diff --git a/modules/website/500-error-tracker.sh b/modules/website/500-error-tracker.sh
index e2dba34..8eb69cc 100755
--- a/modules/website/500-error-tracker.sh
+++ b/modules/website/500-error-tracker.sh
@@ -59,21 +59,22 @@ declare -A domain_user
 total_500s=0
 filtered_bots=0
 
-# Scan all domain access logs for 500 errors
-for log in "$DOMLOGS_DIR"/*; do
+# Scan all domain access logs for 500 errors (including subdirectories)
+while IFS= read -r log; do
     [ -f "$log" ] || continue
     [[ "$log" =~ (bytes_log|offset|error_log|ftpxferlog|-ssl_log)$ ]] && continue
 
+    # Extract domain from log filename
     domain="${log##*/}"
     domain="${domain%%-*}"
 
     # Skip non-domain system logs (proxy, localhost, etc.)
     [[ "$domain" =~ ^(proxy|localhost|default|cpanel|webmail|whm|cpcalendars|cpcontacts|webdisk)$ ]] && continue
-    
+
     # Find cPanel user for this domain
     user=$(grep -l "DNS.*$domain" /var/cpanel/users/* 2>/dev/null | head -1 | xargs basename 2>/dev/null)
     [ -z "$user" ] && user="unknown"
-    
+
     domain_user["$domain"]="$user"
     
     # Scan for 500 errors in this log
@@ -130,7 +131,7 @@ for log in "$DOMLOGS_DIR"/*; do
             echo "$domain|$user|$status|$url|$timestamp|$ip" >> "$ERRORS_500"
         fi
     done < <(tail -n 100000 "$log" 2>/dev/null)
-done
+done < <(find "$DOMLOGS_DIR" -type f ! -name "*bytes_log" ! -name "*offset*" ! -name "*error_log" ! -name "*ftpxferlog*" ! -name "*-ssl_log" 2>/dev/null)
 
 if [ "$total_500s" -eq 0 ]; then
     echo ""