Theresa May seems to have got her way, and the Snoopers Charter has passed into UK law. Squashed Fly hosts among others websites, both the Freedom Press and Freedom News sites, and as part of that I don’t like clear text services (see Encrypt Everything) and now with the ‘legal requirment’ to turn over logs or data it makes sense not to store any more than I need.
Sentroa by defult generates massive logs for apache and email, however logrotate.d is installed for other things, so three new files later and our logging is hugely reduced:
First file limits what Apache stores: /etc/logrotate.d/sentora-apache
/var/sentora/logs/domains/*/*.log /var/sentora/logs/sentora*.log /var/sentora/logs/daemon*.log { su root root daily size 100k missingok rotate 7 compress delaycompress notifempty create 664 root root sharedscripts postrotate /etc/init.d/apache2 reload > /dev/null endscript }
and Dovecot for limiting email metadata availability: /etc/logrotate.d/sentora-dovecot
/var/log/dovecot*.log { su root root daily size 100k missingok rotate 1 compress delaycompress notifempty create 660 vmail mail sharedscripts postrotate doveadm log reopen endscript }
While ProFTP is not used often, its worth also culling what it stores: /etc/logrotate.d/sentora-proftpd
/var/sentora/logs/proftpd/access.log /var/sentora/logs/proftpd/auth.log /var/sentora/logs/proftpd/xferlog.www { su root root daily size 100k missingok rotate 2 compress delaycompress notifempty create 644 root root sharedscripts postrotate # reload could be not sufficient for all logs, a restart is safe /etc/init.d/proftpd force-reload > /dev/null endscript }
These scripts work on Sentroa installed on Ubuntu, other installs may require changes.
Please note that this still leaves mailstores, and hosted data in clear text so please consider encripting emails as well!