You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by David Nedved <da...@yahoo.com> on 2002/06/11 16:52:41 UTC
logging servername out of http header
Hi All,
Trying to find out all of the names used by IP-based sites on an apache
web server prior to moving them to name-based. I want to log the IP
address that connections are going to, as well as the actual hostname
sent in the HTTP header. It appears that the server IP address is log
parameter %A, but I can't seem to find one for the actual hostnames in
the URLs. The URL options all trim out the hostname, and the hostname
options seem to just pull the hostname from the conf file.
I suppose I'll have to use some sort of packet-sniffing program. Does
anyone know of a good packet sniffer that already knows how to look
into http headers and log them? Otherwise it looks like I'll be
writing my own libpcap code...
Thanks in advance...
David
=====
david_nedved@yahoo.com
__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: logging servername out of http header
Posted by Joshua Slive <jo...@slive.ca>.
On Tue, 11 Jun 2002, Matus "fantomas" Uhlar wrote:
> -> On Tue, 11 Jun 2002, Matus "fantomas" Uhlar wrote:
> -> > You can also use %{Host}i and %r to detect what hostname was requested but
> -> > it is quite hard to parse both.
> ->
> -> Huh? Why is %{Host}i hard to parse? That is EXACTLY the same as what you
> -> will get by turning UsecanonicalName Off and using %V.
>
> what if someone requests
>
> GET http://host/path/ HTTP/1.0
They won't, because that would be an illegal request to an origin server
under HTTP/1.1.
>
> ?
> Host will be empty, while %[Vv] not and host will be in %r
(But yes, you are correct that Apache should, in that case, parse the
hostname out of the request line, rather than using the host header. It
just makes no difference in this case, because no valid client would ever
send that.)
Joshua.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: logging servername out of http header
Posted by "Matus \"fantomas\" Uhlar" <uh...@fantomas.sk>.
-> On Tue, 11 Jun 2002, Matus "fantomas" Uhlar wrote:
-> > You can also use %{Host}i and %r to detect what hostname was requested but
-> > it is quite hard to parse both.
->
-> Huh? Why is %{Host}i hard to parse? That is EXACTLY the same as what you
-> will get by turning UsecanonicalName Off and using %V.
what if someone requests
GET http://host/path/ HTTP/1.0
?
Host will be empty, while %[Vv] not and host will be in %r
--
Matus "fantomas" Uhlar, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I don't wish to receive spam to this address.
Varovanie: Nezelam si na tuto adresu dostavat akukolvek reklamnu postu.
One OS to rule them all, One OS to find them,
One OS to bring them all and into darkness bind them
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: logging servername out of http header
Posted by Joshua Slive <jo...@slive.ca>.
On Tue, 11 Jun 2002, David Nedved wrote:
> Unfortunately, some of the servers I need to run this on are running a
> very old Apache binary that doesn't like some of my log directives, so
Ouch. That would be a VERY old version of apache. You probably want to
upgrade that for a bunch of reasons.
>
> Also, as an aside, I'm slightly confused here. If I put the CustomLog
> directive outside of the <VirtualHost> paragraphs, it doesn't seem to
> log anything, it only seems to work when I put it inside a particular
> <VirtualHost> paragraph. Is there a place I can put it so that it logs
> ALL traffic on the box without having to put it inside several hundred
> <VirtualHost> blocks?
That is a little flaw in the way logs are handled in apache. If you don't
have ANY logging directives inside the <virtualhost>, then the logs in the
main server context should catch requests. But as soon as you put a log
inside the <virtualhost>, it will turn off all the main server logs for
that virtual host. Your only choices are either to make sure you don't
have any logging directives at all in the virtual hosts, or repeat the log
directive in every virtual host.
Joshua.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: logging servername out of http header
Posted by David Nedved <da...@yahoo.com>.
Thank you both for the very speedy and correct responses. I've got the
%{Host}i directive working perfectly, and having no problems at all
parsing it. (it seems to me to just log the domain name from the
header, which is exactly what I wanted).
Unfortunately, some of the servers I need to run this on are running a
very old Apache binary that doesn't like some of my log directives, so
I'm still looking for a packet sniffing program that will get the same
information for me. If anyone knows of a logging program like this,
I'd love to hear about it.
Also, as an aside, I'm slightly confused here. If I put the CustomLog
directive outside of the <VirtualHost> paragraphs, it doesn't seem to
log anything, it only seems to work when I put it inside a particular
<VirtualHost> paragraph. Is there a place I can put it so that it logs
ALL traffic on the box without having to put it inside several hundred
<VirtualHost> blocks?
Thanks to everyone for helpming me out, this is a great list!
David
--- Joshua Slive <jo...@slive.ca> wrote:
>
> On Tue, 11 Jun 2002, Matus "fantomas" Uhlar wrote:
> > You can also use %{Host}i and %r to detect what hostname was
> requested but
> > it is quite hard to parse both.
>
> Huh? Why is %{Host}i hard to parse? That is EXACTLY the same as
> what you
> will get by turning UsecanonicalName Off and using %V.
>
> Joshua.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
=====
david_nedved@yahoo.com
__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: logging servername out of http header
Posted by Joshua Slive <jo...@slive.ca>.
On Tue, 11 Jun 2002, Matus "fantomas" Uhlar wrote:
> You can also use %{Host}i and %r to detect what hostname was requested but
> it is quite hard to parse both.
Huh? Why is %{Host}i hard to parse? That is EXACTLY the same as what you
will get by turning UsecanonicalName Off and using %V.
Joshua.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: logging servername out of http header
Posted by "Matus \"fantomas\" Uhlar" <uh...@fantomas.sk>.
-> Trying to find out all of the names used by IP-based sites on an apache
-> web server prior to moving them to name-based. I want to log the IP
-> address that connections are going to, as well as the actual hostname
-> sent in the HTTP header. It appears that the server IP address is log
-> parameter %A, but I can't seem to find one for the actual hostnames in
-> the URLs. The URL options all trim out the hostname, and the hostname
-> options seem to just pull the hostname from the conf file.
well - you can log more things:
%V - canonical server name according to UseCanonicalName setting
%v - canonical server name
if you turn UseCanonicalName to Off, you will have server requested server
name in %V and canonical servername in %v.
Anyway I don't like this because I want to have UseCanonicalName to on, but
I would like to log requested servername with servername.
<VirtualHost IP>
ServerName main.server.name
ServerAlias second.server.name
</VirtualHost>
So, if you have UseCanonicalName to off, and you ask for second.server.name,
%c will be main.server.name and %V will be second.server.name. With
'UseCanonicalName on' both %V and %v will have main.server.name.
You can also use %{Host}i and %r to detect what hostname was requested but
it is quite hard to parse both.
--
Matus "fantomas" Uhlar, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I don't wish to receive spam to this address.
Varovanie: Nezelam si na tuto adresu dostavat akukolvek reklamnu postu.
They that can give up essential liberty to obtain a little temporary
safety deserves neither liberty nor safety. -- Benjamin Franklin
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: logging servername out of http header
Posted by Joshua Slive <jo...@slive.ca>.
On Tue, 11 Jun 2002, David Nedved wrote:
> Hi All,
>
> Trying to find out all of the names used by IP-based sites on an apache
> web server prior to moving them to name-based. I want to log the IP
> address that connections are going to, as well as the actual hostname
> sent in the HTTP header. It appears that the server IP address is log
> parameter %A, but I can't seem to find one for the actual hostnames in
> the URLs. The URL options all trim out the hostname, and the hostname
> options seem to just pull the hostname from the conf file.
You can log any HTTP request header using %{header}i, so to get the
hostname requested by the client, just use %{Host}i.
(The other option is to turn UseCanonicalName off and then use %V, but
that could have other effects on your server, so I recommend the first
option.)
Joshua.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org