www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Theo Van Dinter <felic...@kluge.net>
Subject Re: mod_status/4744: Visiting server-status logs the hostname of the client regardless of HostnameLookup.
Date Sat, 31 Jul 1999 15:49:17 GMT
|Do you have your /server-status Location protected by
|something like "Deny from all","Allow from .kluge.net"?
|If so, that's the cause -- on name-based access
|restrictions, Apache *always* does a double-reverse
|lookup, which will result in the client name being stored
|in the appropriate structures and hence available (and
|used) for logging.

Ok, that does explain it.  I would still classify it as a bug though:  The
whole point of "HostnameLookup off" is so that the IP is the only client
identifier in the logs/passed to CGIs/etc.  Since the current scheme doesn't
always do what you expect (named-based access controls causes hostname to be
used instead of IP), it should be fixed, or minimally at least documented w/
"Hostnamelookup" (it's hinted to, but not clearly indicated).

Would it be possible to say something like: (pseudo-ish code...)

if ( configuration.hostnamelookup == 0 )
	Log(request.clientIP);
else {
	if ( request.clientname[0] != '\0' )
		Log(request.clientname);
	else
		Log(request.clientIP);
}

??

thanks.

Mime
View raw message