1. S

    Change where PureFTP logs transfers?

    Pure FTP seems to be logging transfers to /var/log/messages. How do I put these transfers (or even all FTP logs) in a different ftp.log or something?
  2. J

    exim logs not showing subject suddenly

    Hello. I hope everyone is safe and healthy. Does anyone know how to get the exim logs to also include "subject"? It used to and now it's suddenly stopped. . . Thanks.
  3. A

    Notify me when: Someone logs in to my account (Doesn't work)

    In Webmail under "Contact Preferences", the feature: Notify me when: "Someone logs in to my account", or "Send login notifications, even when the user logs in from an IP address range or netblock that contains an IP address from which a user successfully logged in previously", doesn't work...
  4. A

    Error logs after disabling functions

    Hello, I disabled many functions, now I need to verify which function cause error in websites. How to verify logs and where to find the logs? Thanks
  5. spaceman

    Seeking recommendations for a good log file analyser for WHM servers

    So many log files, so little time! o_O https://docs.cpanel.net/knowledge-base/cpanel-product/the-cpanel-log-files/ There's so much great information stored in log files, brilliant for troubleshooting server and website errors, problems, etc. But if (like me) you're not working with log files...
  6. spaceman

    Where are failed logs stored for invalid API token connection attempts?

    Hi All, I'm experimenting with a cURL API token connection attempt from my local Windows PC to one of our WHM servers. I can see successful connections being logged here, no problem. /usr/local/cpanel/logs/api_tokens_log But when I deliberately make an invalid attempt (e.g. I change the API...
  7. 000

    Apache logs save errors from HACKER ATTACK, but how I can find the DOMAIN/URL attacked?

    hello, today a hacker (or BOOT) attack my server, all is SLOW and ALL load 503, my server go to OFF LINE... becouse my knowement is very poor my UNIQUE option for STOP the attack has been RESTART server. When server start again, ALL is fine then I run: cat /etc/apache2/logs/error_log...
  8. E

    Script to get cpanel access logs through email

    Hello, I hope you are doing well. I would like to request you that if you know solution of my concern. I shall be thankful to you. When I run this command through CLI "grep 'SUCCESS' /usr/local/cpanel/logs/login_log | tail -n 100" I get all successfully logins of cPanel and webmail. This way...
  9. A

    DNS logs

    The customer made some DNS changes to the domain. Now he wants to get the details of the DNS change. Eg: Details of the A record changes for the domain xxxxxx.com
  10. J

    ChatGPT script to generate hack alerts from mod_sec

    I sometimes struggle to understand what is going on with the logs of mod_sec so I can best thwart them. So I asked ChatGPT. It came up with a python script to send alerts and breakdown in plain language the alert. Here it is below. I haven't used it yet but thought it interesting enough to...
  11. J

    cryptic logs

    Hello. I hope everyone is safe and healthy. I am seeing the following notices and don't have a clue what they mean. Any guidance greatly appreciated. lfd on xxxxxxxx.com: Excessive processes running under userxxxxxx Time: Wed Mar 15 08:11:31 2023 -0400 Account: xxxxxxxxx...
  12. M

    Resource Usage Logs

    Hi at Resource Usage Dashboard, i get this Waring: You have reached the processes number limit 20 times. How can i log my resource usage, So i can analyze my site performance? P.S: I am user on the server but i ask the server admin to do it, if root needed. Ali
  13. T

    Looks like mod_security is blocking a file but cannot find where or find it in logs

    We have a developer installing WP in one of the prescribed methods, uploading files and running to get setup prompts for the wp-config.php file. This redirects to wp-admin/setup-config.php which is blocked with a 403 error. If I rename the file it runs just fine. The page doesn't show up in...
  14. E

    Received mail ⚠ Successful root Login from an Unknown Network -don´t see in logs

    Hello, I have cPanel&WHM version 106.0.15. I have received this mail: I do not see in any logs, messages, secure that from IP login was successuful. Where should I be able to see it? Best regards, Elizabeta
  15. B

    Are /home/virtfs logs shared and accessible between accounts?

    Trying to post, but it won't let me... I've attached my question as a PNG since it won't let me ask it as text. This forum is kind of ridiculous TBH.
  16. M

    Missing /home/user/logs folder new account setup

    Sorry for the wasted space. Found the solution at https://support.cpanel.net/hc/en-us/articles/360052289274-Missing-access-logs-in-home-directory-log-folder To generate the files in the log folder run the following command. /usr/local/cpanel/scripts/runweblogs <user> (But the strange thing is...
  17. S

    Exclude logs and bandwidth data from backup during Live Transfer?

    Is it possible to exclude bandwidth data and access logs from the backup process when running the Live Transfer to move accounts to a new server? They aren't needed in our case so it will only slow down the backup and restore process since we have hundreds of accounts to move.
  18. J

    deciphering mod_security logs

    Hello. I hope everyone is safe and healthy. Is this the right place to ask a question about mod_security logs? I keep getting the same log entries from mod_security via csf's lfd output but don't really understand them. Thanks.
  19. A

    Subdomain log

    Where we can find logs related to subdomain creation and deletion
  20. B

    Cloudflare shows user real IP in my site but not in the logs (CF IPs getting blocked by mod_qos)

    Hello, I have fixed users real IP by help of cpanel and this link: https://support.cpanel.net/hc/en-us/articles/360051107513-Restoring-visitors-IP-with-mod-remoteip But the problem is now that in the logs it still shows cloudflare IPs and when an attack happens mod_qos or evasive blocks...