You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Rodent of Unusual Size <Ke...@Golux.Com> on 1999/08/01 21:00:01 UTC
Re: mod_status/4744: Visiting server-status logs the hostname of the client regardless of HostnameLookup.
The following reply was made to PR mod_status/4744; it has been noted by GNATS.
From: Rodent of Unusual Size <Ke...@Golux.Com>
To: Apache bug database <ap...@Apache.Org>
Cc: Subject: Re: mod_status/4744: Visiting server-status logs the hostname of the client regardless of HostnameLookup.
Date: Sun, 01 Aug 1999 14:54:27 -0400
[Comment from submitter]
Theo Van Dinter wrote:
>
> |Do you have your /server-status Location protected by
> |something like "Deny from all","Allow from .kluge.net"?
> |If so, that's the cause -- on name-based access
> |restrictions, Apache *always* does a double-reverse
> |lookup, which will result in the client name being stored
> |in the appropriate structures and hence available (and
> |used) for logging.
>
> Ok, that does explain it. I would still classify it as
> a bug though: The whole point of "HostnameLookup off"
> is so that the IP is the only client identifier in the
> logs/passed to CGIs/etc. Since the current scheme doesn't
> always do what you expect (named-based access controls
> causes hostname to be used instead of IP), it should be
> fixed, or minimally at least documented w/"Hostnamelookup"
> (it's hinted to, but not clearly indicated).
>
> Would it be possible to say something like: (pseudo-ish code...)
>
> if ( configuration.hostnamelookup == 0 )
> Log(request.clientIP);
> else {
> if ( request.clientname[0] != '\0' )
> Log(request.clientname);
> else
> Log(request.clientIP);
> }
>
> ??
>
> thanks.