AWStats script

  • CWE 425
  • WASC 34

AWStats is a free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically. This log analyzer works as a CGI or from command line and shows you all possible information your log contains, in few graphical web pages.

It's recommended to restrict access to this directory as it may contain sensitive information (test scripts, administrative interfaces, session tokens sent via GET, ...). This kind of information may help an attacker to learn more about the structure of your website and can be used to conduct further attacks.


Restrict (or password protect) the access to directory or make it accessible only on the local interface.