You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Daniel Bray <db...@gmail.com> on 2016/08/11 18:38:58 UTC
[users@httpd] CustomLog dontlog not working consistently
Hello List,
I've just stumbled onto the weirdest issue:
server1 and server2 running CentOS 7 with latest updates.
server1 running OpenVAS for internal scans.
server2 running Apache with the following in the config:
SetEnvIf Remote_Addr "^10\.10\.10\.5$" dontlog #OpenVAS
CustomLog logs/access_log combined env=!dontlog
When I SSH into OpenVAS and run wget http://server2 nothing is reported
(working as expected).
However, when the OpenVAS scans kick off, it starts logging:
10.10.10.5 - - [11/Aug/2016:12:07:11 +0000] "GET / HTTP/1.0" 400 226 "-" "-"
I've tried a few things to fix this issue, but so far nothing is working.
This is very confusing. Any suggestions?
Re: [users@httpd] CustomLog dontlog not working consistently
Posted by Daniel Bray <db...@gmail.com>.
I see it is logging all the failed checks to the
normal /var/log/httpd/error_log as well. No other server is doing this
though, and I have the same config on each server. All the other servers do
not log the OpenVAS scans, but this one does. That is the really confusing
part. I even went as far as yum remove httpdl; yum install httpd and then
re-entered the CustomLog configs. Still happens though.
On Thu, Aug 11, 2016 at 2:55 PM, Eric Covener <co...@gmail.com> wrote:
> On Thu, Aug 11, 2016 at 2:38 PM, Daniel Bray <db...@gmail.com> wrote:
> > I've tried a few things to fix this issue, but so far nothing is working.
> > This is very confusing. Any suggestions?
>
> Likely that 400 error aborts processing before SetEnvIf has a chance
> to run and set the variable.
>
> --
> Eric Covener
> covener@gmail.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Re: [users@httpd] CustomLog dontlog not working consistently
Posted by Eric Covener <co...@gmail.com>.
On Thu, Aug 11, 2016 at 2:38 PM, Daniel Bray <db...@gmail.com> wrote:
> I've tried a few things to fix this issue, but so far nothing is working.
> This is very confusing. Any suggestions?
Likely that 400 error aborts processing before SetEnvIf has a chance
to run and set the variable.
--
Eric Covener
covener@gmail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org