that were not getting rotated. Armed with this information you should be able to rotate nearly any log, but if you do find some more, please drop me a line so I can update the article.

Similar Articles : Change All Packages Themes cPanel/WHM, Change All User Themes cPanel/WHM, Official cPanel/WHM Newbies Guide, Updating Apache Using cPanel/WHM Easy Apache, Extended Exim Logging, Linux Apache ASP for cPanel/WHM, How to Hide Bind Version cPanel/WHM, Fix cPanel/WHM Quotas, Disabling Password Reset Option cPanel/WHM, Setting up Private Reseller Name Servers, Installing DrWEB antivirus cPanel/WHM Linux, Properly Reject Invalid Email, Securing /tmp partition, Force Secure Login cPanel/WHM SSL, Default Index cPanel/WHM, Modify Bandwidth Exceeded cPanel/WHM, Use Exiscan to Scan For Viruses, Fix Log Rotation Problems cPanel, Installing mod_bandwidth For the Ultimate in Apache Utilization Control, Linux Distributions, UNIX Flavors (Distributions), Installing and Configuring CSF Firewall