Apache webserver logs are located in the logs catalogue. Secure HTTPS connection logs are located in apache.ssl.access.log file. Logs are located in the “Logs” folder and other logs are visible via the server management “Logs” section:
Here is an example of a log line:
example.com 2021-03-08T13:58:23.209048Z 1.2.3.4 12345 - user1 "GET / HTTP/2" 200 3390 "https://example.com/referer" "ApacheBench/2.3" 1621846 (064FD630-5.001)
Description of log line elements:
| example.com | Request target Domain/Host |
| 2021-03-08T13:58:23.209048Z | START Time of request in UTC |
| 1.2.3.4 | Requester’s IP address |
| 12345 | Request’s Port of origin . If Port is 0, the request was made through a trustworthy proxy (like Cloudflare) |
| – | Identd legacy, it is always -. |
| user1 | HTTP Basic Auth username. If Basic Auth is not used, - is displayed. |
| “GET / HTTP/2” | Request originating from clientGET is request method/ is request methodHTTP/2 is request’s protocol |
| 200 | Request response code returned from server.1xx response codes are informative.2xx codes are notifications of successful responses.3xx codes are forwards.4xx codes are errors from client.5xx codes are errors from server. |
| 3390 | Request response size in bytes. |
| “https://example.com/referer” | Referrer is the referral address from which the request was made |
| “ApacheBench/2.3” | The web browser or application that performed the request. |
| 1621846 | Time in microseconds, how long it took the web server to respond to the request. |
| (064FD630-5.001) | 064FD630 is PHP-ZFPM identificator. After the hyphen is the time in seconds (5.001s), how long it took PHP to process the request. If brackets contain ---, then it was not a PHP request. |