Apache HTTP Server generates error logs (error_log) that can consume significant disk space over time. While essential for debugging, these files aren't perpetually valuable - yet many admins hesitate to delete them due to uncertainty about consequences.
Yes, but with important caveats:
- Active log files: Never delete the currently active
error_log(the one Apache is writing to) - Archived logs: Historical
error_log.*files can be safely removed if no longer needed - Process signaling: After deletion, Apache needs a signal to recreate logs:
# For prefork MPM: sudo /etc/init.d/httpd graceful # For systemd: sudo systemctl reload httpd
Instead of manual deletion, implement proper log rotation in /etc/logrotate.d/httpd:
/var/log/httpd/*log {
missingok
notifempty
sharedscripts
delaycompress
compress
postrotate
/bin/systemctl reload httpd.service > /dev/null 2>/dev/null || true
endscript
daily
rotate 30
dateext
create 0644 root root
}For high-traffic servers, consider these enhancements:
/var/log/httpd/*log {
size 100M
rotate 10
maxage 30
extension .log_%Y-%m-%d
compressoptions --best
}If logs aren't rotating properly:
- Verify permissions: Apache user needs write access
- Check for SELinux context:
ls -Z /var/log/httpd - Test configuration:
sudo logrotate -d /etc/logrotate.conf
For simple environments, a cron job can work:
0 0 * * * find /var/log/httpd -name "error_log.*" -mtime +30 -exec rm {} \;Apache HTTP Server generates several types of log files, with error logs being particularly crucial for troubleshooting. These files can grow rapidly and consume significant disk space, especially on high-traffic servers. The error logs (typically located in /var/log/httpd/error_log or similar paths) record server errors, warnings, and diagnostic information.
While you can technically delete Apache log files manually using rm, this approach isn't recommended because:
- Apache keeps file handles open to log files
- Manual deletion doesn't properly notify Apache
- It can cause logging to stop until Apache is restarted
CentOS includes the logrotate utility specifically designed for this purpose. Here's a complete configuration example for Apache logs:
/var/log/httpd/*.log {
daily
missingok
rotate 14
compress
delaycompress
notifempty
sharedscripts
postrotate
/bin/systemctl reload httpd.service > /dev/null 2>/dev/null || true
endscript
}daily: Rotate logs every day
rotate 14: Keep 14 days of logs before deletion
compress: Use gzip compression on rotated logs
postrotate: Reload Apache to ensure proper logging continues
For high-traffic servers, consider these additional parameters:
/var/log/httpd/*.log {
size 100M
rotate 10
create 0644 apache apache
dateext
dateformat -%Y%m%d
sharedscripts
postrotate
if [ -f /var/run/httpd/httpd.pid ]; then
/bin/kill -USR1 $(cat /var/run/httpd/httpd.pid)
fi
endscript
}Test your logrotate configuration with:
logrotate -d /etc/logrotate.d/httpdForce an immediate rotation with:
logrotate -vf /etc/logrotate.d/httpdFor more control, you can use Apache's built-in rotatelogs utility in your virtual host configuration:
ErrorLog "|/usr/sbin/rotatelogs /var/log/httpd/error_log.%Y%m%d 86400"
CustomLog "|/usr/sbin/rotatelogs /var/log/httpd/access_log.%Y%m%d 86400" combinedSet up monitoring to alert you when log files approach critical sizes:
#!/bin/bash
LOG_SIZE=$(du -m /var/log/httpd/error_log | awk '{print $1}')
MAX_SIZE=500 # MB
if [ "$LOG_SIZE" -gt "$MAX_SIZE" ]; then
echo "Apache error log size ($LOG_SIZE MB) exceeds threshold!" | mail -s "Log Alert" admin@example.com
fi