I've set up Guzzle to include the Xdebug cookie when it makes a request to my API. I've added the following line to my /etc/httpd/conf/httpd.conf to watch the cookie's as requests come through:
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Cookie}i\"" common
If I make a request with this cookie through the Chrome REST console, xdebug hits a breakpoint. The request in the access logs is:
192.168.50.1 - - [17/Mar/2015:15:47:36 +0000] "GET /app_dev.php/user?id=1&authuserid=1 HTTP/1.1" 301 569 "XDEBUG_SESSION=PHPSTORM"
When Guzzle makes the very same request, the breakpoint is not hit.
127.0.0.1 - - [17/Mar/2015:15:42:17 +0000] "GET /app_dev.php/user?id=1 HTTP/1.1" 301 501 "XDEBUG_SESSION=PHPSTORM"
Obviously we are missing authuserid as a GET parameter, but this shouldnt effect xdebug. If this is being set as a hidden cookie by Guzzle maybe thats where I need to set the xdebug session?
I've had this working in the past before, but Im completely lost with this now.
My xdebug config (/etc/php.d/15-xdebug.ini or ) was:
zend_extension="/usr/lib64/php/modules/xdebug.so"
xdebug.idekey="PHPSTORM"
xdebug.remote_host=192.168.50.1
xdebug.remote_port=9000
xdebug.remote_connect_back=1
xdebug.remote_enable=1
xdebug.profiler_enable=1
xdebug.profiler_output_dir="<AMP home\tmp>"
Reducing my config to:
zend_extension="/usr/lib64/php/modules/xdebug.so"
xdebug.remote_host=192.168.50.1
xdebug.remote_port=9000
xdebug.remote_enable=1
Allowed my API to connect to xdebug.
Through process of elimination, at least one of the culprits was:
xdebug.remote_connect_back=1
xdebug.remote_connect_back Type: boolean, Default value: 0, Introduced in Xdebug > 2.1 If enabled, the xdebug.remote_host setting
is ignored and Xdebug will try to connect to the client that made the
HTTP request. It checks the $_SERVER['REMOTE_ADDR'] variable to find
out which IP address to use. Please note that there is no filter
available, and anybody who can connect to the webserver will then be
able to start a debugging session, even if their address does not
match xdebug.remote_host.
Although I still dont understand why this effected the functionality of xdebug in this case, as both the app and API were both on my virtual machine.
Related
Today i was parsing http access log ,while doing parsing i notice that there is - in the last(after user-agent)
I checked on Internet but there didn't find anything.
I am sharing the logs
54.36.149.41 - - [22/Jan/2019:03:56:14 +0330] "GET /filter/27|13%20%D9%85%DA%AF%D8%A7%D9%BE%DB%8C%DA%A9%D8%B3%D9%84,27|%DA%A9%D9%85%D8%AA%D8%B1%20%D8%A7%D8%B2%205%20%D9%85%DA%AF%D8%A7%D9%BE%DB%8C%DA%A9%D8%B3%D9%84,p53 HTTP/1.1" 200 30577 "-" "Mozilla/5.0 (compatible; AhrefsBot/6.1; +http://ahrefs.com/robot/)" "-"
Is this last - hyphen has some meaning or it just done by mistake. I have download this web server log from kaggle.
I know basic http log format can be
%h – Remote host (client IP address)
%l – User identity, or dash, if none (often not used)
%u – Username, via HTTP authentication, or dash if not used
%t – Timestamp of when Apache received the HTTP request
”%r – The actual request itself from the client
%>s – The status code Apache returns in response to the request
%b – The size of the request in bytes.
”%{Referer}i” – Referrer header, or dash if not used (In other words, did they click a URL on another site to come to your site)
”%{User-agent}i – User agent (contains information about the requester’s browser/OS/etc)
But in this case what i would call this hyphen which i seeing in last line
I am attempting to use AWStats 7.0 to parse Glassfish 4 HTTP access logs. Here is an example line:
"65.112.10.87" "NULL-AUTH-USER" "06/Mar/2018:05:22:41 -0500" "GET / HTTP/1.1" 200 52598
I'm running awstats_updateall.pl now and getting the following error:
Running '"/usr/share/awstats/wwwroot/cgi-bin/awstats.pl" -update -config=localhost.localdomain -configdir="/etc/awstats"' to update config localhost.localdomain
Create/Update database for config "/etc/awstats/awstats.localhost.localdomain.conf" by AWStats version 7.0 (build 1.971)
From data in log file "/usr/local/glassfish4/glassfish/domains/domain1/logs/access/server_access_log.2018-03-06.txt"...
Phase 1 : First bypass old records, searching new record...
Searching new records from beginning of log file...
AWStats did not find any valid log lines that match your LogFormat parameter, in the 50th first non commented lines read of your log.
Your log file /usr/local/glassfish4/glassfish/domains/domain1/logs/access/server_access_log.2018-03-06.txt must have a bad format or LogFormat parameter setup does not match this format.
Your AWStats LogFormat parameter is:
%host %otherquot %time1 %methodurl %code %bytesd
This means each line in your web server log file need to have the following personalized log format:
%host %otherquot %time1 %methodurl %code %bytesd
And this is an example of records AWStats found in your log file (the record number 50 in your log):
"65.112.10.87" "NULL-AUTH-USER" "06/Mar/2018:05:22:41 -0500" "GET / HTTP/1.1" 200 52598
Setup ('/etc/awstats/awstats.localhost.localdomain.conf' file, web server or permissions) may be wrong.
Check config file, permissions and AWStats documentation (in 'docs' directory).
As you can see above in the error, my LogFormat is set to the following:
LogFormat = "%host %otherquot %time1 %methodurl %code %bytesd"
I think the problem is that all the values in the Glassfish logs are quoted, like this:
"65.112.10.87" "NULL-AUTH-USER" "06/Mar/2018:05:22:41 -0500" "GET / HTTP/1.1" 200 52598
https://serverfault.com/questions/829694/looking-for-logformat-for-awstats-to-read-my-custom-apache-logfiles/830071 mentions a syntax that appears to be trying to handle double quotes with ref=\"%referer\" for example but I've tried something similar for %time1 and it doesn't seem to work for me (and I can't find any documentation on this syntax). \"%time1\" doesn't work either.
Can someone please help me figure out the right LogFormat definition? The options are described at http://www.awstats.org/docs/awstats_config.html#LogFormat but I don't see how deal with the host or timestamp being quoted (and the timestamp isn't in brackets).
Need somebody to push me in the right direction.
We're using apache http server (http1) reverse-proxy to send a request to another http server (http2). The challenge is http2 is not expected to send an HTML page in the response back to http1.
The http2 log does show the request coming in. However, the http1 log results in HTTP 502 error:
Internal error (specific information not available): [client ] AH01102: error reading status line from remote server localhost:9001
[proxy:error] [client ] AH00898: Error reading from remote server returned by /app/myContext/LogMessage
Here's http2 log which returns HTTP status 200:
"GET /app/myContext/LogMessage HTTP/1.1" 200 -
Please note that those requests that result in an HTML page work fine.
What would you think should be an approach here? Maybe using reverse proxy is not a good choice for this type of request?
We have httpd.conf on http1 set up this way:
ProxyPass "/app/myContext/"
http://localhost:9001/app/myContext/"
ProxyPassReverse "/app/myContext/"
http://localhost:9001/app/myContext/"
Disable ErrorLog on http1 altogether:
ErrorLog /dev/null
Have you tried to have http1 ignore using mod_log_config? According to the example the format string might be:
CustomLog expr=%{REQUEST_STATUS} -eq 502 && %{REQUEST_URI} =~ /app\/myContext/ ...
Or the LogFormat string might work too:
LogFormat %!502...
(h/t to Avoid logging of certain missing files into the Apache2 error log)
Is your problem that http1 is emitting 502 to the requestor? In that case, maybe use an <If> and a custom ErrorDocument?
<If %{REQUEST_URI} =~ /app\/myContext/>ErrorDocument 502 'OK'</If>
Went with the following solution: In http2 re-route the LogMessage call to fetch a blank html page:
1. Create blankfile.html in the /htdocs directory.
2. In httpd.conf add this line:
RewriteRule ^.(app/myContext/LogMessage). /blankfile.html [L]
This works for us since the whole purpose of LogMessage is to log the request in http2 access_log.
Just'd like to thank you #cowbert for working so deligently with me on this!
Why can't I see why Apache returns 403?!
If I look in the access log the only information I get is
193.162.142.166 - - [29/Jan/2014:18:34:26 +0100] "POST /api_test/callback.php HTTP/1.1" 403 2293
How can I get more information about why the request is forbidden/rejected?
The call is made from a payment gateway...
If the callback URL is a http request there are no problems and returns 200 OK
If the callback URL is a https my server returns 403.. I need to know why?
The server has SSL and openSSL installed and it works!
Have tried to do the https request from http://web-sniffer.net/ and then there are no problems..
I don't get it.. There must be something in the request headers from the payment gateway which results in 403
update
error log
[Wed Jan 29 20:45:55 2014] [error] No hostname was provided via SNI for a name based virtual host
solution
Ok it looks like the client doesn't support SNI
http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
Use the LogLevel directive to adjust how verbose the error logs are and increase until you can see what you want.
httpd 2.4 has better messages in a lot of respect and expensive list of LogLevel settings than 2.2. So if you're using 2.2 it may be a bit harder to figure this out.
I have a website running behind Cloudflare, which is a reverse-proxy. This means that I only ever get one or two IP addresses in my access logs.
However, Cloudflare does provide the visitor IP address in the request headers, which I assume I can log instead of the standard one in an access log.
I know how to use CustomLog, but is there a way to save an HTTP header in an Apache access log?
Thanks.
Aye - have a look at the docs - http://httpd.apache.org/docs/2.2/mod/mod_log_config.html specifically the entry for
%{Foobar}i
Which will net you:
The contents of Foobar: header line(s) in the request sent to the
server. Changes made by other modules (e.g. mod_headers) affect this.
If you're interested in what the request header was prior to when most
modules would have modified it, use mod_setenvif to copy the header
into an internal environment variable and log that value with the
%{VARNAME}e described above.
So one would usually add some entry like "... %{X-Forwarded-For-IP}i to the CustomLog entry.
Replace 'X-Forwarded-For-IP' to whateever your cloudflare service gets you (which usually is something like ''"CF-Connecting-IP"''); e.g.
LogFormat "%v %{CF-Connecting-IP}i (via cloudflare:%h) %l %u %t \"%r\" %>s %b" cloudflare
CustomLog "|rotatelog.. etc" cloudflare
With regard to the 'transferlog' -- see the note near TransferLog Directive -- that it picks up the most recent defined version.
Dw.