Re: mod_status/4744: Visiting server-status logs the hostname of the client regardless of HostnameLookup.

[Rodent of Unusual Size <Ke...@Golux.Com>]

The following reply was made to PR mod_status/4744; it has been noted by GNATS.

From: Rodent of Unusual Size <Ke...@Golux.Com>
To: Apache bug database <ap...@Apache.Org>
Cc:  Subject: Re: mod_status/4744: Visiting server-status logs the hostname of the client regardless of HostnameLookup.
Date: Sun, 01 Aug 1999 14:54:27 -0400

 [Comment from submitter]
 
 Theo Van Dinter wrote:
 > 
 > |Do you have your /server-status Location protected by
 > |something like "Deny from all","Allow from .kluge.net"?
 > |If so, that's the cause -- on name-based access
 > |restrictions, Apache *always* does a double-reverse
 > |lookup, which will result in the client name being stored
 > |in the appropriate structures and hence available (and
 > |used) for logging.
 > 
 > Ok, that does explain it.  I would still classify it as
 > a bug though:  The whole point of "HostnameLookup off"
 > is so that the IP is the only client identifier in the
 > logs/passed to CGIs/etc.  Since the current scheme doesn't
 > always do what you expect (named-based access controls
 > causes hostname to be used instead of IP), it should be
 > fixed, or minimally at least documented w/"Hostnamelookup"
 > (it's hinted to, but not clearly indicated).
 > 
 > Would it be possible to say something like: (pseudo-ish code...)
 > 
 > if ( configuration.hostnamelookup == 0 )
 >         Log(request.clientIP);
 > else {
 >         if ( request.clientname[0] != '\0' )
 >                 Log(request.clientname);
 >         else
 >                 Log(request.clientIP);
 > }
 > 
 > ??
 > 
 > thanks.