how to check which file is being visited by remote site

Posted on 2013-06-30
Last Modified: 2013-07-09
Dear Experts,

Just want to know how web counter or awstats program ability to check all
visiting site information.

From netstat -nputw command on Linux I know , we can check who is visting to my website.
The result of the command will  show you foreign or Local address  and Protocol something
like that, but why it won't show which file is being visited by the visitors ?
for example for my wish, at least show me the visitor is  visiting file

From the local address is just IP address of my site and Port 80 only, no information about which or what html or php file is being visited, Why ?

Please advise, any Linux command can check that for me , what is exact path and the file that visitor is  or was visiting ?

And I check at /var/log/httpd/access_log , there is nothing inside of the file,Why ?
I believe my linux system will record that information for user, but where if any ?

Question by:duncanb7
  • 5
  • 2
  • 2
  • +1
LVL 110

Expert Comment

by:Ray Paseur
ID: 39288223
PHP answers:

URL of the current script is available in $_SERVER['REQUEST_URI']
IP address of the current visitor is available in $_SERVER['REMOTE_ADDR']
Browser information is available in $_SERVER["HTTP_USER_AGENT"]
Request method (GET, POST) is available in $_SERVER["REQUEST_METHOD"]

These values are not guaranteed, but are usually present in most PHP installations.
LVL 13

Author Comment

ID: 39288231
I used tcpdump -A port 80 to solve the problem , the command will output the
request header which include the exact path of request html/php filename

 now I will try your suggestion
from $_Server
LVL 56

Expert Comment

by:Julian Hansen
ID: 39288265
$_SERVER is for getting information about who is visiting from within your PHP script.

If you are asking how to monitor what files are being accessed on your system you need to look at your logs - they should contain all the information concerning GET's to the server - time, source IP file etc.

Is this what you were asking? If so then $_SERVER is not going to help you.
Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

LVL 110

Expert Comment

by:Ray Paseur
ID: 39288270
In PHP variables are case-sensitive.  $_Server != $_SERVER
LVL 13

Author Comment

ID: 39289216
Dear JulianH,

you are right $_SERVER is not working, what is your other suggestion to solve my asking
besides using tcpdump
LVL 56

Expert Comment

by:Julian Hansen
ID: 39289252
To answer I need to know what it is you are trying to achieve.

From your original post it sounds like you want to see when a page is being accessed. What is not clear is how you want to use this information.

Do you need to know when the page is being accessed in real time - as it is being accessed or are you only interested from a statistics perspective.

It would also be helpful to know a little bit more about your website and how it is constructed - pure HTML / php / ASPX etc

You mentioned you looked in the access logs and found nothing - this is strange because you should see logs of all requests to your site.

Are you self hosting? Is your server setup your responsibility or are you using an ISP?
LVL 13

Author Comment

ID: 39289985

I am using hosting company VSP server, normally I am using Cpanel and awstat to
keep track of the visitor access to my visit.Now I gave up to use it since I need to pay
for using Cpanel . Now I want to know how to
do php programming or other linux command to perform the same function of aswtat or
web counter .

I tried to tcpdump on my SSH shell it works finally and it will report out
the visitor IP and full path of the access file.

As I remember there should be one place to store all coming internet traffic to my website. SO I log into my root SSH shell and go to /var/log/httpd/access_log but
there is no any file. Do you know where is the access-log file for internet traffic on Linux ?
OR what other way to do the same as I just mentioned
LVL 13

Author Comment

ID: 39289993
Be reminded Now I do not allow to use Cpanel on VPS server since I nerver pay it on VPS server
LVL 82

Accepted Solution

hielo earned 500 total points
ID: 39290285
>>SO I log into my root SSH shell and go to /var/log/httpd/access_log
You need to look at your apache configuration for the CustomLog setting.

# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path.  If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
# with ServerRoot set to "/usr/local/apache" will be interpreted by the
# server as "/usr/local/apache/logs/foo.log".

If the site in question is a virtual host, first check to see if the virtual host definition defines a different CustomLog location from that of the main server CustomLog location.
LVL 13

Author Closing Comment

ID: 39309582
The final access log is found at /usr/local/apache/domlogs/ and at

after reading those two files, the first one, file is exactly record who
is accessing  my domain website.

Why the second file of access_logs is just reporting like this as follows ---[9/July/2013:222:05:01+3000] "Get /whm-server-status HTTP/1.0" 200 3984
ANd I could not find who is accessing my website information on second file.

Anyway, now at least I could find who is accessing my website on first file of

Please advise and thanks for your final soltuon


Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question