19

Is there a way to log requests going through mod proxy? I need a way to debug my configuration, because I don't seem to be getting where I should be. I need the following information:

  • headers of incoming requests
  • what is being sent to the proxy target

Maybe a related question: is there a way to strip some headers? I tried the following:

ProxyPass         /proxy/other http://not.under.my.control/
<Location /proxy/other>
   ProxyPassReverse /
   RequestHeader unset Authorization
</Location>

I don't really know whether this is ok, because I don't see anything.

chicks
  • 3,639
  • 10
  • 26
  • 36
Kariem
  • 501
  • 2
  • 6
  • 14

6 Answers6

16

I used dumpio. I put the following in /etc/httpd/conf.d/dumpio.conf:

LoadModule dumpio_module modules/mod_dumpio.so

DumpIOInput On
DumpIOOutput On
DumpIOLogLevel debug

LogLevel debug

An often forgotten piece is setting the LogLevel to debug. Without it, you won't actually see any DumpIO output.

The log output is written to the error log for the virtual host and/or the server.

GuyPaddock
  • 281
  • 1
  • 3
  • 7
  • 2
    It turned out pretty helpful for me. Thanks! On Ubuntu I went `$ a2enmode dump_io` After that I've added lines from the answer to a VirtualHost directive. Checked out the `$ tail -f /var/log/apache2/error.log` while making requests and got all the info I needed. After you're done with debugging it's better to turn it off by `$ a2dismode dump_io` and reverting the VirtualHost. Otherwise you'll get very bloated logs. – uKolka Mar 13 '14 at 01:11
  • 6
    The directive "DumpIOLogLevel" no longer exists. One has to set `LogLevel dumpio:trace7` as described in [mod_dumpio](https://httpd.apache.org/docs/current/mod/mod_dumpio.html) – David Tonhofer Apr 10 '19 at 21:06
6

If you change LogLevel to debug it'll give you more detail about what's going on in the standard Error log.

LogLevel debug

That'll get you plenty of information about what's happening.

Decado
  • 1,949
  • 11
  • 17
  • 1
    Although I now have quite a bit of additional information on the proxy in the log, the information I would like to see is not there. Using LogFormat, can we somehow get the information I requested? – Kariem Mar 18 '11 at 13:45
  • 1
    Have a play around with LogFormat, Note that you can use mod_forensic and mod_security to get much more details – Decado Mar 19 '11 at 09:12
  • 1
    In apache 2.4 the LogLevel directive is in `/etc/apache2/apache2.conf` on Ubuntu. Seems obvious but it took me a second to figure that out. – Shrout1 Sep 06 '19 at 17:32
6

You can also append proxy:trace5 to your existing LogLevel directive

If you have this

LogLevel error

Change it to this

LogLevel error proxy:trace5

Be sure to change that back to normal after use. This will create huge log files fast.

yunzen
  • 325
  • 3
  • 9
3

Another option might be mod_forensic, can easily log the request and headers etc. Beware of disk space usage though, on a heavy load web-site mod_forensic can easily produce tens of Gigs per day.

http://httpd.apache.org/docs/2.2/mod/mod_log_forensic.html

HampusLi
  • 3,398
  • 15
  • 14
1

mod_security can log request body & headers, among other things. Link

ggiroux
  • 234
  • 1
  • 2
  • 1
    Best practice is to provide a concise summary. As of 2015-08, the link seems dead... – sage Aug 21 '15 at 16:33
-2

You can use these logs, but they won't give you exactly what you want :

<VirtualHost yourdomain.com> 
    Customlog yourdomain.com-access.log combined 
    ErrorLog yourdomain.com-error.log
# Your other stuff
</VirtualHost>
Popinou
  • 7
  • 1