开发者

log requests for apaches mod_proxy / mod_proxy_http

i would like to set up conditional logging for requests done over apaches mod_proxy. is that possible and if so how?

i already checked the documentation but did not find a开发者_如何学运维nything that i could use for setenvif

i ask here and not on serverfault because there is a business application logic behind (traffic calcluations for users...)

also i noticed that that proxy usernames in the log file.

proxy.2x.to:80 62.178.15.161 - peidel [06/Jun/2011:01:31:44 +0200] "GET http://proxy.2x.to/ HTTP/1.1" 200 1339 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" 

this is line from /var/log/apache2/other_vhosts_access.log which is generated by the default log defnitions:

LogFormat "%v:%p %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
CustomLog /var/log/apache2/other_vhosts_access.log vhost_combined

peidel is the username.

in the documentation it says:

%l Remote logname (from identd, if supplied). This will return a dash unless mod_ident is present and IdentityCheck is set On.

now my question on this: can i rely on that? or is it possible that someone produces request with this identity information but who is not authenticated and produces log lines with an identity anyway?


http://httpd.apache.org/docs/current/logs.html

This is the userid of the person requesting the document as determined by HTTP authentication. The same value is typically provided to CGI scripts in the REMOTE_USER environment variable. If the status code for the request (see below) is 401, then this value should not be trusted because the user is not yet authenticated. If the document is not password protected, this part will be "-" just like the previous one.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜