If you want basic visitor logs without third‑party analytics, a self-hosted logging script is a simple solution. This guide explains a lightweight PHP logger and how to keep it secure.
Updated January 18, 2026: This tutorial keeps the original approach but adds modern best‑practice notes.
What a logging script collects
- IP address and timestamp
- Visited page (URL)
- Browser and OS (user agent)
Why use a self-hosted logger
- Privacy: keep data on your server.
- Control: customize the data you store.
- Low overhead: no external scripts.
Basic PHP logging script
Create a file like logger.php and store logs in a file outside the public web root.
Tip: use file permissions that allow the web server to write logs but prevent public access.
Security checklist
- Store logs outside public directories.
- Restrict access with server rules.
- Rotate or archive logs to avoid huge files.
Ways to extend it
- Track referrer URLs.
- Store data in a database instead of a file.
- Add alert rules for suspicious traffic spikes.
Final thoughts
This lightweight script gives you basic traffic visibility without external trackers. For larger sites, consider a database-backed or analytics solution.
