Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Security question for logs

Discussion in 'Security' started by speckados, Aug 28, 2004.

  1. speckados

    speckados Well-Known Member

    May 21, 2003
    Likes Received:
    Trophy Points:
    Pastrana :: Guadalajara :: España
    cPanel Access Level:
    DataCenter Provider
    Well, after last day, I looking on logs for acces to cpanel and log of doamin hacked.

    First. Access log get only stupid or localhost how IP of remote machine. Also on my configuration are checked "Try to resolve each client's ip to a domain name when a user connects to WHM/cPanel/cppop. (speed degradation)" (and now probe without this option)

    Second.- On combined log for access on Apache Logs, I see a seriuos problem.

    There`re a lot of ISp that use a Proxy. Actual common log not get real ip of machine and that it's possible with a little changes on httpd.conf, but there're alot of chnges (on all virtual host) fo add two Customlog with use setennif directive.

    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%{Client-ip}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" proxy:%h" proxy
    SetEnvIf Client-ip . client-ip-request
    <VirtualHost XXXXXXZ>
    CustomLog domlogs/domainname combined env=!client-ip-request 
    CustomLog domlogs/domainname proxy env=client-ip-request
    That it's very important ofr legal considerations on SPain Law, and for security foresinc works.

    I'm looking for a system for modify all <virtualhost> with my CUstomlog but I don't see any for this work.

    Any sugestion?

    Thks. :cool:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice