Log files are essential tools for troubleshooting and maintaining your website. They help you identify why a site is slow, why an update failed, or which plugin is causing errors. At Seravo, all log files are collected centrally in the /data/log/ directory.
Viewing Logs with Different Tools
You can view logs either directly in your browser or via the command line using an SSH connection.
WordPress Dashboard
If you can log in to your site, you can find the most important logs under Tools > Logs. This is the easiest way to browse recent events through a graphical interface.
For more detailed instructions, see: Seravo Plugin β Logs
Command Line (SSH)
All log files are located in the /data/log/ directory.
Instructions for establishing an SSH connection can be found here: How do I Connect to My WordPress Site with SSH/SFTP?
Useful commands:
wp-watch-logs: Monitor all your site's logs in real-time with a single command.wp-watch-php: Monitor PHP error logs in real-time with a single command.tail -f /data/log/php-error.log: Follow the PHP error log in real-time.less /data/log/nginx-error.log: Open a log file for browsing (pressqto exit).
Available Log Files
Below is a list of log files available to customers in the Seravo environment. Please note that the directory may contain additional files if your plugins or custom scripts generate their own logs.
Essential Troubleshooting Logs
Log File | Description and Content |
php-error.log | The primary log for troubleshooting. Contains PHP errors, warnings, and file paths with line numbers. |
php-slow.log | Performance log. Records PHP scripts that have taken more than 10 seconds to execute. |
nginx-error.log | Web server error log. Contains data on failed requests and blocks made by the Web Application Firewall (WAF). |
nginx-access.log | Web server access log. Contains IP address, timestamp, URL path, response status code, User Agent, and Seravo's unique sid code. |
Change History and Management
Log File | Description and Content |
wp-settings.log | Administrative changes. Records plugin activations, deletions, and updates per user. |
wp-user.log | User management log. Records role changes, password resets, and new user creations (includes IDs). |
command.log | History of executed |
wp-login.log | Login log. Successful and failed login attempts with IP addresses. |
update.log | Log data regarding Seravo's automatic update system. |
Security and System
Log File | Description and Content |
php-compatibility.log | Results of PHP compatibility checks. |
mail.log | Data for outgoing email traffic (Postfix). |
php-mail.log | Logs for messages sent via the PHP |
security.log | Security log. Contains info on automated checks and alerts for suspicious anomalies. |
mariadb-error.log | Database server error messages. |
redis.log | Information related to the Redis object cache. |
wp-theme-security.log | Security logs related to themes. |
wp-common.log | Records of requests related to site changes (e.g., WAF or XML-RPC changes). |
wp-svc.log | Status and error info for background services. |
bootstrap.log | Data related to system startup. |
runit.log | Information related to service management (runit). |
chromedriver.log | Logs from Chromedriver, used in testing. |
Interpreting Log Content
Seravo's logs are formatted to provide as much information as possible for troubleshooting. Below are examples of what you can find in the entries:
php-error.log
This is the most important tool for solving WordPress errors. It identifies the exact file and line of code causing the issue.
Fatal error: A critical error that stops the site from loading (e.g., a syntax error or a missing file).
Warning/Notice: Minor errors or notices that don't usually break the site but indicate poorly optimized code.
Read more about HTTP error codes: If the site returns an error code (such as
403,429, or504), you can find detailed explanations here: What Do HTTP Error Codes Mean?
nginx-error.log
This log contains information on server-level blocked requests and connection errors:
phpflood: Dynamic PHP pages have been loaded too quickly from the same source.loginflood: Login attempts have been made too frequently (protects against Brute Force attacks).ajaxflood: An unusually high number of calls to the WordPressadmin-ajax.phpfile.restflood: Too many requests to the WordPress REST API in a short period.Upstream timed out: The PHP process took too long, and the server cut the connection (common with 504 errors).Connect() failed: Nginx could not reach the PHP process (e.g., no available worker processes or a service crash).No such file or directory: Reference to a file that does not exist on the server.
nginx-access.log
Every request includes Seravo's unique session identifier, the sid code. If the site displays an error page, the same code is often shown there. You can search the log for this specific code to find detailed information about that request:
... "sid:f7bbfc84905...;upstream:-;" 0.000
wp-user.log and wp-settings.log
These logs are excellent for auditing site changes. You can see directly which user (by ID) changed another user's role or who updated a specific plugin and exactly when it happened.
mail.log and php-mail.log
Logs for outgoing emails. You can find more troubleshooting tips here: Ensuring That Emails Sent by WordPress are Delivered Properly
Log Retention
Logs are rotated and compressed weekly to save disk space. We retain archived logs for one year, allowing you to investigate past events or security incidents long after they occurred.