You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Issac Goldstand <ma...@beamartyr.net> on 2004/02/25 11:44:14 UTC
Re: [OT] Shared SSL Custom Log Parsing
I do it by rewriting based on directory
(https://secure.mydomain.com/shared/virtualdomain.com/index.html )
I figure there should be some incentive for people to get their own private
SSL - also, users coming to a shared secure site have a better chance to
realize that it's shared SSL and won't come complaining to ME if the
virtualhost does something nasty to their credit card :)
> I'm using a back reference to the http_referer with mod_rewrite to
> determine which vhost the shared ssl connection should be rewritten to.
>
> I know of no better solution for sharing an ssl connection.
>
> I would be open to suggestions.
>
> Respectfully,
>
>
> Gary
>
>
> Issac Goldstand wrote:
> > You should know where they're coming from the same way you do in
> > mod_rewrite. Besides that, referers can be spoofed, and I some clients
> > don't even give you a referer...
> >
> > Issac
> >
> > ----- Original Message -----
> > From: "Gary C. New" <ga...@yahoo.com>
> > To: <mo...@perl.apache.org>
> > Sent: Wednesday, February 25, 2004 12:19 PM
> > Subject: Shared SSL Custom Log Parsing
> >
> >
> >
> >>I've got shared ssl setup with mod_rewrite and I am trying to figure out
> >>the best way to direct logging for each of the vhosts using the shared
> >>ssl connection and thought mod_perl might be good for this.
> >>
> >>My thinking is to setup a <PERL> section in the httpd.conf file that
> >>watches the referrer environment variables as they come in for the
> >>shared ssl connection and then rewrite them to the appropriate custom
> >>vhost access/error logs.
> >>
> >>Referrer Variable:
> >>
> >>https://secure.provider.tld/secure/domain.tld/
> >>
> >>Rewrite Logs:
> >>
> >>CustomLog /home/domain.tld/logs/access.log
> >>ErrorLog /home/domain.tld/logs/error.log
> >>
> >>or
> >>
> >>I noticed on the perl.apache.org site an example called "Logging to
> >>syslog" that could be used similarly but for the custom access/error
> >>logs. It pipes the general incoming logs to a program that then parses
> >>and rewrites the logs appropriately.
> >>
> >>I guess my main question with either example is what is the best way to
> >>write the parsed logs to these custom log files? Is there an existing
> >>module for this purpose?
> >>
> >>Is there a better way to parse and rewrite logs to custom files
> >
> > on-the-fly?
> >
> >>Respectfully,
> >>
> >>
> >>Gary
> >>
> >>
> >>
> >>--
> >>Report problems: http://perl.apache.org/bugs/
> >>Mail list info: http://perl.apache.org/maillist/modperl.html
> >>List etiquette: http://perl.apache.org/maillist/email-etiquette.html
> >>
> >
> >
> >
>
>
>
> --
> Report problems: http://perl.apache.org/bugs/
> Mail list info: http://perl.apache.org/maillist/modperl.html
> List etiquette: http://perl.apache.org/maillist/email-etiquette.html
>
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html
Re: [OT] Shared SSL Custom Log Parsing
Posted by Issac Goldstand <ma...@beamartyr.net>.
Currently, I don't offer them the SSL logs, but I'm sure it wouldn't be so
hard to roll a quick loghandler to do that... Frankly, it's possible (don't
have time to check just now) that mod_ssl allows you to set logs
per-location, in which case it's even more trivial.
Issac
----- Original Message -----
From: "Gary C. New" <ga...@yahoo.com>
Newsgroups: gmane.comp.apache.mod-perl
To: "Issac Goldstand" <ma...@beamartyr.net>
Sent: Thursday, February 26, 2004 12:48 PM
Subject: Re: [OT] Shared SSL Custom Log Parsing
> So how do you parse and rewrite these logs to appropriate log files? I
> need to be able to offer these ssl log entries to customers, too. It
> seems most logical to parse the ssl logs as they come in and then append
> them to the customers standard log files.
>
> Thank you for your input.
>
> Respectfully,
>
>
> Gary
>
>
> Issac Goldstand wrote:
> > I do it by rewriting based on directory
> > (https://secure.mydomain.com/shared/virtualdomain.com/index.html )
> >
> > I figure there should be some incentive for people to get their own
private
> > SSL - also, users coming to a shared secure site have a better chance to
> > realize that it's shared SSL and won't come complaining to ME if the
> > virtualhost does something nasty to their credit card :)
> >
> >
> >
> >>I'm using a back reference to the http_referer with mod_rewrite to
> >>determine which vhost the shared ssl connection should be rewritten to.
> >>
> >>I know of no better solution for sharing an ssl connection.
> >>
> >>I would be open to suggestions.
> >>
> >>Respectfully,
> >>
> >>
> >>Gary
> >>
> >>
> >>Issac Goldstand wrote:
> >>
> >>>You should know where they're coming from the same way you do in
> >>>mod_rewrite. Besides that, referers can be spoofed, and I some clients
> >>>don't even give you a referer...
> >>>
> >>> Issac
> >>>
> >>>----- Original Message -----
> >>>From: "Gary C. New" <ga...@yahoo.com>
> >>>To: <mo...@perl.apache.org>
> >>>Sent: Wednesday, February 25, 2004 12:19 PM
> >>>Subject: Shared SSL Custom Log Parsing
> >>>
> >>>
> >>>
> >>>
> >>>>I've got shared ssl setup with mod_rewrite and I am trying to figure
out
> >>>>the best way to direct logging for each of the vhosts using the shared
> >>>>ssl connection and thought mod_perl might be good for this.
> >>>>
> >>>>My thinking is to setup a <PERL> section in the httpd.conf file that
> >>>>watches the referrer environment variables as they come in for the
> >>>>shared ssl connection and then rewrite them to the appropriate custom
> >>>>vhost access/error logs.
> >>>>
> >>>>Referrer Variable:
> >>>>
> >>>>https://secure.provider.tld/secure/domain.tld/
> >>>>
> >>>>Rewrite Logs:
> >>>>
> >>>>CustomLog /home/domain.tld/logs/access.log
> >>>>ErrorLog /home/domain.tld/logs/error.log
> >>>>
> >>>>or
> >>>>
> >>>>I noticed on the perl.apache.org site an example called "Logging to
> >>>>syslog" that could be used similarly but for the custom access/error
> >>>>logs. It pipes the general incoming logs to a program that then
parses
> >>>>and rewrites the logs appropriately.
> >>>>
> >>>>I guess my main question with either example is what is the best way
to
> >>>>write the parsed logs to these custom log files? Is there an existing
> >>>>module for this purpose?
> >>>>
> >>>>Is there a better way to parse and rewrite logs to custom files
> >>>
> >>>on-the-fly?
> >>>
> >>>
> >>>>Respectfully,
> >>>>
> >>>>
> >>>>Gary
> >>>>
> >>>>
> >>>>
> >>>>--
> >>>>Report problems: http://perl.apache.org/bugs/
> >>>>Mail list info: http://perl.apache.org/maillist/modperl.html
> >>>>List etiquette: http://perl.apache.org/maillist/email-etiquette.html
> >>>>
> >>>
> >>>
> >>>
> >>
> >>
> >>--
> >>Report problems: http://perl.apache.org/bugs/
> >>Mail list info: http://perl.apache.org/maillist/modperl.html
> >>List etiquette: http://perl.apache.org/maillist/email-etiquette.html
> >>
> >
> >
> >
>
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html
Re: [OT] Shared SSL Custom Log Parsing
Posted by "Gary C. New" <ga...@yahoo.com>.
So how do you parse and rewrite these logs to appropriate log files? I
need to be able to offer these ssl log entries to customers, too. It
seems most logical to parse the ssl logs as they come in and then append
them to the customers standard log files.
Thank you for your input.
Respectfully,
Gary
Issac Goldstand wrote:
> I do it by rewriting based on directory
> (https://secure.mydomain.com/shared/virtualdomain.com/index.html )
>
> I figure there should be some incentive for people to get their own private
> SSL - also, users coming to a shared secure site have a better chance to
> realize that it's shared SSL and won't come complaining to ME if the
> virtualhost does something nasty to their credit card :)
>
>
>
>>I'm using a back reference to the http_referer with mod_rewrite to
>>determine which vhost the shared ssl connection should be rewritten to.
>>
>>I know of no better solution for sharing an ssl connection.
>>
>>I would be open to suggestions.
>>
>>Respectfully,
>>
>>
>>Gary
>>
>>
>>Issac Goldstand wrote:
>>
>>>You should know where they're coming from the same way you do in
>>>mod_rewrite. Besides that, referers can be spoofed, and I some clients
>>>don't even give you a referer...
>>>
>>> Issac
>>>
>>>----- Original Message -----
>>>From: "Gary C. New" <ga...@yahoo.com>
>>>To: <mo...@perl.apache.org>
>>>Sent: Wednesday, February 25, 2004 12:19 PM
>>>Subject: Shared SSL Custom Log Parsing
>>>
>>>
>>>
>>>
>>>>I've got shared ssl setup with mod_rewrite and I am trying to figure out
>>>>the best way to direct logging for each of the vhosts using the shared
>>>>ssl connection and thought mod_perl might be good for this.
>>>>
>>>>My thinking is to setup a <PERL> section in the httpd.conf file that
>>>>watches the referrer environment variables as they come in for the
>>>>shared ssl connection and then rewrite them to the appropriate custom
>>>>vhost access/error logs.
>>>>
>>>>Referrer Variable:
>>>>
>>>>https://secure.provider.tld/secure/domain.tld/
>>>>
>>>>Rewrite Logs:
>>>>
>>>>CustomLog /home/domain.tld/logs/access.log
>>>>ErrorLog /home/domain.tld/logs/error.log
>>>>
>>>>or
>>>>
>>>>I noticed on the perl.apache.org site an example called "Logging to
>>>>syslog" that could be used similarly but for the custom access/error
>>>>logs. It pipes the general incoming logs to a program that then parses
>>>>and rewrites the logs appropriately.
>>>>
>>>>I guess my main question with either example is what is the best way to
>>>>write the parsed logs to these custom log files? Is there an existing
>>>>module for this purpose?
>>>>
>>>>Is there a better way to parse and rewrite logs to custom files
>>>
>>>on-the-fly?
>>>
>>>
>>>>Respectfully,
>>>>
>>>>
>>>>Gary
>>>>
>>>>
>>>>
>>>>--
>>>>Report problems: http://perl.apache.org/bugs/
>>>>Mail list info: http://perl.apache.org/maillist/modperl.html
>>>>List etiquette: http://perl.apache.org/maillist/email-etiquette.html
>>>>
>>>
>>>
>>>
>>
>>
>>--
>>Report problems: http://perl.apache.org/bugs/
>>Mail list info: http://perl.apache.org/maillist/modperl.html
>>List etiquette: http://perl.apache.org/maillist/email-etiquette.html
>>
>
>
>
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html