HOWTO: Apache, Don't Log Yourself (Don't Log Specific IP Address and User-Agents)

By Mark Kolich on June 7, 2009 10:30 AM | No TrackBacks
In some Apache web-server configurations, it might be useful avoid logging requests from specific IP addresses or User-Agents.  For example, if you regularly check your own site from your home network you probably don't want to record your own visit in your Apache access_log's.  For kolich.com, I stopped logging requests from my home network since I was filling up my own log files with redundant junk.

1 - httpd.conf Specific Configuration

Here's how you can stop logging requests from a specific IP address, or a request for a specific resource (goes in your httpd.conf file):

## Dont log myself (requests from my own network), requests
## for my robots.txt file.
SetEnvIf Remote_Addr "192\.168\.1\." dontlog
SetEnvIf Request_URI "^/robots\.txt$" dontlog

## I don't use this, but I have it here as an example.  Why
## I avoid using this is explained below.
##SetEnvIfNoCase User-Agent "(msnbot|googlebot|slurp)" dontlog

## Normal logging directives.  Note the env!=dontlog at the
## end of CustomLog.
ErrorLog logs/mark.koli.ch-error_log
CustomLog logs/mark.koli.ch-access_log combined env=!dontlog

2 - Why Should I NOT Use SetEnvIfNoCase User-Agent to Avoid Logging Requests From Specific User-Agents?

You can use "SetEnvIfNoCase User-Agent" if you want to stop logging requests from specific User-Agent's.  However, I would recommend that you avoid using this feature because it is extremely easy to forge/fake the User-Agent header of an HTTP request.  If a hacker tries to probe or attack your site disguised as the "GoogleBot", and your Apache server is configured to not log requests from clients that claim they are the "GoogleBot", you won't see the probe attacks in your log files.  Apache will think the request is from the GoogleBot, when in fact, it could be a hacker or malicious user masquerading as a web-crawler.

Cheers.

Tags:

Did You Find this Helpful?

Did you find this post helpful, or at least, interesting?

  

Send Mark a Direct Message

If you'd like to send me a direct message, please do so below. However, I do not publicly post comments or messages submitted directly to me. So, if you're going to try to SPAM me, or my blog, you're pretty much wasting your time.

400 characters remaining

Error

About Mark

A Silicon Valley native, Mark Kolich is a full-time Software Engineer, a casual entrepreneur, and a consultant for hire. A web technologies expert, his current focus is on building powerful and robust cloud-driven web-applications using Java, PHP, Perl, AJAX, DHTML, CSS, and JavaScript. His favorite programming languages are PHP, Java and JavaScript. He uses Linux, enjoys biking to work, loves building great software, and always writes elegant, readable, and maintainable code.

No TrackBacks

No trackbacks attached to this entry.

Twitter (@markkolich)

Bookmarks/Blogroll

Translate

About this Entry

This page contains a single entry by Mark Kolich published on June 7, 2009 10:30 AM.

The (Right?) Way to Parse, Filter, and Validate GET and POST Inputs From a Form in PHP (filter_input_array) was the previous entry in this blog.

Gagawa PHP 1.1-beta Released! is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.