diff --git a/install/lib/install.lib.php b/install/lib/install.lib.php index 06b10cbcbc9cd6286e701df14ed86042956ff921..9e2afe76c4d6a524165e7d263231086064a07b58 100644 --- a/install/lib/install.lib.php +++ b/install/lib/install.lib.php @@ -859,6 +859,28 @@ function is_ispconfig_ssl_enabled() { } } +/* +* Is anonymization enabled in ispconfig.conf file +*/ + +function get_logging_state() { + global $conf; + $ispconfig_conf_file = $conf['apache']['vhost_conf_dir'].'/ispconfig.conf'; + + if(is_file($ispconfig_conf_file)) { + $tmp = file_get_contents($ispconfig_conf_file); + if(stristr($tmp, '/usr/local/ispconfig/server/scripts/vlogger -p -s access.log')) { + return 'anon'; + } elseif(stristr($tmp, '/usr/local/ispconfig/server/scripts/vlogger -s access.log')) { + return 'yes'; + } else { + return 'no'; + } + } else { + return 'yes'; + } +} + /** Function to find the hash file for timezone detection (c) 2012 Marius Cramer, pixcept KG, m.cramer@pixcept.de diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php index 771f17c813631ee93e7fa748af61fb47a8dd7d81..1417a971b7c3fd668e011592defb4b8ec7fe54af 100644 --- a/install/lib/installer_base.lib.php +++ b/install/lib/installer_base.lib.php @@ -2010,6 +2010,11 @@ class installer_base { $tpl->setVar('apps_vhost_basedir',$conf['web']['website_basedir']); $tpl->setVar('apps_vhost_servername',$apps_vhost_servername); $tpl->setVar('apache_version',getapacheversion()); + if($this->is_update == true) { + $tpl->setVar('logging',get_logging_state()); + } else { + $tpl->setVar('logging','yes'); + } // comment out the listen directive if port is 80 or 443 diff --git a/install/tpl/apache_ispconfig.conf.master b/install/tpl/apache_ispconfig.conf.master index 3ce1ebb1c93ae8c7779ec793c7ece512b10de11c..84eec5c5540c9b2f3f4c4ef159417cc96ff55cfb 100644 --- a/install/tpl/apache_ispconfig.conf.master +++ b/install/tpl/apache_ispconfig.conf.master @@ -6,7 +6,12 @@ SetEnvIf Request_URI "^/datalogstatus.php$" dontlog LogFormat "%v %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined_ispconfig + +CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -p -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig env=!dontlog + + CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig env=!dontlog + AllowOverride None diff --git a/install/tpl/server.ini.master b/install/tpl/server.ini.master index 41cb03c4fff2238af5c0513de932a351f1dbf7f2..39c24bc702575c9cd9ea3e40f9744b350add14c9 100644 --- a/install/tpl/server.ini.master +++ b/install/tpl/server.ini.master @@ -29,6 +29,7 @@ munin_user= munin_password= monitor_system_updates=y migration_mode=n +log_retention=10 [mail] module=postfix_mysql @@ -113,6 +114,7 @@ overquota_notify_freq=7 overquota_db_notify_admin=y overquota_db_notify_client=y overquota_notify_onok=n +logging=yes [dns] bind_user=root diff --git a/interface/web/admin/form/server_config.tform.php b/interface/web/admin/form/server_config.tform.php index 4ee8da8eede5572b0f2d26fb895142c3d032e54e..f939c97b37e0fb88c537708f1b6c1f98e672cd50 100644 --- a/interface/web/admin/form/server_config.tform.php +++ b/interface/web/admin/form/server_config.tform.php @@ -395,6 +395,17 @@ $form["tabs"]['server'] = array( 'default' => 'y', 'value' => array(0 => 'n', 1 => 'y') ), + 'log_retention' => array ( + 'datatype' => 'INTEGER', + 'formtype' => 'TEXT', + 'validators' => array ( 0 => array ( 'type' => 'ISPOSITIVE', + 'errmsg'=> 'log_retention_error_ispositive'), + ), + 'default' => '30', + 'value' => '', + 'width' => '4', + 'maxlength' => '4' + ), 'migration_mode' => array( 'datatype' => 'VARCHAR', 'formtype' => 'CHECKBOX', @@ -910,6 +921,12 @@ $form["tabs"]['web'] = array( 'default' => 'y', 'value' => array(0 => 'n', 1 => 'y') ), + 'logging' => array( + 'datatype' => 'VARCHAR', + 'formtype' => 'SELECT', + 'default' => 'yes', + 'value' => array('yes' => 'Yes', 'anon' => 'Anonymize IP', 'no' => 'No') + ), 'overtraffic_notify_admin' => array( 'datatype' => 'VARCHAR', 'formtype' => 'CHECKBOX', diff --git a/interface/web/admin/lib/lang/en_server_config.lng b/interface/web/admin/lib/lang/en_server_config.lng index 1783293e60a1b07fce4c105bf210019a69b020c1..4393a5255df25c69996111978197d009538bdd16 100644 --- a/interface/web/admin/lib/lang/en_server_config.lng +++ b/interface/web/admin/lib/lang/en_server_config.lng @@ -288,4 +288,8 @@ $wb["apps_vhost_enabled_txt"] = "Apps-vhost enabled"; $wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check'; $wb['migration_mode_txt'] = 'Server Migration Mode'; $wb['nginx_enable_pagespeed_txt'] = 'Makes Pagespeed available'; +$wb['logging_txt'] = 'Store website access and error logs'; +$wb['logging_desc_txt'] = 'Use Tools > Resync to apply changes to existing sites.'; +$wb['log_retention_txt'] = 'Log retention (days)'; +$wb['log_retention_error_ispositive'] = 'Log retention must be a number > 0'; ?> diff --git a/interface/web/admin/templates/server_config_server_edit.htm b/interface/web/admin/templates/server_config_server_edit.htm index e034fa53b9236d00d7970e72dc8bd12e23d7578d..be44a85551f97e0d4fadba1e21bbf960db506335 100644 --- a/interface/web/admin/templates/server_config_server_edit.htm +++ b/interface/web/admin/templates/server_config_server_edit.htm @@ -80,6 +80,10 @@
+ +
+
+
 {tmpl_var name='monit_url_note_txt'} [SERVERNAME]
diff --git a/interface/web/admin/templates/server_config_web_edit.htm b/interface/web/admin/templates/server_config_web_edit.htm index ed58a558da02e7094855f95ccc8360862446c14d..5a28ffc58dd35be5462ca04ac592acc2fdfeb514 100644 --- a/interface/web/admin/templates/server_config_web_edit.htm +++ b/interface/web/admin/templates/server_config_web_edit.htm @@ -104,6 +104,14 @@
{tmpl_var name='enable_ip_wildcard'}
+ +
+ +
+ +
diff --git a/interface/web/client/form/message_template.tform.php b/interface/web/client/form/message_template.tform.php index ab2d19134003e949254649bfbe8cb3b219be864e..7231e0e068ccc07982f30b4baac7673b241777dd 100644 --- a/interface/web/client/form/message_template.tform.php +++ b/interface/web/client/form/message_template.tform.php @@ -62,7 +62,7 @@ $form["tabs"]['template'] = array ( 'datatype' => 'VARCHAR', 'formtype' => 'SELECT', 'default' => '', - 'value' => array('welcome' => 'Default welcome email', 'other' => 'Other') + 'value' => array('welcome' => 'Default welcome email', 'gdpr' => 'GDPR data send', 'other' => 'Other') ), 'template_name' => array ( 'datatype' => 'VARCHAR', diff --git a/interface/web/client/lib/module.conf.php b/interface/web/client/lib/module.conf.php index 7d6f1b34e82c13d073b9bc209905e13789aa5a74..2603550c9b507b715dfe320bfd1553f73e98d124 100644 --- a/interface/web/client/lib/module.conf.php +++ b/interface/web/client/lib/module.conf.php @@ -94,6 +94,22 @@ if ($settings['use_domain_module'] == 'y') { unset($items); } +/* +// GDPR functions for admin only, might be extended for resellers later +if($_SESSION["s"]["user"]["typ"] == 'admin'){ + $items = array(); + $items[] = array( 'title' => 'Send Personal Data', + 'target' => 'content', + 'link' => 'client/gdpr_send.php'); + + $module['nav'][] = array( 'title' => 'GDPR', + 'open' => 1, + 'items' => $items); + + unset($items); +} +*/ + /* if($_SESSION["s"]["user"]["typ"] == 'admin'){ $items[] = array( 'title' => "Interface Settings", diff --git a/interface/web/sites/form/web_vhost_domain.tform.php b/interface/web/sites/form/web_vhost_domain.tform.php index 11132f5469d5c5ebabb2e1e81b95e1de2bb780b0..fc3859ebffa9a4e3c0f1175db74f91cc852e3425 100644 --- a/interface/web/sites/form/web_vhost_domain.tform.php +++ b/interface/web/sites/form/web_vhost_domain.tform.php @@ -947,18 +947,18 @@ if($_SESSION["s"]["user"]["typ"] == 'admin' 'width' => '3', 'maxlength' => '6' ), - 'log_retention' => array ( - 'datatype' => 'INTEGER', - 'formtype' => 'TEXT', - 'validators' => array ( 0 => array ( 'type' => 'REGEX', - 'regex' => '/^([0-9]{1,4})$/', - 'errmsg'=> 'log_retention_error_regex'), - ), - 'default' => '30', - 'value' => '', - 'width' => '4', - 'maxlength' => '4' - ) + 'log_retention' => array ( + 'datatype' => 'INTEGER', + 'formtype' => 'TEXT', + 'validators' => array ( 0 => array ( 'type' => 'REGEX', + 'regex' => '/^([0-9]{1,4})$/', + 'errmsg'=> 'log_retention_error_regex'), + ), + 'default' => '30', + 'value' => '', + 'width' => '4', + 'maxlength' => '4' + ) //################################# // ENDE Datatable fields //################################# diff --git a/interface/web/sites/web_vhost_domain_edit.php b/interface/web/sites/web_vhost_domain_edit.php index 80b7f38f44c867c8d8190b2d3792ec44415277da..791dacf12ba8861e5d9902457711c74ac3fd1de9 100644 --- a/interface/web/sites/web_vhost_domain_edit.php +++ b/interface/web/sites/web_vhost_domain_edit.php @@ -1399,6 +1399,14 @@ class page_action extends tform_actions { $app->uses("getconf"); $web_rec = $app->tform->getDataRecord($this->id); $web_config = $app->getconf->get_server_config($app->functions->intval($web_rec["server_id"]), 'web'); + + // get global log retention value as default for web log retention + $server_config = $app->getconf->get_server_config($app->functions->intval($web_rec["server_id"]), 'server'); + if($server_config['log_retention'] > 0) { + $log_retention = $server_config['log_retention']; + } else { + $log_retention = 10; + } if($this->_vhostdomain_type == 'domain') { $document_root = str_replace("[website_id]", $this->id, $web_config["website_path"]); @@ -1432,8 +1440,8 @@ class page_action extends tform_actions { $htaccess_allow_override = $web_config["htaccess_allow_override"]; $added_by = $_SESSION['s']['user']['username']; - $sql = "UPDATE web_domain SET system_user = ?, system_group = ?, document_root = ?, allow_override = ?, php_open_basedir = ?, added_date = CURDATE(), added_by = ? WHERE domain_id = ?"; - $app->db->query($sql, $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $added_by, $this->id); + $sql = "UPDATE web_domain SET system_user = ?, system_group = ?, document_root = ?, allow_override = ?, php_open_basedir = ?, added_date = CURDATE(), added_by = ?, log_retention WHERE domain_id = ?"; + $app->db->query($sql, $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $added_by, $log_retention, $this->id); } else { // Set the values for document_root, system_user and system_group $system_user = $this->parent_domain_record['system_user']; @@ -1446,8 +1454,8 @@ class page_action extends tform_actions { $htaccess_allow_override = $this->parent_domain_record['allow_override']; $added_by = $_SESSION['s']['user']['username']; - $sql = "UPDATE web_domain SET sys_groupid = ?, system_user = ?, system_group = ?, document_root = ?, allow_override = ?, php_open_basedir = ?, added_date = CURDATE(), added_by = ? WHERE domain_id = ?"; - $app->db->query($sql, $this->parent_domain_record['sys_groupid'], $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $added_by, $this->id); + $sql = "UPDATE web_domain SET sys_groupid = ?, system_user = ?, system_group = ?, document_root = ?, allow_override = ?, php_open_basedir = ?, added_date = CURDATE(), added_by = ?, log_retention WHERE domain_id = ?"; + $app->db->query($sql, $this->parent_domain_record['sys_groupid'], $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $added_by, $log_retention, $this->id); } if(isset($this->dataRecord['folder_directive_snippets'])) $app->db->query("UPDATE web_domain SET folder_directive_snippets = ? WHERE domain_id = ?", $this->dataRecord['folder_directive_snippets'], $this->id); diff --git a/server/conf/apache_ispconfig.conf.master b/server/conf/apache_ispconfig.conf.master index 3edf45fd46f2bc425642c78fe1bf37054d1e0196..6acb16f7c8bac0a99cbf17084e786c9e8bacacce 100644 --- a/server/conf/apache_ispconfig.conf.master +++ b/server/conf/apache_ispconfig.conf.master @@ -6,7 +6,12 @@ SetEnvIf Request_URI "^/datalogstatus.php$" dontlog LogFormat "%v %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined_ispconfig + +CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -p -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig env=!dontlog + + CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig env=!dontlog + AllowOverride None diff --git a/server/conf/vhost.conf.master b/server/conf/vhost.conf.master index 7672af39a040e50a687806a71459b3029801b4df..a6fd2f95b108743e98421dda32c1a6591674ed13 100644 --- a/server/conf/vhost.conf.master +++ b/server/conf/vhost.conf.master @@ -45,7 +45,12 @@ + + ErrorLog "|/usr/local/ispconfig/server/scripts/vlogger -e -n -P -t \"error.log\" /var/log/ispconfig/httpd/" + + ErrorLog /var/log/ispconfig/httpd//error.log + Alias /error/ "/error/" diff --git a/server/lib/classes/cron.d/200-logfiles.inc.php b/server/lib/classes/cron.d/200-logfiles.inc.php index 8a68f127bfef24930d8fcfbd7ddc605c2d2eba9a..40778a8a13abcb96888b2eaf868bf97578fa9e15 100644 --- a/server/lib/classes/cron.d/200-logfiles.inc.php +++ b/server/lib/classes/cron.d/200-logfiles.inc.php @@ -50,7 +50,14 @@ class cronjob_logfiles extends cronjob { public function onRunJob() { global $app, $conf; - $max_syslog = 10; + $app->uses('getconf'); + $server_config = $app->getconf->get_server_config($conf['server_id'], 'server'); + + if($server_config['log_retention'] > 0) { + $max_syslog = $server_config['log_retention']; + } else { + $max_syslog = 10; + } //###################################################################################################### // Make the web logfiles directories world readable to enable ftp access diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php index aba168257d748c995a479dc34678ffb3ad733d3d..5b1441a4b9196647b4c9c216e9463fbc6b6e7ab9 100644 --- a/server/plugins-available/apache2_plugin.inc.php +++ b/server/plugins-available/apache2_plugin.inc.php @@ -73,6 +73,9 @@ class apache2_plugin { $app->plugins->registerEvent('server_ip_insert', $this->plugin_name, 'server_ip'); $app->plugins->registerEvent('server_ip_update', $this->plugin_name, 'server_ip'); $app->plugins->registerEvent('server_ip_delete', $this->plugin_name, 'server_ip'); + + $app->plugins->registerEvent('server_insert', $this->plugin_name, 'server_ip'); + $app->plugins->registerEvent('server_update', $this->plugin_name, 'server_ip'); $app->plugins->registerEvent('webdav_user_insert', $this->plugin_name, 'webdav'); $app->plugins->registerEvent('webdav_user_update', $this->plugin_name, 'webdav'); @@ -1160,6 +1163,7 @@ class apache2_plugin { $vhost_data['ssl_domain'] = $data['new']['ssl_domain']; $vhost_data['has_custom_php_ini'] = $has_custom_php_ini; $vhost_data['custom_php_ini_dir'] = escapeshellcmd($custom_php_ini_dir); + $vhost_data['logging'] = $web_config['logging']; // Custom Apache directives if(intval($data['new']['directive_snippets_id']) > 0){ @@ -2248,7 +2252,7 @@ class apache2_plugin { if($data['old']['type'] != 'vhost') $app->system->web_folder_protection($data['old']['document_root'], true); } - //* This function is called when a IP on the server is inserted, updated or deleted + //* This function is called when a IP on the server is inserted, updated or deleted or when anon_ip setting is altered function server_ip($event_name, $data) { global $app, $conf; @@ -2261,6 +2265,7 @@ class apache2_plugin { $tpl = new tpl(); $tpl->newTemplate('apache_ispconfig.conf.master'); $tpl->setVar('apache_version', $app->system->getapacheversion()); + $tpl->setVar('logging', $web_config['logging']); $records = $app->db->queryAllRecords("SELECT * FROM server_ip WHERE server_id = ? AND virtualhost = 'y'", $conf['server_id']); $records_out= array();