Why is the nginx access log disabled by default on forge?

I don't think you will notice any hit in performance. Log writes will likely be buffered and then flushed out to disk. So unless you have high disk load you will be fine. If you do have high disk load than you probably want more memory.

Nginx is programmed with an event driven methodology. This basically means that log writes shouldn't block the serving of pages. It's probably a separate process as well, so no interference or performance issues.

If you don't need the logs, and/or worry about the disk space they might take you can check the logrotate configuration for nginx (should be in /etc/logrotate.d, file nginx). The default is rotate for 52 weeks, meaning that logs older than a year are deleted.

Thanks for clearing that up @bobbybouwmann, but I'm still wondering if it is disabled by default is there somewhere else the access is being logged?

Or do I have to set that up myself?

On larachat's slack the reason for why was that no one wants a big access log file and thats fair enough.

I saw a generic access.log file but it doesn't seem to be logging all the requests. It actually is full of hacking attempts on the server.

132.232.106.156 - - [02/Jan/2019:01:09:56 +0000] "GET /help.php 132.232.106.156 - - [02/Jan/2019:01:09:56 +0000] "GET /java.php 132.232.106.156 - - [02/Jan/2019:01:09:56 +0000] "GET /_query.php 132.232.106.156 - - [02/Jan/2019:01:09:56 +0000] "GET /test.php 132.232.106.156 - - [02/Jan/2019:01:09:57 +0000] "GET /db_cts.php

If I setup a domain specific access log would that be the right approach?

Yeah, that should do the trick for you!