Page 1 of 1
Server logs
Posted: Sun Mar 25, 2007 11:48 am
by alex.barylski
I have a client who claims to have just been hacked due to an vulnerability in one of the apps I support and actively develop. I'm not convinced it was directly a result of my application, but I would like to examine their log files and see what I can some up with.
Do PHP and Apache maintain logs which I can check? Are their options I can enable/disable to allow logging, etc?
What are the names of the log files?
Posted: Sun Mar 25, 2007 11:50 am
by Jenk
$SERVERROOT/logs
- error.log
- access.log
- ssl_request.log
Posted: Sun Mar 25, 2007 1:01 pm
by impulse()
The logs on my Fedora Core box are located at /var/log
Posted: Sun Mar 25, 2007 1:03 pm
by Chris Corbyn
Yep, most systems will set the log path to /var/log/<whatever>
EDIT | You could so easily have googled this by the way

Posted: Sun Mar 25, 2007 3:38 pm
by alex.barylski
I did Google and got this, mostly PHP error logging functions...I need actual PHP logs
http://www.google.ca/search?hl=en&q=PHP+logs&meta=
Posted: Sun Mar 25, 2007 5:29 pm
by nickvd
You probably won't find PHP logs. While you are able to turn on logging of php errors/warnings etc, I would be surprised to find a host that turned it on. You will however, find the apache logs...
Posted: Mon Mar 26, 2007 1:52 pm
by RobertGonzalez
I usually check my server logs. Although I am not sure you are going to find the issue there. But I would suggest checking the error_log and the access_log (on Apache anyway) to see if you can trace down what took place when.