Linux Web Security For Apache2 Web Server

Code:

    LogLevel info ssl:warn
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" custom
    CustomLog ${APACHE_LOG_DIR}/access.log custom

    

Code:

sudo gedit /etc/apache2/sites-available/your-site.conf

after making changes

Code:

sudo systemctl restart apache2

and any other .conf file you have add the top 3 lines to conf fil!

then visit your site then look at the log using this command

Code:

sudo gedit /var/log/apache2/access.log

Live Monitor admin access or attempts to access admin folders easy

Code:

sudo tail -f /var/log/apache2/access.log | grep "admin"

Log Monitoring From PHP

Code:

<?php

$log_file='/var/log/apache2/access.log';

// Open the log file for reading
$log_handle=fopen($log_file, 'r');

// Loop through each line in the log file
while (!feof($log_handle)) {
    $log_line=fgets($log_handle);
    
    // Split the log line into an array of fields
    $log_fields=explode(' ', $log_line);

    // Extract the relevant fields
    $ip_address=$log_fields[0];
    $date_time=$log_fields[3] . ' ' . $log_fields[4];
    $request_method=$log_fields[5];
    $request_path=$log_fields[6];
    $http_version=$log_fields[7];
    $http_status_code=$log_fields[8];
    $referrer=$log_fields[10];
    $user_agent=substr($log_line, strpos($log_line, $log_fields[11]));
    
    // Output the information in a formatted way
    echo '<p><strong>' . $date_time . ':</strong> ' . $ip_address . ' ' . $request_method . ' ' . $request_path . ' ' . $http_version . ' ' . $http_status_code . '</p>';
    echo '<p><strong>Referrer:</strong> ' . $referrer . '</p>';
    echo '<p><strong>User Agent:</strong> ' . $user_agent . '</p>';
}

// Close the log file handle
fclose($log_handle);

?>

If you're using Apache2 as your web server and the access log file is /var/log/apache2/access.log on Linux Mint, you can modify the logrotate configuration file to rotate that specific file.

Here's an example logrotate configuration file that will rotate the Apache access log file and keep a maximum of 5 rotated files:

    Open the logrotate configuration file /etc/logrotate.conf in a text editor.
    Add the following lines at the end of the file:
    

Code:

sudo gedit /etc/logrotate.conf

Code:




/var/log/apache2/access.log {


    rotate 5


    size 1G


    compress


    delaycompress


    missingok


    create 640 root adm


    sharedscripts


    postrotate


        /etc/init.d/apache2 reload > /dev/null


    endscript


}

This configuration specifies that:

    The log file /var/log/apache2/access.log should be rotated when it reaches a size of 1GB (size 1G).
    Up to 5 rotated log files should be kept (rotate 5).
    Rotated log files should be compressed (compress).
    Compress the file after it has been rotated (delaycompress).
    If the log file is missing, logrotate should continue without an error (missingok).
    The rotated log files should be owned by root and adm (create 640 root adm).
    The postrotate script reloads the Apache web server to ensure that it starts writing to the new log file (/etc/init.d/apache2 reload > /dev/null).

You can customize these options to fit your needs. Save the configuration file, and logrotate will automatically rotate the access log file based on the settings you specified. You can also run logrotate manually to rotate the log file immediately:

Code:

sudo logrotate -f /etc/logrotate.conf

Note: The `-


Note that this configuration assumes you're using the Nginx web server. If you're using a different web server, you may need to adjust the postrotate command to restart the appropriate service.