The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Keeping 127.0.0.1 entries out of the Apache access_log?

Discussion in 'EasyApache' started by jols, Mar 27, 2011.

  1. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    I've almost got this worked out, but I need help completing this years long challenge.

    THE PROBLEM - I need to keep this stuff from being entered in the Apache access_log:

    127.0.0.1 - - [27/Mar/2011:03:39:25 -0500] "OPTIONS * HTTP/1.0" 200 -
    127.0.0.1 - - [27/Mar/2011:03:39:26 -0500] "OPTIONS * HTTP/1.0" 200 -
    127.0.0.1 - - [27/Mar/2011:03:39:27 -0500] "OPTIONS * HTTP/1.0" 200 -
    127.0.0.1 - - [27/Mar/2011:03:39:28 -0500] "OPTIONS * HTTP/1.0" 200 -
    127.0.0.1 - - [27/Mar/2011:03:39:29 -0500] "OPTIONS * HTTP/1.0" 200 -
    127.0.0.1 - - [27/Mar/2011:03:39:30 -0500] "OPTIONS * HTTP/1.0" 200 -
    127.0.0.1 - - [27/Mar/2011:03:39:34 -0500] "OPTIONS * HTTP/1.0" 200 -



    THE SOLUTION:

    In the Apache httpd.conf file I have made some changes to the log_config_module lines, like so:

    <IfModule log_config_module>
    LogFormat "%h %l %u %t \"%!414r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%!414r\" %>s %b" common

    SetEnvIf Remote_Addr 127\.0\.0\.1|66\.132\.174\.73|66\.132\.174\.84|67\.43\.164\.34|67\.43\.164\.34|66\.216\.126\.30 exclude_from_log

    CustomLog logs/access_log common env=!exclude_from_log

    <IfModule logio_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio

    </IfModule>

    </IfModule>


    This does the trick nicely, however, the Apache system re-inserts a critical line "CustomLog logs/access_log common" at various intervals which wipes out my effort, like so:

    CustomLog logs/access_log common
    CustomLog logs/access_log common env=!exclude_from_log



    THE CHALLENGE:

    I have been told that I need to modify the Apache template to keep this from occurring, but I'm not sure exactly how. When I look at /var/cpanel/templates/apache2/main.default I see this part which is likely the section to alter:

    [% FOREACH dir IN main.ifmodulelogconfigmodule.customlog.items -%]
    CustomLog [% dir.target %] [% dir.format %]
    [% END -%]

    But I don't want to make a mistake here and then have Apache go down. Do you suppose I need to just change the above to the following?

    [% FOREACH dir IN main.ifmodulelogconfigmodule.customlog.items -%]
    CustomLog [% dir.target %] [% dir.format %] env=!exclude_from_log
    [% END -%]




    Thanks for any ideas here.
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,446
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  3. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    If you are going to make changes to /var/cpanel/templates/apache2/main.default file, you actually need to copy /var/cpanel/templates/apache2/main.default to /var/cpanel/templates/apache2/main.local and revise that copy, then run the following commands (one will back up Apache's configuration):

    Code:
    cp /usr/local/apache/conf/httpd.conf /usr/local/apache/conf/httpd.conf.bak110328
    /scripts/rebuildhttpdconf
    /etc/init.d/httpd restart
    Before the last command, you can check the Apache configuration httpd.conf file to see if everything looks okay. If it doesn't, you can always remove the main.local file and rebuild again. cPanel checks for the main.local and builds Apache when running /scripts/rebuildhttpdconf with that local file when it exists. If it doesn't exist, it instead uses main.default file.
     
  4. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Thanks cPanelTristan, this gives me an excellent way to conduct testing.
     
  5. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Okay, I've been working at this for two years, and I keep getting closer, but still no cigar.

    Here are the changes I've made to the "main.local" apache template:

    [% FOREACH dir IN main.ifmodulelogconfigmodule.customlog.items -%]
    SetEnvIf Remote_Addr 127\.0\.0\.1|66\.132\.174\.73|66\.132\.174\.84|67\.43\.164\.34|67\.43\.164\.34|66\.216\.126\.30 exclude_from_log
    CustomLog [% dir.target %] [% dir.format %] env=!exclude_from_log
    [% END -%]

    But apparently the Apache system does not like the way I have included "env=!exclude_from_log"

    Upon rebuilding Apache, I get this:

    Initial configuration generation failed with the following message:An error occurred while running: /usr/local/apache/bin/httpd -DSSL -t -f /usr/local/apache/conf/httpd.conf.1329196575Exit signal was: 0Exit value was: 1Output was:---Syntax error on line 110 of /usr/local/apache/conf/httpd.conf.1329196575:CustomLog takes two or three arguments, a file name, a custom log format string or format name, and an optional "env=" clause (see docs)---Rebuilding configuration without any local modifications.Built /usr/local/apache/conf/httpd.conf OK


    Referring to this part:

    CustomLog takes two or three arguments, a file name, a custom log format string or format name, and an optional "env=" clause...

    Is there another way to add my "env=!exclude_from_log" option so the following will work?

    CustomLog [% dir.target %] [% dir.format %] env=!exclude_from_log


    What I am hoping to get to, is simply the following which will actually STICK in the httpd.conf file after a rebuild:

    CustomLog logs/access_log common env=!exclude_from_log


    Here is the entire block where everything works but the above line, here's how I would like this block to build:


    <IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    SetEnvIf Remote_Addr 127\.0\.0\.1|66\.132\.174\.73|66\.132\.174\.84|67\.43\.164\.34|67\.43\.164\.34|66\.216\.126\.30 exclude_from_log

    CustomLog logs/access_log common env=!exclude_from_log

    <IfModule logio_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio

    </IfModule>

    </IfModule>
     
  6. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Hello jols,

    Simply add the line itself exactly as you noted you want it to appear:

    Code:
    CustomLog logs/access_log common env=!exclude_from_log
    So you end up with the following in that section of /var/cpanel/templates/apache2/main.local file:

    Code:
    [% FOREACH dir IN main.ifmodulelogconfigmodule.customlog.items -%]
    SetEnvIf Remote_Addr 127\.0\.0\.1|66\.132\.174\.73|66\.132\.174\.84|67\.43\.164\.34|67\.43\.164\.34|66\.216\.126\.30 exclude_from_log
    CustomLog logs/access_log common env=!exclude_from_log
    [% END -%]
    I tested putting exactly that into the file and I have those lines as you indicated without any errors for the CustomLog line upon /scripts/rebuildhttpdconf command.

    Thanks!
     
  7. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    38
    Thanks, question - Would I then fully remove this line from the template file?

    CustomLog [% dir.target %] [% dir.format %]
     
  8. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Yes, you would as you'd use the entry I noted as the replacement for the prior lines in that file.
     

Share This Page