![Hang glider not strapped in youtube](https://loka.nahovitsyn.com/86.jpg)
![awstats 6.4 awstats 6.4](https://destek.nbt.net.tr/wp-content/uploads/2013/03/phpmyadminsuccess.png)
NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501 and CVE-2020-29600. I'm sure this can be a great plugin, just some minor fixes to get it working properly is all that we need.In AWStats through 7.8, cgi-bin/?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to only read a file in the /etc/awstats/nf format. This includes files in the /home/admin/.plugins/ directory and in the /usr/local/directadmin/plugins/Stats_Control/.Īlso, FYI, the server that I tested this out on, I ripped out fusion's version before I installed this. That's where I'm at now.ĬlayRabbit, I think you need to just go over the permissions and ownerships some more on all the files, they seem to really be all over the place. This plugin's lib files permissions were very off.īut, that didn't fix it.
![awstats 6.4 awstats 6.4](https://tva1.sinaimg.cn/large/006y8mN6ly1g88b56alx4j30by0byglv.jpg)
So, I went and compared the permissions of the old awstats plugin, with this one, and adjusted the files accordingly. Warning: Can't read file "mime.pm" (mime detection will not work correctly). Warning: Can't read file "browsers.pm" (browsers detection will not work correctly). Warning: Can't read file "robots.pm" (robots detection will not work correctly). Warning: Can't read file "operating_systems.pm" (operating systems detection will not work correctly). Warning: Can't read file "domains.pm" (domains detection will not work correctly). Warning: Can't read file "search_engines.pm" (search engines detection will not work correctly). Warning: Can't read file "status_http.pm" (status http detection will not work correctly).Ĭheck if file is in "./lib" directory and is readable. Warning: Can't find language files for "en".
Awstats 6.4 Patch#
For RedHat you should apply special patch to fix bug in (see .rh90.patch located nside plugins/Stats_Control/awstats/cgi-bin). Yep, awstats will work for subdomains also. Files inside domains/*/stats directory becomes owned by corresponding user, and so it becomes counted in quota usage, but user is able to delete those files anytime and disable stats generation. During install, this plugin will disable DirectAdmin's log rotation and webalizer run (and will enable those features after uninstall).
Awstats 6.4 update#
Bundled awstats version is 6.4, but you free to update it manually. After rotation, logs permissions will be changed to 440 nobody:user, so users will no longer be able to read other user's logs. Webalizer/awstats will be runned with user previlleges (not under root), so our server is safe (at least i hope so from known or unknown vulnerabilities in those programs. Some webalizer/awstats settings is customizable by user/admin. Also log will be rotated if it's size is over specified value.
Awstats 6.4 archive#
Logs rotated monthly and domain logs with all subdomains logs are packed in ONE archive (and without trailing '.1' in filename). User is able to choose (for each domain) which stats processor to use (awstats/webalizer/none), admin can specify which proccessor will be used by default. Implemented about 6 monthes ago, because I wasn't happy about fusionictnl's plugin and I hate DirectAdmin's daily rotation. Plugin: Stats Control (Yet another AwStats Plugin
![Hang glider not strapped in youtube](https://loka.nahovitsyn.com/86.jpg)