Log files are necessary components of any software. Especially in a web-server like Apache, it can come in very handy to know the statistics of visiting clients, security auditing and checking the errors.
Bobcares helps online businesses deliver reliable web services. In our web server management service, customized log configuration is used to enable quick troubleshooting. Today, we will discuss the four directives used for Apache logging and see what security features should be ensured of logging. All the following directives are found in Apache configuration file httpd.conf.
There are four directives related to logs in Apache configuration :
1. ErrorLog – Specifies the location of the error log. Usually it is located at /etc/httpd/logs/error_log. You can change it to any custom path but make sure the file has read and write permissions for root and no one else.
Example:
ErrorLog logs/error_log
2. LogLevel – This specifies what kind of information will Apache log. There are 8 levels in it that is Emergency, Alert, Critical, Error, Warning, Notice, Information and Debug. The default level set up is Warn. It cannot be modified to give any custom errors but whenever you change the log level all the higher levels are also logged. For debugging purpose, we can use log level of Debug.
Example:
LogLevel Warn
3. LogFormat – When you are interested to know from where client connections are coming, what type of browsers are being used to access your sites and the referring URL’s, you need log format.
This can be useful when your site is say browser dependent and you want to know which browser is used more to access your website.
Log Format are of access, agent and referrer type. “Combined” is used to have them all.
Combined LogFormat looks like the following.
LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
where
%h logs the remote host that is the IP address and the hostname if HostnameLookups is set to On.
%l logs identity of client. This is a unreliable information.
%u userid of the user requesting the document
%t date and time of the request
%r is the request line such as “”GET /gifts.html HTTP/2.0″”
%s this is the status code that the server sends back to the client. This is displayed in a web-page is not displayed correctly.
%b this is the size of the response in bytes.
Referrer is the page which has a link to the page gifts.html
User-Agent informs about the client browser.
4. CustomLog – This gives us the path to the access log and states the type of access log that is access, agent, referrer or combined.
Example:
CustomLog logs/access_log combined
Now you know the meaning of the directives used in Apache logging. More on logging features and log rotation to follow.
About the Author
It has been four months and some odd days since Vicky Karmakar joined the Poornam family.
A graduate of Information Technology branch, Vicky has always been interested in exploring the newer ventures of the Open source technology with an acute inclination towards network security. He also harbors a passion towards writing poetry and cooking culinary delicacies.
Co-Authored by Sankar.H
0 Comments