0

I can't get dumpio to log POST request data.

httpd.conf:

... Include /etc/httpd/conf/httpd-le-ssl.conf ...

No LogLevel or dumpio related stuff in there.

httpd-le-ssl.conf:

<virtualHost *:443> ... <IfModule dumpio_module> ErrorLog "logs/dumpio_log" <IfModule log_config_module> LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined </IfModule> DumpIOInput On DumpIOOutput On LogLevel dumpio:trace7 </IfModule> </virtualHost>

(I'm not dealing with HTTP on port 80, everything 301-redirected to 443)

I did:

setenforce Permissive (in case SElinux is hindering something)

apachectl configtest (Syntax ok)

apachectl restart

httpd —M |grep -E "dumpio|log_config" (both loaded)

Now, when submitting a POST using a <form methode="POST">, the only thing that's logged:

/var/log/httpd/access_log:

<ip> - - [<date time>] "POST /form.php HTTP/2.0" 200 - "<server url>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"

but no detailed data. Specifically, there is nothing related in /var/log/httpd/error_log nor in any logs/dumpio_log. The latter file is created but contains 0 bytes.

What am I missing?

Improve this question
2
  • you should be looking at the error_log defined in your virtualhost I believe. Commented Sep 22, 2022 at 11:47
  • I've checked all logs. I read it should be in there, but it's not. Meanwhile, as a workarround, I've installed mod_security. That write tons of data incl. POST values to /var/log/httpd/modsec_audit.log . But I'd rather get dumpio to work. Commented Sep 22, 2022 at 12:02

2 Answers 2

Reset to default
1

mod_dumpio directives are only valid in server config context, not virtualhost like in your example.

Described in here in "Context" under the description of each directive: https://httpd.apache.org/docs/2.4/mod/mod_dumpio.html

Improve this answer
1
  • I put the block dumpio_module block at the end of my httpd.conf and deleted it from the virtualHost. Restartet Apache. httpd -M shows dumpio is loaded. But no change. dumpio_log got created but only contains messages from the Apache restart. - Meanwhile I am using mod_security to protocol everything and use a tail pipe with sed to extract the form post data that I need. I'd rather have dumpio running. Commented Oct 6, 2022 at 12:55
0

Two other things, besides Daniel's answer which rightly said it must be turned on at the server context, not vhost context, which I needed to do to get mod_dumpio working:

  1. Check that no other LogLevels are overriding LogLevel dumpio:trace7. Places to check are within includes (like Certbot's) and also Apache's (in /etc/httpd/conf.d/ssl.conf) logs/ssl_error_log, where there might be a LogLevel warn that needs to be commented out.
  2. Check that you're looking at the right log file- the Apache ssl conf file in my case caused mod_dumpio to log to /var/log/httpd/ssl_error_log instead of /var/log/httpd/error_log.
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.