1

My Apache/2.4.29 (Ubuntu) creates access log entries with pseudonymized IPs:

88.130.0.0 88.130.0.0 - - [09/Aug/2020:11:30:51 +0200] "GET / HTTP/1.1" 200 279 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"

When I connect with ncat and do an invalid HTTP request, the IP is not logged.

[09/Aug/2020:11:31:38 +0200] "test\n" 400 226

How do I configure Apache to log the IP in this case, too?

The following log format is used:

LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined

Logging is enabled using this VirtualHost directive:

CustomLog ${APACHE_LOG_DIR}/access.log combined

Pseudonymization is done with mod_log_ipmask (https://github.com/webfactory/mod_log_ipmask).

Improve this question
3
  • How exactly did you already configure Apache's logging? Commented Aug 9, 2020 at 13:09
  • @TeroKilkanen I tried disabling the module, resulting in unmasked IPs for valid requests, but still no IPs for invalid requests. Commented Aug 9, 2020 at 14:02
  • @MichaelHampton I added some information on logging configuration. Please let me know if you need more. Commented Aug 9, 2020 at 18:50

1 Answer 1

Reset to default
0

The output of

apache2ctl -DDUMP_CONFIG | grep -vE "^[ ]*#[ ]*[0-9]+:"

showed that the logging configuration for <VirtualHost xxx:80> differed from the logging configuration for <VirtualHost xxx:443>. It works as expected now.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.