According to Apache documentation a user should be able to change the error log format. The following example shows what supplementary information is logged in the error log in addition to the actual log message.
ErrorLogFormat "[%t] [%l] [pid %P] %F: %E: [client %a] %M"
I am interested only in the log message "%M". I do not want to see anything else in the log file.
Therefore, in my vhost configuration I added the following line.
<VirtualHost *:80>
...
ErrorLogFormat "%M"
...
</VirtualHost>
This configuration removed "pid", "IP address", etc. But two strings (Apache error code AH01215 and cgi script path) which are not even mentioned in ErrorLogFormat are still added to the log messages. The Apache log looks like this:
AH01215: My log message1: /var/www/localhost/cgi-bin/script.cgi
AH01215: My log message2: /var/www/localhost/cgi-bin/script.cgi
...
I would appreciate if someone could tell me how to suppress this cgi script path string "/var/www/localhost/cgi-bin/script.cgi" as well as Apache error code "AH01215".
You are probably using the Apache mod cgi that is where the error code is added. The code comes in %M, so you can't remove it with the log format.
Switch to cgid to remove the AH01215 from the log. This fixed it for me.
In Ubuntu:
a2dismod cgi
a2enmod cgid
Related
I'm trying to setup a vagrant box with a lamp stack and was mostly successful. However, now I'm stuck with the error "Server unable to read .htaccess file". My setup is a Centos 7 server with Apache 2.4 and PHP 5.6.
Apparently, this seems to happen a lot as I saw many people ask that question, but here's the thing:
1) All my folders are with 777 permissions
2) AllowOverride all and Require all granted is set on all of my folders
3) Even went so far as to add apache user to root group just to see if it would change something
I basically did everything that was suggested in all of the posts I saw and still, apache can't read the .htaccess file.
In my logs, I see:
[Tue Sep 26 15:20:18.178541 2017] [core:crit] [pid 6491:tid 139938095892224] (13)Permission denied: [client 10.0.2.15:52176] AH00529: /var/www/html/Kalendho/public/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/var/www/html/Kalendho/public/' is executable
So I presume apache actually find the file, but for some reason, cannot open it even though it should be able to. So really, any help would be greatly appreciated as I'm currently at my whit's end here.
Thanks in advance
Okay, so apparently, it was an issue with selinux. Here's what I did:
Opened the file /etc/selinux/config and changed the following line:
SELINUX=enforcing
to
SELINUX=disabled
After that, I rebooted my machine and it got rid of the htaccess error.
I want to prevent Apache 2.4 from logging 403 errors.
Conditional logging is described in https://httpd.apache.org/docs/2.4/logs.html, but this refers to the access log.
In httpd.conf, I tried:
ErrorLogFormat "%!403[%t] [%l] [pid %P] %F: %E: [client %a] %M"
Nope. I tried several variations, but Apache still gives an error. Maybe, conditional logging is not possible in the error log?
I need to get apache running as a non-root user, listening to port 8443, in order to have a new website available (on localhost:8443) for internal security scanning, on a CentOS 7.3 system. I understand only the basics of apache (on Ubuntu), and I am NOT a web administrator, so am unfamiliar with the many options / config settings necessary to get this to work.
I have a directory (/webcontent) with my website content (which requires php), and can host there the various conf files necessary. But I am stumbling through getting httpd.conf setup properly for apache to run as a local user, launched with:
httpd -f /webcontent/conf/httpd.conf
And have set the logs to write to /webcontent/logs (via ErrorLog parameter), but it then complains about not having write access to /run/httpd, and so won't actually start:
[Thu Feb 23 11:59:51.289587 2017] [auth_digest:error] [pid 25464]
(13)Permission denied: AH01762: Failed to create shared memory segment
on file /run/httpd/authdigest_shm.25464
I imagine this is only the first of many problems I might have to get this running, so if anyone can point out the specific config settings necessary in httpd.conf (or elsewhere?) to get this scenario to work, that would be very much appreciated. Or has any other suggestions on running a non-root instance of apache for testing.
A bit late, but I see there's no answer so far. I just ran into this issue myself. My solution is below.
Use the DefaultRuntimeDir directive to override the default "/run/httpd" directory. This goes in httpd.conf. For example:
DefaultRuntimeDir "/my/local/rundir"
This will cause apache to create "/my/local/rundir/authdigest_shm.1234"
For some reason this doesn't also override the default pid file directory, so set it with the PidFile directive, e.g.:
PidFile "/my/local/rundir/httpd.pid"
You might also want to look at the ServerRoot directive.
If a visitor gets 404 error, nothing is written in apache error.log. In access log it appears like this:
GET /qqq HTTP/1.1" 404 409 "-"
And nothing in error.log. I have tried everything about LogLevel. As I understand, it is because that 404 page is custom page like
ErrorDocument 404 /new404.html
But I run search through all /etc/apache2 for text "404" in files and nothing was found there (instead of commented lines). What can be the problem? Or maybe I can somehow disable custom 404 page in .htaccess file? Or any other ways to display 404 errors in error.log?
As the person who filed the Apache bug which demoted 404 from Error to Info level as of Apache 2.4.1, here's the justification:
In production HTTP servers open to the Internet, 404s happen all the time. Malware, scanner scripts, and all sorts of other things probe Web servers for vulnerabilities or just because they can, and these things would all trigger errors which will end up being logged somewhere if the appropriate error level is set.
Most production Web server admins are content with seeing 404s in their access logs (which are logged right alongside 200s and 30x redirects), and want to see real server problems -- things they have control over fixing -- in the error log. The logging of 404s in error.log can, in some servers, be so much log spam that it drowns out legitimate problems needing the administrator's attention.
404 is a content issue, not a server issue. So my recommendation is to look in your access.log (or equivalent) for them. If you really want content related issues logged in error.log, you need to set LogLevel core:info. This will give you 404s there, and a few other kinds of content-related error messages too.
404 "errors" don't normally appear in the Apache error log, regardless of whether you have a custom ErrorDocument defined or not.
A 404 error is not strictly a server error. It's an expected HTTP response, so it naturally appears in the access log (as you have stated), not in the error log. The "404" is the HTTP response code, not a server error code.
However, you should be able to enable additional "information" messages in your error logging (eg. LogLevel info on Apache 2.4) to get this "information" in your system error log:
[Mon Feb 06 08:00:00.090525 2017] [core:info] [pid 13876:tid 1748] [client 203.0.113.111:54493] AH00128: File does not exist: /home/user/public_html/path/to/file
Note, however, that there is no mention of "404" - which maybe why your searches came up blank. This LogLevel should not be maintained on a production server.
Maybe this helps somebody...
I had zombie apache instances running (with a slightly different config loaded), and every other request for a static resource defined using an Alias was 404-ing.
Killed the zombies and all good...
404 is a server response, not a error.
You can get the 404 log doing something like:
cat /var/log/apache2/access_log | grep " 404 " | awk -F' ' '{print $4," ",$5,"-",$7}' > /root/404.log
and adjust the awk as you need!
On my local system i tried to get password protecting a directory with .htaccess running on Mamp 3.0.7.2 . The Apache version Mamp uses is Apache/2.2.29 (Unix). The httpd.conf file
/applications/mamp/conf/apache/httpd.conf
contains the following active line:
LoadModule authn_file_module modules/mod_authn_file.so
My testproject in
/applications/mamp/htdocs/sandbox/testproject/admin/.htaccess
contains following lines:
AuthBasic Basic
AuthName "Admin Area"
AuthUserFile /applications/mamp/htdocs/sandbox/.htpasswd
require valid-user
the .htpasswd file was created one level beneath in the sandbox folder for testing purpose only with:
htpasswd -c .htpasswd adminuser
with pwd .htpasswd within the sandbox folder i've extracted the exact path to prevent any typos which lead to
/applications/mamp/htdocs/sandbox/.htpasswd
but when i try to access the index.php file in the admin folder i get the following in the browser:
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, you#example.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
and the php_error.log outputs the following on every try:
[Mon Dec 29 11:23:30 2014] [alert] [client ::1] /Applications/MAMP/htdocs/sandbox/testproject/admin/.htaccess: Invalid command 'AuthBasic', perhaps misspelled or defined by a module not included in the server configuration
But how could the AuthBasic command be misspelled or not included, cuz it actually is defined properly as shown above. :/