Preventing Apache from logging 403 errors - apache

I want to prevent Apache 2.4 from logging 403 errors.
Conditional logging is described in https://httpd.apache.org/docs/2.4/logs.html, but this refers to the access log.
In httpd.conf, I tried:
ErrorLogFormat "%!403[%t] [%l] [pid %P] %F: %E: [client %a] %M"
Nope. I tried several variations, but Apache still gives an error. Maybe, conditional logging is not possible in the error log?

Related

How to customize Apache Error Log Format?

According to Apache documentation a user should be able to change the error log format. The following example shows what supplementary information is logged in the error log in addition to the actual log message.
ErrorLogFormat "[%t] [%l] [pid %P] %F: %E: [client %a] %M"
I am interested only in the log message "%M". I do not want to see anything else in the log file.
Therefore, in my vhost configuration I added the following line.
<VirtualHost *:80>
...
ErrorLogFormat "%M"
...
</VirtualHost>
This configuration removed "pid", "IP address", etc. But two strings (Apache error code AH01215 and cgi script path) which are not even mentioned in ErrorLogFormat are still added to the log messages. The Apache log looks like this:
AH01215: My log message1: /var/www/localhost/cgi-bin/script.cgi
AH01215: My log message2: /var/www/localhost/cgi-bin/script.cgi
...
I would appreciate if someone could tell me how to suppress this cgi script path string "/var/www/localhost/cgi-bin/script.cgi" as well as Apache error code "AH01215".
You are probably using the Apache mod cgi that is where the error code is added. The code comes in %M, so you can't remove it with the log format.
Switch to cgid to remove the AH01215 from the log. This fixed it for me.
In Ubuntu:
a2dismod cgi
a2enmod cgid

Error Apache when I upload a Image

when I upload a File, return a HTTP error, I thought is a permision directory, but in the Apache.error.log
[:error] [pid 15697] [client 84.127.226.119:57773] [client 84.127.226.119] ModSecurity: Access denied with code 406 (phase 2). Pattern match "^POST$" at REQUEST_METHOD. [file "/etc/modsecurity/custom/20_bruteforce.conf"] [line "44"] [id "210"] [msg "Accept header required"] [hostname "www.adginteriorismo.com"] [uri "/admin/uploadify/uploadify.php"] [unique_id "WHicpFJihsAAADqYz0UAAAAD"]
How I can Fix this?
You have ModSecurity installed and have configured it with a rule to not allow POST requests.
ModSecurity is a Web Application Firewall (WAF) add on to Apache and can be quite complicated to understand.
Easiest option is to comment out that rule (line 44 in /etc/modsecurity/custom/20_bruteforce.conf) and restart Apache - though maybe someone added that rule for a good reason.

How to remove "allowmethods:error" entry in apache error_log

I have only allowed GET, POST methods in my apache server. It shows lot of times error like below which is of no use to me. How can I block these errors to come in apache error log
[Mon Aug 22 18:43:27.232168 2016] [allowmethods:error] [pid 19314:tid 139797637039872] [demowebsite.com] [client 224.0.0.0:80] AH01623: client method denied by server configuration: 'PURGE' to /var/www/demowebsite/
I also want to know what is causing it. I am using apache 2.4 + php 5.5 + mod_pagespeed + varnish.
Please help me.
Since you seem to be using Apache 2.4.X
Just by setting:
LogLevel allowmethods:crit
you will be rising the level necessary to log to error log to critical level in that module so they won't show up for errors.

'suexec policy violation' prevent my website from running?

When I try to run my website it shows a 500 internal server error :
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator at webmaster#example.com to inform them of the time this error occurred, and the actions you performed just before this error.
More information about this error may be available in the server error log.
Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.
Error log says :
[cgi:error] [pid 13006] [client 141.101.104.167:28335] AH01215: suexec policy violation: see suexec log for more details: /home/myweb/public_html/cgi-bin/index.cgi
[cgi:error] [pid 13006] [client 141.101.104.167:28335] End of script output before headers: index.cgi
And Suexec log says :
[2016-04-23]: uid: (500/myweb) gid: (500/myweb) cmd: index.cgi
[2016-04-23]: error: target uid/gid (500/500) mismatch with directory (500/500) or program (0/0) or trusted user (0/10)
Since the problem seems from suexec I decided to check at it, so in WHM/Configure PHP and suEXEC I found it's status On, I disabled it and try to run website again but nothing changes, I enabled it again but website still cannot running.
I went to /usr/local/apache/conf/httpd.conf and removed the directive :
<IfModule !mod_disable_suexec.c>
<IfModule !mod_ruid2.c>
SuexecUserGroup myweb myweb
</IfModule>
</IfModule>
But that didn't solve the problem and the website still shows 500 internal server error
I changed te permission of /home/myweb/public_html/cgi-bin/ from 777 to 755 then to 775 but the problem still exist.
Can you help me to solve this problem.
change the permissions to 755 for all your files
and enjoy !
The problem is the un-appropriate permissions

Why is 404 working when comment disabled

In my httpd.conf file, every mention of the ErrorDocument has a hash before it on the same line - meaning that it's commented out.
So why do I get a 404 error page on the browser? How does the browser know what message to display?
I must be getting a 404 because this is displayed in the error_log;
[Wed Jun 25 12:21:17 2014] [error] [client **********] File does not exist: /var/www/html/surveys/blahblah
Is there a default setting somewhere?
My environment is Linux, Apache and PHP
You see Apache httpd's simple hardcoded message.
You need to configure an empty document as the ErrorDocument if you want a empty page to be displayed.
See the Apache Documentation or this question for further informations.