diff --git a/server/cmd/main.go b/server/cmd/main.go
index 8060ce1..06783c2 100644
--- a/server/cmd/main.go
+++ b/server/cmd/main.go
@@ -17,13 +17,14 @@ import (
 )
 
 type args struct {
-	Port     string `arg:"-p" help:"web server port"`
-	Path     string `arg:"-d" help:"database path"`
-	LogPath  string `arg:"-l" help:"log path"`
-	RDB      bool   `arg:"-r" help:"start in read-only DB mode"`
-	HttpAuth bool   `arg:"-a" help:"http auth on all requests"`
-	DontKill bool   `arg:"-k" help:"dont kill server on signal"`
-	UI       bool   `arg:"-u" help:"run page torrserver in browser"`
+	Port       string `arg:"-p" help:"web server port"`
+	Path       string `arg:"-d" help:"database path"`
+	LogPath    string `arg:"-l" help:"log path"`
+	WebLogPath string `arg:"-w" help:"web log path"`
+	RDB        bool   `arg:"-r" help:"start in read-only DB mode"`
+	HttpAuth   bool   `arg:"-a" help:"http auth on all requests"`
+	DontKill   bool   `arg:"-k" help:"dont kill server on signal"`
+	UI         bool   `arg:"-u" help:"run page torrserver in browser"`
 }
 
 func (args) Version() string {
@@ -45,7 +46,7 @@ func main() {
 
 	settings.Path = params.Path
 	settings.HttpAuth = params.HttpAuth
-	log.Init(params.LogPath)
+	log.Init(params.LogPath, params.WebLogPath)
 
 	dnsResolve()
 	Preconfig(params.DontKill)
@@ -59,6 +60,7 @@ func main() {
 
 	server.Start(params.Port, params.RDB)
 	log.TLogln(server.WaitServer())
+	log.Close()
 	time.Sleep(time.Second * 3)
 	os.Exit(0)
 }
diff --git a/server/log/log.go b/server/log/log.go
index f53801c..ff02810 100644
--- a/server/log/log.go
+++ b/server/log/log.go
@@ -1,24 +1,100 @@
 package log
 
 import (
+	"bytes"
+	"fmt"
+	"io/ioutil"
 	"log"
 	"os"
+
+	"github.com/gin-gonic/gin"
 )
 
-func Init(path string) {
+var logPath = ""
+var webLogPath = ""
+
+var webLog *log.Logger
+
+var logFile *os.File
+var webLogFile *os.File
+
+func Init(path, webpath string) {
+	webLogPath = webpath
+	logPath = path
+
+	if webpath != "" {
+		ff, err := os.OpenFile(webLogPath, os.O_RDWR|os.O_CREATE, 0666)
+		if err != nil {
+			TLogln("Error create web log file:", err)
+		} else {
+			webLogFile = ff
+			webLog = log.New(ff, " ", log.LstdFlags)
+		}
+	}
+
 	if path != "" {
-		ff, err := os.Create(path)
+		if fi, err := os.Lstat(path); err == nil {
+			if fi.Size() >= 1*1024*1024*1024 {
+				os.Remove(path)
+			}
+		}
+		ff, err := os.OpenFile(path, os.O_RDWR|os.O_CREATE, 0666)
 		if err != nil {
 			TLogln("Error create log file:", err)
 			return
 		}
-
+		logFile = ff
 		os.Stdout = ff
 		os.Stderr = ff
 		log.SetOutput(ff)
 	}
 }
 
+func Close() {
+	if logFile != nil {
+		logFile.Close()
+	}
+	if webLogFile != nil {
+		webLogFile.Close()
+	}
+}
+
 func TLogln(v ...interface{}) {
 	log.Println(v...)
 }
+
+func WebLogln(v ...interface{}) {
+	if webLog != nil {
+		webLog.Println(v...)
+	}
+}
+
+func WebLogger() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		if webLog == nil {
+			c.Next()
+			return
+		}
+		body, _ := ioutil.ReadAll(c.Request.Body)
+		c.Request.Body = ioutil.NopCloser(bytes.NewBuffer(body))
+		c.Next()
+
+		statusCode := c.Writer.Status()
+		clientIP := c.ClientIP()
+		method := c.Request.Method
+		path := c.Request.URL.Path
+		raw := c.Request.URL.RawQuery
+		if raw != "" {
+			path = path + "?" + raw
+		}
+
+		logStr := fmt.Sprintf("%3d | %12s | %-7s %#v %v",
+			statusCode,
+			clientIP,
+			method,
+			path,
+			string(body),
+		)
+		WebLogln(logStr)
+	}
+}
diff --git a/server/web/blocker/blocker.go b/server/web/blocker/blocker.go
index 1b2a1f4..b169719 100644
--- a/server/web/blocker/blocker.go
+++ b/server/web/blocker/blocker.go
@@ -41,7 +41,7 @@ func Blocker() gin.HandlerFunc {
 			minifyIP(&ip)
 			if whiteIpList.NumRanges() > 0 {
 				if _, ok := whiteIpList.Lookup(ip); !ok {
-					log.TLogln("Block ip, not in white list", ip.String())
+					log.WebLogln("Block ip, not in white list", ip.String())
 					c.String(http.StatusTeapot, "Banned")
 					c.Abort()
 					return
@@ -49,7 +49,7 @@ func Blocker() gin.HandlerFunc {
 			}
 			if blackIpList.NumRanges() > 0 {
 				if r, ok := blackIpList.Lookup(ip); ok {
-					log.TLogln("Block ip, in black list:", ip.String(), "in range", r.Description, ":", r.First, "-", r.Last)
+					log.WebLogln("Block ip, in black list:", ip.String(), "in range", r.Description, ":", r.First, "-", r.Last)
 					c.String(http.StatusTeapot, "Banned")
 					c.Abort()
 					return
diff --git a/server/web/server.go b/server/web/server.go
index 9ea8a5b..f679b1d 100644
--- a/server/web/server.go
+++ b/server/web/server.go
@@ -3,8 +3,6 @@ package web
 import (
 	"net"
 
-	"server/web/blocker"
-
 	"github.com/gin-contrib/cors"
 	"github.com/gin-gonic/gin"
 
@@ -13,6 +11,7 @@ import (
 	"server/version"
 	"server/web/api"
 	"server/web/auth"
+	"server/web/blocker"
 	"server/web/pages"
 )
 
@@ -34,8 +33,12 @@ func Start(port string) {
 	}
 	gin.SetMode(gin.ReleaseMode)
 
+	corsCfg := cors.DefaultConfig()
+	corsCfg.AllowAllOrigins = true
+	corsCfg.AllowHeaders = []string{"Origin", "Content-Length", "Content-Type", "X-Requested-With", "Accept", "Authorization"}
+
 	route := gin.New()
-	route.Use(gin.Recovery(), cors.Default(), blocker.Blocker())
+	route.Use(log.WebLogger(), blocker.Blocker(), gin.Recovery(), cors.New(corsCfg))
 
 	route.GET("/echo", echo)