How to Retrieve Server Logs and how to process them!

wordpress

#1

Hello everyone,

My site recently experienced a lot of JS Vulnerability hack attempts and I reported the abuse to Amazon as most of these attempts were originating from Boardman, US. Amazon is asking me to paste the server logs and I do not know how o access and process these server logs to report the visitor activity.

I am using WordPress so any assistance will be appreciated. Is there a plugin that can be used to retrieve these logs easily.

Thank you everyone.

Pathfinder


#2

I don’t know of a WP plugin for this, but that doesn’t mean there isn’t one.

Logs are available in the logs directory of your server users home directory… i.e. /home/USER/logs/

Note however, logs are a special case in that ftp will NOT work. You must use SSH or SFTP to access logs.

Note also that /home/USER/ is the normal default directory you land in when you log in, so from there you would just need to change into ‘logs’.

The ‘logs’ directory should have an entry for each domain (or sub) that this USER hosts. Pick the correct entry.

On the next level you should see a directory named ‘http’ (there will also likely be some ‘http.XXXXXX’ or something like that folders that are likely old/trash that didn’t get purged for some reason), change into the ‘http’ directory. Once there you will see 5 days each of Access and Error logs. Today and maybe yesterday won’t be gzip’d yet, older than that will end in .gz indicating they have been zipped. You will need to download these files or copy them to your users home directory.

These files are text files, you can read them line by line or use grep if you’re looking for something in particular. There may also be external software you can use to ‘process’ them.


#3

There are a couple of pages in the wiki you should look at:


#4

Since it’s been updated repeatedly in recent years, one would think that article would be more accurate. However it implies FTP is what to use… FTP will in-fact not work.