httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ryan Barnett" <Ryan.Barn...@Breach.com>
Subject Re: [users@httpd] log file upload
Date Thu, 13 Dec 2007 02:20:06 GMT
Yep, modsecurity's audit_log can capture full request bodies if you desire and this would include
the filename data from the multipart-form-data upload sections.

You could also optionally intercept and make copies of uploaded files to store them locally.

Thanks,
Ryan C. Barnett 

----- Original Message -----
From: Vincent Bray <noodlet@gmail.com>
To: users@httpd.apache.org <users@httpd.apache.org>
Sent: Wed Dec 12 21:14:24 2007
Subject: Re: [users@httpd] log file upload

On 13/12/2007, Jean-Christophe Roux <jcxxr@yahoo.com> wrote:
> The users of my site can upload images using regular html forms. I would
> like to log the uploads so that I know such IP address at such time has
> uploaded such file. This is the last part that I am unable to do. Going
> through the docs on custom logs, I am not finding a solution. I could do
> that from my cgi program but I'd rather Apache to do it. I am running Apache
> 2.2 on Linux.

Apache isn't able to do such logging as the filename is part of the
POST request entity and not a request header.

mod_security might help..

-- 
noodl

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Mime
View raw message