Dev License: This installation of WHMCS is running under a Development License and is not authorized to be used for production use. Please report any cases of abuse to abuse@whmcs.com

Raw Access Logs allow you to see who has accessed your site without the use of graphs, charts or other graphics. You can use the Raw Access Logs menu to download a zipped version of the server's access log for your site. This can be very useful when you need to see who is accessing your site quickly.

There are three sections available on the "Raw Access" page:

  • Configure Logs
  • Download Current HTTP Access Logs
  • Archived Raw Logs

Configure Logs

When the "Raw Access Log" page loads, the first two options include:

  • Archive Logs in your home directory at the end of each month
  • Remove the previous month's archived logs from your home directory at the end of each month

Each of the above options has a check box next to it. You can check each one according to your own specific needs. Once you have checked or unchecked the check boxes in the above options, click on the Save button to save your settings.

Download Current Raw Access Logs

This section includes a one-column table showing a list of domains associated with the web hosting account you are currently using to view cPanel. Click on any of the available domains to download the HTTP access logs.

HTTP and HTTPS access logs are always separated. If your website has an SSL certificate and is setup on the HTTPS protocol, as most sites should, the logs ending with SSL should be the ones that contain the most information. However, there can also be accesses through the plain-text HTTP protocol, which you would find in the non-SSL logs.

Please note that for addon and parked domains, you will need to download the logs of the linked sub-domain. Please look under the "Linked Domains" column to determine which sub-domain logs are for which add-on or parked domain.

Archived Raw Log

If there are any archived raw logs available, click on the one of the available links to download the raw access log. These are usually sorted by month and the SSL logs (containing "ssl_log" in the name) are separated from the non-SSL logs.

Opening the Raw Access Logs

All logs are archived in .GZ (GNU zip) archives to save space and reduce the download size. You can extract the logs from the archive using any archiving tool (e.g. 7-Zip, WinRAR, WinZip, etc.).

The log file extracted from the archive can be opened using any text editor (e.g. Notepad, Notepad++, etc.). Log files don't have a file name extensions, so you will either need to open the file with the text editor or append the ".txt" extension to the file name.

Interpreting Raw Access Logs

Each line represents a log entry. The log entries use the following format by default:

%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"

You can find the descriptions at mod_log_config - Apache HTTP Server Version 2.4

Updated by SP on 09/01/2023

Was this answer helpful? 242 Users Found This Useful (542 Votes)

Powered by WHMCompleteSolution