Logrotate for a Web Server: overview and examples

It’s always important to keep your server logs around for as long as it makes business sense. These maybe required for auditing system access, discovering abuses, or to identify root causes to problems, among other reasons.

The challenge, though, is that depending on the service being provided and the amount of traffic received, your logs are capable of growing to gargantuan sizes, consuming every last bit of disk space available.

Logrotate allows us to better manage our logs to prevent from consuming too much disk space.


Logrotate is installed by default on most recent distributions, so there is nothing to be done other than using it.

Create a Log Rotate Configuration

Logrotate configuration files are stored under /etc/logrotate.d

    /var/www/mysite/log/*.log {
        su www-data www-data
        rotate 8
        create 0640 www-data www-data
            sudo service apache2 reload

Test Your Configuration

As with anything, before you roll your configuration into production you will want to test it to ensure everything works.

Logrotate includes a feature that allows us to run a configuration, in debug mode, without it doing any work. If there are errors discovered in the syntax or some other issues, you will be notified.

    sudo logrotate -d /etc/logrotate.d/mysite.conf

Depending on how long your web server has run, the output may vary. Below an example for a new web server instance.

    empty log files are not rotated, old logs are removed
    considering log /var/www/mysite/log/access_log
      log does not need rotating
    considering log /var/www/mysite/log/error_log
      log does not need rotating
    not running postrotate script, since no logs were rotated

None of the logs were rotated since I ran the test on a server that was newly built. However, if the logs had more content and were aged a little more, we would see a message indicating our logs were rotated. For now, we can take this as our configuration file syntax is correct.

Run your configuration

Whether you are ready to run it for the first time or execute one-off, you can run your configuration file with the following command.

    sudo logrotate --force /etc/logrotate.d/mysite.conf

Hey, I’m getting an error. What am I doing wrong?

Before you start panicking, do consider the following most common mistakes:

  1. Ensure no clashing instructions exists in your configuration file. For instance setting both the size and daily at the same time will make the script failing.
  2. Ensure the file in /etc/logrotate.d/mysite.conf is owned by the root user. To do so use sudo chown root:root /etc/logrotate.d/mysite.conf.
  3. Ensure the file in /etc/logrotate.d/mysite.conf has the 644 permission at least. Again, you can change it with a sudo chmod 644 /etc/logrotate.d/mysite.conf.
  4. If you save your log files (as I do) in the webserver folder - so I can later SSH on them - ensure your files are managed with the users permission of your destination folder. For example, my log files are owned by www-data:www-data, then I add su www-data www-data to /etc/logrotate.d/mysite.conf.