How to Install AWStats on Fedora 28

Published on: Thu, Nov 1, 2018 at 6:16 pm EST

AWStats is a useful tool for analyzing web traffic. Its HTML interface can be accessed through the browser, giving you easy insights about who is viewing your website. This tutorial will walk you through installing, configuring, and securing AWStats for an Nginx web server on Fedora 28.

If you haven't installed Nginx yet, do so now:

sudo dnf install nginx
sudo systemctl enable --now nginx

Installing AWStats and tools

First, you'll need to install a few things. Fortunately, this is very easy, as all the software you'll need is in Fedora's repositories:

sudo dnf install awstats httpd-tools php-fpm

httpd-tools is a package containing some tools we'll need, such as htpasswd. It was designed for use with Apache, but most of the tools also work with Nginx. The other tool, php-fpm, allows us to run PHP scripts from Nginx.

We'll need to enable php-fpm through systemctl:

sudo systemctl enable --now php-fpm

Configuring AWStats for your site

We'll need to configure AWStats before we can use it. Copy the model config file to create a new configuration for your site:

sudo cp /etc/awstats/awstats.model.conf /etc/awstats/awstats.<yoursitename>.conf

Now edit that file:

sudoedit /etc/awstats/awstats.<yoursitename>.conf

Scroll down to the line that says LogFile="/var/log/httpd/access_log". Because we're using Nginx instead of Apache, we need to change this. Change it to LogFile="/var/log/nginx/access.log".

Next, scroll down all the way to the line that says DirIcons="/awstatsicons". If you can't find it, type /DirIcons, then press ENTER to jump to it. Change this line to DirIcons="../icon".

Finally, AWStats needs to know what website it's analyzing. This way it can report things such as which users are coming from external sites. The two relevant configuration options here are SiteDomain and HostAliases. SiteDomain will simply be the domain name of the site; and HostAliases will be a list of any other domain names that might be used (for example, if your site is www.example.com, you might put example.com here if it is the same site).

All of the configuration options are documented in the config file. If you want to know exactly what an option does, or if you want to see all the options that AWStats has to offer, just read the comments in that file.

Setting up permissions

It is strongly recommended not to run AWStats as the root user. We'll run AWStats under the nginx user that has already been set up during the Nginx installation.

To do this, we'll need to make nginx the owner of the directory where AWStats stores its database (/var/lib/awstats):

sudo chown -R nginx /var/lib/awstats

Run AWStats for the first time

In a later step, we'll set up AWStats to run when the server logs are rotated. This first time, however, it's best to run it manually. Do that with the following command:

sudo -u nginx /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=<yoursitename>

Note: The -u nginx part tells sudo to run the command as the nginx user rather than as root.

The output will be similar to the following:

Create/Update database for config "/etc/awstats/awstats.<yoursitename>.conf" by AWStats version 7.7 (build 20180105)
From data in log file "/var/log/nginx/access.log"...
Phase 1: First bypass old records, searching new record...
Direct access after last parsed record (after line 0)
Jumped lines in file: 0
 Found 0 already parsed records.
Parsed lines in file: 0
 Found 0 dropped records,
 Found 0 comments,
 Found 0 blank records,
 Found 0 corrupted records,
 Found 0 old records,
 Found 0 new qualified records.

Configuring Nginx to view AWStats online

Next, we'll configure Nginx so we can view our website statistics from the website itself, rather than through a command-line interface. Edit your main Nginx configuration file:

sudoedit /etc/nginx/nginx.conf

Here, we'll add a folder to contain the AWStats section of the website. In this tutorial, we'll call it webstats, but you can call it whatever you want.

Find the section of the config file that says server. After the line include /etc/nginx/default.d/*.conf;. Add a new section:

location /webstats/ {
    alias /usr/share/awstats/wwwroot/;

    location ~ /cgi-bin/(.+\.pl) {
        include fastcgi.conf;
        fastcgi_pass php-fpm;
        fastcgi_split_path_info ^/webstats/(.+\.pl)(.*)$;
        fastcgi_param SCRIPT_FILENAME /usr/share/awstats/tools/nginx/awstats-fcgi.php;
        fastcgi_param X_SCRIPT_FILENAME /usr/share/awstats/wwwroot/$fastcgi_script_name;
        fastcgi_param X_SCRIPT_NAME $fastcgi_script_name;
    }
}

This section tells Nginx that when we go to the webstats directory in our browser, it should serve AWStats's web root, and if we ask for a script in the cgi-bin directory, it should run it.

After editing the config file, we need to restart Nginx:

sudo systemctl restart nginx

Now open your browser and go to <your website>/webstats/cgi-bin/awstats.pl?config=<yoursitename>. This is AWStats' homepage for your website. It will look somewhat like this:

Make sure the page loads correctly and that you can see the AWStats logo in the top right corner. If the page doesn't load or the logo is missing, you may have something misconfigured in a previous step -- go back and make sure all the paths are correct.

Securing AWStats

Failing to secure your statistics page can lead to bad things, such as referrer spam. Also, you don't want your detailed analytics data exposed to the entire Internet.

We'll use Nginx to put a password on the statistics page. Open /etc/nginx/nginx.conf again, go back to the section you added, and add the following lines under location /webstats/ {:

auth_basic "Username and password required to access AWStats";
auth_basic_user_file /etc/nginx/.htpasswd;

Now we need to create that .htpasswd file. Exit the config file and run the following command:

sudo htpasswd -c /etc/nginx/.htpasswd <username>

Your username can be mostly anything, but it shouldn't contain spaces and should be unique, not something easy to guess like admin or webmaster. When you run the command, you'll be prompted for a password. Enter a secure password, then confirm it.

Reload Nginx:

sudo systemctl restart nginx

Try to access AWStats again. This time, you will be asked for your username and password. Enter them and you will be sent to the AWStats homepage as before.

Running AWStats daily and when logs are rotated

Finally, we need our statistics to update. We'll use cron for that. It's a task scheduler utility, and it's preinstalled on Fedora (and most other Linux distributions). We'll have it run AWStats every day at midnight. Edit /etc/crontab and add the following line at the bottom:

0 0 * * * nginx /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=<yoursitename>

To avoid losing data, we'll also want AWStats to run when the logs are rotated. To do that, edit /etc/logrotate.d/nginx. Above the postrotate section, add the following:

prerotate
    /usr/share/awstats/wwwroot/cgi-bin/awstats.pl -config=<yoursitename>
endscript

AWStats is now all set up and ready to go.