cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CRITICAL FIX: Access log selection - prefer HTTPS (-ssl_log) over HTTP

Browse Source 
Most modern traffic is HTTPS. The script was only reading HTTP logs,
causing completely wrong traffic percentages. Now prioritizes:
1. domain-ssl_log (HTTPS) - where 95%+ of real traffic is
2. domain (HTTP) - fallback for older sites

This fixes backwards traffic analysis where low-traffic HTTPS sites
appeared as high-traffic and vice versa.
This commit is contained in:
Developer
2026-04-20 19:32:14 -04:00
parent 34cea9627a
commit 3844fddda8
1 changed files with 19 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/php-scanner.sh
+19 -6
View File
@@ -484,25 +484,38 @@ find_domain_access_log() {
case "${SYS_CONTROL_PANEL:-unknown}" in case "${SYS_CONTROL_PANEL:-unknown}" in
cpanel) cpanel)
# cPanel standard locations for access logs # cPanel standard locations for access logs
# Primary: /var/log/apache2/domlogs/DOMAIN (or DOMAIN-error_log, etc) # CRITICAL: Must check HTTPS (ssl_log) first since that's where 95%+ of traffic is
# Secondary: /home/USER/access-logs/ (symlink to above) # Format: /var/log/apache2/domlogs/DOMAIN-ssl_log (HTTPS) or DOMAIN (HTTP)
local log_file local log_file
# Try standard cPanel domlogs directory FIRST (primary location) # Try standard cPanel domlogs directory FIRST - PREFER SSL LOG (HTTPS)
log_file=$(find "/var/log/apache2/domlogs" -maxdepth 1 -type f -name "*${domain}*" 2>/dev/null | head -1) # Most modern traffic is HTTPS, so -ssl_log has the real traffic data
if [ -f "/var/log/apache2/domlogs/${domain}-ssl_log" ]; then
log_file="/var/log/apache2/domlogs/${domain}-ssl_log"
elif [ -f "/var/log/apache2/domlogs/${domain}" ]; then
log_file="/var/log/apache2/domlogs/${domain}"
fi
# If not found, try user's access-logs directory (symlink, follows) # If not found, try user's access-logs directory (symlink, follows)
if [ -z "$log_file" ]; then if [ -z "$log_file" ]; then
local owner local owner
owner=$(find_domain_owner "$domain") owner=$(find_domain_owner "$domain")
if [ -n "$owner" ] && [ -d "/home/${owner}/access-logs" ]; then if [ -n "$owner" ] && [ -d "/home/${owner}/access-logs" ]; then
log_file=$(find -L "/home/${owner}/access-logs" -maxdepth 1 -type f -name "*${domain}*" 2>/dev/null | head -1) if [ -f "/home/${owner}/access-logs/${domain}-ssl_log" ]; then
log_file="/home/${owner}/access-logs/${domain}-ssl_log"
elif [ -f "/home/${owner}/access-logs/${domain}" ]; then
log_file="/home/${owner}/access-logs/${domain}"
fi
fi fi
fi fi
# Try alternative cPanel path # Try alternative cPanel path
if [ -z "$log_file" ] && [ -d "/etc/apache2/logs/domlogs" ]; then if [ -z "$log_file" ] && [ -d "/etc/apache2/logs/domlogs" ]; then
log_file=$(find "/etc/apache2/logs/domlogs" -maxdepth 1 -type f -name "*${domain}*" 2>/dev/null | head -1) if [ -f "/etc/apache2/logs/domlogs/${domain}-ssl_log" ]; then
log_file="/etc/apache2/logs/domlogs/${domain}-ssl_log"
elif [ -f "/etc/apache2/logs/domlogs/${domain}" ]; then
log_file="/etc/apache2/logs/domlogs/${domain}"
fi
fi fi
echo "$log_file" echo "$log_file"