WHM provides a setting to control the file permissions (chmod value) of Apache domain log files stored in the /etc/apache2/domlogs/ directory. These log files record all HTTP requests for each domain on your server. Adjusting the chmod value allows you to control which users and processes can read or write to these log files, which is useful for security hardening or when third-party scripts need access to log data.

Step 1: Log in to WHM

Open your browser and navigate to https://your-server-ip:2087. Log in with your root credentials.

Step 2: Open Tweak Settings

Navigate to Home » Server Configuration » Tweak Settings in the left-hand sidebar.

Step 3: Locate the Apache Log chmod Setting

Click on the Stats and Logs tab, or use the search box at the top and type Apache log file chmod to quickly locate the setting.

Step 4: Set the Desired chmod Value

Find the setting labeled Apache log file chmod value. Enter the desired octal permission value. Common values include:

  • 640 (default) — Owner can read and write; group can read; others have no access. This is the most secure option for most servers.
  • 644 — Owner can read and write; group and others can read. Use this if you need scripts or other users to read log files without write access.
  • 600 — Only the owner (root) can read and write. Use this for maximum security when no other process needs log access.

Step 5: Save Changes

Click the Save button at the bottom of the page. The new permissions will be applied to newly created and rotated log files. Existing log files will retain their current permissions until they are rotated.

Understanding chmod Values

  • The value is a three-digit octal number: Owner, Group, Others.
  • 4 = Read, 2 = Write, 1 = Execute. Add the numbers together (e.g., 6 = 4 + 2 = Read + Write).
  • For log files, execute permission is almost never needed.

Important Notes

  • This setting only affects files in /etc/apache2/domlogs/. It does not affect cPanel's internal log files or other system logs.
  • The change applies to new and rotated log files. To apply to all existing log files immediately, run via SSH: chmod 640 /etc/apache2/domlogs/*
  • Setting permissions too open (e.g., 666) is a security risk.
  • If you have custom log processing scripts, ensure they have the necessary permissions after making changes.

Troubleshooting

  • Can't find the setting: Use the Tweak Settings search bar and type chmod. The setting is under the Stats and Logs tab.
  • Log processing scripts stopped working: The new permissions may be too restrictive. Verify the script runs as a user or group with sufficient read permissions.
  • Existing logs still have old permissions: The setting only affects new and rotated logs. Manually update existing files or wait for the next rotation cycle.

For official documentation, see the cPanel Tweak Settings guide and cPanel Log Files documentation.

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

How to set Default maximum email quota for new packages via WHM?

The Default maximum email quota for new packages setting in WHM controls the maximum email...
How to set Default disk usage quota for new packages via WHM?

The Default disk usage quota for new packages setting in WHM lets you define a default disk space...
How to set Default bandwidth limit for new packages via WHM?

When you create a new hosting package in WHM, cPanel uses a default bandwidth limit if you don't...
How to change cPanel PHP max POST size via WHM?

The cPanel PHP max POST size setting controls the maximum size of HTTP POST requests that...
How to change cPanel PHP max upload size via WHM?

What is the cPanel PHP Max Upload Size? The cPanel PHP max upload size setting controls the...