httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ryan Barnett" <>
Subject Re: [users@httpd] log file upload
Date Thu, 13 Dec 2007 02:20:06 GMT
Yep, modsecurity's audit_log can capture full request bodies if you desire and this would include
the filename data from the multipart-form-data upload sections.

You could also optionally intercept and make copies of uploaded files to store them locally.

Ryan C. Barnett 

----- Original Message -----
From: Vincent Bray <>
To: <>
Sent: Wed Dec 12 21:14:24 2007
Subject: Re: [users@httpd] log file upload

On 13/12/2007, Jean-Christophe Roux <> wrote:
> The users of my site can upload images using regular html forms. I would
> like to log the uploads so that I know such IP address at such time has
> uploaded such file. This is the last part that I am unable to do. Going
> through the docs on custom logs, I am not finding a solution. I could do
> that from my cgi program but I'd rather Apache to do it. I am running Apache
> 2.2 on Linux.

Apache isn't able to do such logging as the filename is part of the
POST request entity and not a request header.

mod_security might help..


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message