You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Jason Wilkinson <ja...@wilknet.com> on 2002/12/02 17:30:04 UTC
[users@httpd] Conditional Logging not working correctly
Hi all,
I'm having a problem. One certain file on our server needs to be omitted
from the logs as its frequent access is skewing our log files. It seems
as if the best method for this is to use SetEnvIf to filter it out.
I've been able to get it to filter these requests out into a separate
log file, but for some reason it STILL logs it into the main access_log
file as well. I've RTFM, and that is how I've set it up below. Does
anybody have any ideas why it would still be placing these entries into
the main log file as well as the filtered log file?
Thanks in advance for any help.
-jw-
Server:
Apache 1.3.26
RedHat Linux 7.1
<snip from httpd.conf>
SetEnvIf Request_URI "upload_status" dontlog
CustomLog /home/httpd/logs/dont_log common env=dontlog
CustomLog /home/httpd/logs/access_log combined env=!dontlog
</snip from httpd.conf>
-subsequent entry from /home/httpd/logs/access_log
vhost.server.com 192.168.0.100 - - [07/Oct/2002:11:58:47 -0500] "GET
/demo/domain.com/upload_status.html?id=878a8325fef868dc66ed055cef28d755
HTTP/1.1" 200 572 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT
5.0; T312461)"
-subsequent entry from /home/httpd/logs/dont_log
192.168.0.100 - - [07/Oct/2002:11:58:47 -0500] "GET
/demo/domain.com/upload_status.html?id=878a8325fef868dc66ed055cef28d755
HTTP/1.1" 200 572
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] FormMail.pl / cgi-bin?
Posted by Alex Pilson <al...@flagshipinteractive.com>.
At 11:20 AM -0600 12/2/02, Jack L. Stone wrote:
>At 09:53 AM 12.2.2002 -0700, Remo Mattei wrote:
>>I would not use formmail.pl you may want to check formmail.php a better
>>way to go I think. There are other php mailer that do not have the
>>security holes that formmail had.
>>
>>
>>Remo Mattei
>>Network Security Engineer
>>cell 801-209-8554
>>email remo@italy1.com
>>
>
>Where do you get the formmail.php....?? Is that Matt's too? And appreciate
>any URLs handy for the other phps.
http://www.kdg-42.com/~scripts/
--
<--------------------------------------------------------------->
Alex Pilson
FlagShip Interactive, Inc.
alex@flagshipinteractive.com
404.728.4417
404.642.8225 CELL
<--------------------------------------------------------------->
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] FormMail.pl / cgi-bin?
Posted by Remo Mattei <re...@italy1.com>.
Have you looked at:
http://www.hotscripts.com/PHP/Scripts_and_Programs/Form_Processors/more6
.html
hotscripts is a very good site.
Remo Mattei
Network Security Engineer
cell 801-209-8554
email remo@italy1.com
-----Original Message-----
From: Jack L. Stone [mailto:jackstone@sage-one.net]
Sent: Monday, December 02, 2002 10:21 AM
To: users@httpd.apache.org; users@httpd.apache.org
Subject: RE: [users@httpd] FormMail.pl / cgi-bin?
At 09:53 AM 12.2.2002 -0700, Remo Mattei wrote:
>I would not use formmail.pl you may want to check formmail.php a better
>way to go I think. There are other php mailer that do not have the
>security holes that formmail had.
>
>
>Remo Mattei
>Network Security Engineer
>cell 801-209-8554
>email remo@italy1.com
>
Where do you get the formmail.php....?? Is that Matt's too? And
appreciate
any URLs handy for the other phps.
Thanks!
Best regards,
Jack L. Stone,
Administrator
SageOne Net
http://www.sage-one.net
jackstone@sage-one.net
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] FormMail.pl / cgi-bin?
Posted by "Jack L. Stone" <ja...@sage-one.net>.
At 09:53 AM 12.2.2002 -0700, Remo Mattei wrote:
>I would not use formmail.pl you may want to check formmail.php a better
>way to go I think. There are other php mailer that do not have the
>security holes that formmail had.
>
>
>Remo Mattei
>Network Security Engineer
>cell 801-209-8554
>email remo@italy1.com
>
Where do you get the formmail.php....?? Is that Matt's too? And appreciate
any URLs handy for the other phps.
Thanks!
Best regards,
Jack L. Stone,
Administrator
SageOne Net
http://www.sage-one.net
jackstone@sage-one.net
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] FormMail.pl / cgi-bin?
Posted by Remo Mattei <re...@italy1.com>.
I would not use formmail.pl you may want to check formmail.php a better
way to go I think. There are other php mailer that do not have the
security holes that formmail had.
Remo Mattei
Network Security Engineer
cell 801-209-8554
email remo@italy1.com
-----Original Message-----
From: Alex Pilson [mailto:alex@flagshipinteractive.com]
Sent: Monday, December 02, 2002 9:43 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] FormMail.pl / cgi-bin?
At 10:39 AM -0600 12/2/02, Jack L. Stone wrote:
>At 11:34 AM 12.2.2002 -0500, Alex Pilson wrote:
>>I have FormMail in a directory called CGI-Excutables directory. I
>>have /cgi-bin/ alias to this directory as the default. I seem to have
>>permissions set up properly but going to a virtual domain site like
>>http://www.mydomain.com/cgi-bin/FormMail.pl
>>
>>yields a permission error:
>>You don't have permission to access /cgi-bin/FormMail.pl on this
server.
>>
>>Any ideas what I am missing here?
>>--
>><--------------------------------------------------------------->
>> Alex Pilson
>
>Have you configured formmail.pl itself as authorized domain...?? ...and
>there is a recipient line as well. Both tell formmail.pl it's okay for
>those and those only.....
Yep. I will double check it. BUT it seems that the error is not from
formmail but from Apache itself.
--
<--------------------------------------------------------------->
Alex Pilson
FlagShip Interactive, Inc.
alex@flagshipinteractive.com
404.728.4417
404.642.8225 CELL
<--------------------------------------------------------------->
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] FormMail.pl / cgi-bin?
Posted by Alex Pilson <al...@flagshipinteractive.com>.
At 10:39 AM -0600 12/2/02, Jack L. Stone wrote:
>At 11:34 AM 12.2.2002 -0500, Alex Pilson wrote:
>>I have FormMail in a directory called CGI-Excutables directory. I
>>have /cgi-bin/ alias to this directory as the default. I seem to have
>>permissions set up properly but going to a virtual domain site like
>>http://www.mydomain.com/cgi-bin/FormMail.pl
>>
>>yields a permission error:
>>You don't have permission to access /cgi-bin/FormMail.pl on this server.
>>
>>Any ideas what I am missing here?
>>--
>><--------------------------------------------------------------->
>> Alex Pilson
>
>Have you configured formmail.pl itself as authorized domain...?? ...and
>there is a recipient line as well. Both tell formmail.pl it's okay for
>those and those only.....
Yep. I will double check it. BUT it seems that the error is not from
formmail but from Apache itself.
--
<--------------------------------------------------------------->
Alex Pilson
FlagShip Interactive, Inc.
alex@flagshipinteractive.com
404.728.4417
404.642.8225 CELL
<--------------------------------------------------------------->
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] FormMail.pl / cgi-bin?
Posted by "Jack L. Stone" <ja...@sage-one.net>.
At 11:34 AM 12.2.2002 -0500, Alex Pilson wrote:
>I have FormMail in a directory called CGI-Excutables directory. I
>have /cgi-bin/ alias to this directory as the default. I seem to have
>permissions set up properly but going to a virtual domain site like
>http://www.mydomain.com/cgi-bin/FormMail.pl
>
>yields a permission error:
>You don't have permission to access /cgi-bin/FormMail.pl on this server.
>
>Any ideas what I am missing here?
>--
><--------------------------------------------------------------->
> Alex Pilson
Have you configured formmail.pl itself as authorized domain...?? ...and
there is a recipient line as well. Both tell formmail.pl it's okay for
those and those only.....
Best regards,
Jack L. Stone,
Administrator
SageOne Net
http://www.sage-one.net
jackstone@sage-one.net
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] FormMail.pl / cgi-bin?
Posted by Alex Pilson <al...@flagshipinteractive.com>.
At 6:06 PM +0100 12/2/02, Sander Holthaus - Orange XL wrote:
>You should post some more info on your current configuration. Also, what
>does you error-log say? Your error-log will probably say exactly what the
>problem is.
I am going to look now.
>
>Off-topic but VERY IMPORTANT:
> a) Certain versions of FormMail are exploitable. Are you sure you have the
>latest version?
Exactly my concern as well. This is for a client that doesn't want to
pay for consultation, seem it would have been faster to re-code the
form for PHP or Lasso now :). I normally use PHP or Lasso 5/6 for
server-side stuff. I downloaded the latest one today from Matt.
> b) If you are planning to use FormMail, rename it! There are many spambots
>who actively look for exploitable FormMail-scripts. EVEN if you have have a
>secure version of FormMail, all those exploitrequests to it will use
>valueble resources.
Great idea. Thanks! Very good information!
--
<--------------------------------------------------------------->
Alex Pilson
FlagShip Interactive, Inc.
alex@flagshipinteractive.com
404.728.4417
404.642.8225 CELL
<--------------------------------------------------------------->
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] FormMail.pl / cgi-bin?
Posted by Sander Holthaus - Orange XL <in...@orangexl.com>.
You should post some more info on your current configuration. Also, what
does you error-log say? Your error-log will probably say exactly what the
problem is.
Off-topic but VERY IMPORTANT:
a) Certain versions of FormMail are exploitable. Are you sure you have the
latest version?
b) If you are planning to use FormMail, rename it! There are many spambots
who actively look for exploitable FormMail-scripts. EVEN if you have have a
secure version of FormMail, all those exploitrequests to it will use
valueble resources.
Kind Regards,
Sander Holthaus
----- Original Message -----
From: "Alex Pilson" <al...@flagshipinteractive.com>
To: <us...@httpd.apache.org>
Sent: Monday, December 02, 2002 5:34 PM
Subject: [users@httpd] FormMail.pl / cgi-bin?
> I have FormMail in a directory called CGI-Excutables directory. I
> have /cgi-bin/ alias to this directory as the default. I seem to have
> permissions set up properly but going to a virtual domain site like
> http://www.mydomain.com/cgi-bin/FormMail.pl
>
> yields a permission error:
> You don't have permission to access /cgi-bin/FormMail.pl on this server.
>
> Any ideas what I am missing here?
> --
> <--------------------------------------------------------------->
> Alex Pilson
> FlagShip Interactive, Inc.
> alex@flagshipinteractive.com
> 404.728.4417
> 404.642.8225 CELL
> <--------------------------------------------------------------->
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] FormMail.pl / cgi-bin?
Posted by Alex Pilson <al...@flagshipinteractive.com>.
I have FormMail in a directory called CGI-Excutables directory. I
have /cgi-bin/ alias to this directory as the default. I seem to have
permissions set up properly but going to a virtual domain site like
http://www.mydomain.com/cgi-bin/FormMail.pl
yields a permission error:
You don't have permission to access /cgi-bin/FormMail.pl on this server.
Any ideas what I am missing here?
--
<--------------------------------------------------------------->
Alex Pilson
FlagShip Interactive, Inc.
alex@flagshipinteractive.com
404.728.4417
404.642.8225 CELL
<--------------------------------------------------------------->
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org