[apache 1.3.x] logging *entire* request header set?

27/05/2005, 22h11

Hey all,

I've got some servers running various Apache 1.3.x instances, most with
PHP 4 installed as a module. I'm looking to find a way to log the
entire client request (at least a smattering of pages) starting with
the request line and including all of the headers.

I know with CGI programs I can get the headers from the environment,
and I've found a way with PHP to access the headers as an array, but
both of these lose the header order.

Anyone have ideas?

Elijah
------
has been logging the reordered headers for lack of something better

27/05/2005, 23h06

Eli the Bearded <*@eli.users.panix.com> writes:
> I know with CGI programs I can get the headers from the environment,
> and I've found a way with PHP to access the headers as an array, but
> both of these lose the header order.
>
> Anyone have ideas?

For debugging purposes I've generally done that with the junkbuster
proxy. If it's for production you probably want to find something
less kludgy.

28/05/2005, 18h52

In comp.infosystems.www.servers.unix,
Paul Rubin <http://phr.cx@NOSPAM.invalid> wrote:
> Eli the Bearded <*@eli.users.panix.com> writes:
> > I know with CGI programs I can get the headers from the environment,
> > and I've found a way with PHP to access the headers as an array, but
> > both of these lose the header order.
> > Anyone have ideas?
> For debugging purposes I've generally done that with the junkbuster
> proxy. If it's for production you probably want to find something
> less kludgy.

I don't want to stick a proxy in front of my website for capturing the
incoming traffic. For capturing stuff from my own browser I have used
proxies, but now favor Firefox's Live HTTP Headers plugin (at mozdev).

I'd like to be able to capture all headers for things like web robots
and exploit attempts.

Elijah
------
doing it in apache makes it easier to capture non-ErrorDocument handled errors

28/05/2005, 19h00

Eli the Bearded <*@eli.users.panix.com> writes:
> I'd like to be able to capture all headers for things like web robots
> and exploit attempts.

If you're going to capture and record incoming passwords and
authentication , you may be creating worse exploits (in
the form of the log file itself becoming a juicy target) than you're
solving. You have to be careful with this kind of thing.

27/05/2005, 22h11	#1
Eli the Bearded Messages: n/a Hébergeur:	*[apache 1.3.x] logging entire* request header set?** Hey all, I've got some servers running various Apache 1.3.x instances, most with PHP 4 installed as a module. I'm looking to find a way to log the entire client request (at least a smattering of pages) starting with the request line and including all of the headers. I know with CGI programs I can get the headers from the environment, and I've found a way with PHP to access the headers as an array, but both of these lose the header order. Anyone have ideas? Elijah ------ has been logging the reordered headers for lack of something better

27/05/2005, 23h06	#2
Paul Rubin Messages: n/a Hébergeur:	*Re: [apache 1.3.x] logging entire* request header set?** Eli the Bearded <*@eli.users.panix.com> writes: > I know with CGI programs I can get the headers from the environment, > and I've found a way with PHP to access the headers as an array, but > both of these lose the header order. > > Anyone have ideas? For debugging purposes I've generally done that with the junkbuster proxy. If it's for production you probably want to find something less kludgy.

28/05/2005, 18h52	#3
Eli the Bearded Messages: n/a Hébergeur:	*Re: [apache 1.3.x] logging entire* request header set?** In comp.infosystems.www.servers.unix, Paul Rubin <http://phr.cx@NOSPAM.invalid> wrote: > Eli the Bearded <*@eli.users.panix.com> writes: > > I know with CGI programs I can get the headers from the environment, > > and I've found a way with PHP to access the headers as an array, but > > both of these lose the header order. > > Anyone have ideas? > For debugging purposes I've generally done that with the junkbuster > proxy. If it's for production you probably want to find something > less kludgy. I don't want to stick a proxy in front of my website for capturing the incoming traffic. For capturing stuff from my own browser I have used proxies, but now favor Firefox's Live HTTP Headers plugin (at mozdev). I'd like to be able to capture all headers for things like web robots and exploit attempts. Elijah ------ doing it in apache makes it easier to capture non-ErrorDocument handled errors

28/05/2005, 19h00	#4
Paul Rubin Messages: n/a Hébergeur:	*Re: [apache 1.3.x] logging entire* request header set?** Eli the Bearded <*@eli.users.panix.com> writes: > I'd like to be able to capture all headers for things like web robots > and exploit attempts. If you're going to capture and record incoming passwords and authentication , you may be creating worse exploits (in the form of the log file itself becoming a juicy target) than you're solving. You have to be careful with this kind of thing.

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email