[ ^ ][ ^ ]
login

なにそれ

[ SINGLE POST ]

GoAccess Analytics and PHP - updated

I followed [this article](https://codeplea.com/goaccess-php) to setup goaccess for nani-so.re since it's from 2016 I was expecting some tweaks to be made, so here is what I changed from the original article to make it work on my debian 11 VPS: goaccess was already installed on my vps: ```shell root@vps:~# goaccess --version GoAccess - 1.4. For more details visit: http://goaccess.io Copyright (C) 2009-2020 by Gerardo Orellana Build configure arguments: --enable-utf8 --enable-geoip=mmdb --with-openssl ``` first of all www-data didn't have the permission to run goaccess, nor did it have permission to access the log files I fixed the first issue by adding ```sudoers www-data ALL=NOPASSWD: /usr/bin/goaccess ``` to the sudoers file with `visudo` then I added www-data to the right group to access /var/log/apache2 I created a shell script to run the command because `shell_exec` didn't seem to like pipes very much ```bash script.sh #!/bin/sh zcat -f /var/log/apache2/*access.log* | goaccess -p /etc/goaccess/goaccess.conf --geoip-database=/usr/local/share/GeoLite2-City.mmdb --log-format=COMBINED -a -o - ``` NOTE: I removed it from above but I also used the `-e` option to exclude both the vps and my IP from getting processed by goaccess, this removes quite a lot of noise I had to add `-p /etc/goaccess/goaccess.conf` because otherwise goaccess would complain that no HOME env variable was found and it couldn't load a default config file apparently I also had to add `--log-format=COMBINED` and the dash at the very end is very important `-` it tells the command to read from stdin, otherwise the piping of the data doesn't work NOTE: to debug `shell_exec`, adding `2>&1` at the end of the command allows to capture the full output of the command Because I added geoIP support, the processing time increased and I suspect `shell_exec` took too long to process and got killed before finishing, so I used `ulimit -t 15` to set `shell_exec` max running time to 15s The final step was to protect my page behind a password, since I already have a login system for nani-so.re it was quite simple ```php stats.php <?php session_name("login"); session_set_cookie_params(0, '/', '.nani-so.re'); session_start(); $http_host = $_SERVER['HTTP_HOST']; $request_uri = $_SERVER['REQUEST_URI']; $url = "https://$http_host$request_uri"; if(!isset($_SESSION['id'])) { header('Location: https://static.nani-so.re/login?url='.$url); } $output = shell_exec('ulimit -t 15 && /usr/bin/bash /var/www/script.sh'); echo "$output"; ?> ``` there you go many thanks to Lewis Van Winkle for his original aritcle on [codeplea](https://codeplea.com/)