homepage Welcome to WebmasterWorld Guest from 54.225.57.156
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

    
Configuration Change has no Effect
Not possible to switch HostnameLookups Off
wernizh




msg:3105051
 10:18 am on Oct 2, 2006 (gmt 0)

I do have two root servers. Both on Linux Suse 9.3.
I wanted to switch off HostnameLookups.
So I changed it to "Off" in /etc/apache2/default-server.conf
and did a #rcapache2 restart
This worked for one server but not for the other.

Then I looked at the configuration files of apache2. But they looked the same on both servers.

It tried also to put "HostnameLookups Off" in httpd.conf and in the virtual.d/my_domain.conf
But it still shows hostnames.

Then I tried to change the compression (deflate) in httpd.conf. This did work. So at least I know that httpd.conf is taken at startup.

But why is HostnameLookups still on?
(I never tried a reboot - only rcapache2 stop and start)

# ps -ef does show lines of:
... /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL

 

xian




msg:3106052
 12:09 am on Oct 3, 2006 (gmt 0)

It looks like you are using:
/etc/apache2/httpd.conf

as your conf file, but you made changes to:
/etc/apache2/default-server.conf

You might try there.. if that doesnt work:
grep -i hostnamelookup /etc/apache2/*

wernizh




msg:3106291
 4:37 am on Oct 3, 2006 (gmt 0)

Thanks for your reply.

I tried:

/etc/apache2/default-server.conf
/etc/apache2/httpd.conf
/etc/apache2/virtual.d/my_domain.conf

Nothing helped.

wernizh




msg:3107745
 3:25 am on Oct 4, 2006 (gmt 0)

In the meantime I found the following:

The entry "HostnameLookups Off" in /etc/apache2/default-server.conf does switch it off, but only for some virtual hosts.
For the other vhosts it stays on! I don't know why.

The definition for the virtual hosts do look all the same, expect for the name of the domain and the associates directory, of course.

jdMorgan




msg:3108377
 4:41 pm on Oct 4, 2006 (gmt 0)

I can't be of much help, but perhaps a question might clarify the issue:

How are you determining that hostname lookups are enabled? - Are you looking at outgoing reverse DNS requests from your server, or are you looking at the log file format?

If the latter, then consider that the log file format may be overriding the hostname lookups settings; If you tell the server to log hostnames, then it must do hostname lookups.

Jim

wernizh




msg:3109103
 3:08 am on Oct 5, 2006 (gmt 0)

jdMorgan

Thanks for your input.

Yes, I'm looking at the access_log. All the entries go into one and only access_log. There for virtual hosts a. the accessing computers are logged by IP and for virtual host b. the accessing computers are logged by name.

I'm using this:
(and I don't change it in the virtual hosts defs.)

LogFormat "%v %h %l %u %t \"%r\" %>s %b \
\"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined

According to Apache documentation %h ist the accessing host. But it does not say whether it is the IP or the name. Nevertheless it is not clear why not all virtual hosts do show the same.

Any other ideas?

jdMorgan




msg:3109114
 3:24 am on Oct 5, 2006 (gmt 0)

> "%v %h %l %u ...

%h is the remote hostname, resolved using reverse DNS. So the logging format is forcing remote hostname lookups, apparently.

You might consider changing that to

"%v %a %l %u ...

as a test.

I've no idea why it would do hostname lookups on one vhost, but not another. But the above test is easy to do, and may contribute a data point to aid analysis.

Jim

wernizh




msg:3109161
 5:13 am on Oct 5, 2006 (gmt 0)

jdMorgan

Thanks a lot for your response.

I did try now with %a and it really did show IP addresses only. I switched HostnameLookups Off and On and it always show IP adresses, only.

But according apache manual %a should display IP addresses. So it does what it should.

As mentioned before (on my system) %h does show host names for some virtual hosts if HostnameLookups=On. If HostnameLookups=Off it shows IP addresses only.
For some other virtual hosts %h shows IP addresses only, whether HostnameLookups is On or Off.

Is there another possiblity show see whether HostnameLookups is On or Off?

By the way: My system has 4 (virtual?) IP addresses defined for its network card. But I could not see any influence on the IP address the virtual host is defined.

jdMorgan




msg:3109771
 4:25 pm on Oct 5, 2006 (gmt 0)

As mentioned before (on my system) %h does show host names for some virtual hosts if HostnameLookups=On. If HostnameLookups=Off it shows IP addresses only.
For some other virtual hosts %h shows IP addresses only, whether HostnameLookups is On or Off.

If HostnameLookups are on, or are implicitly requested by using the %h log file format, then the server will attempt to send a reverse-DNS lookup request to the DNS system. If the request returns a hostname, then that hostname will be displayed. If the request times out or fails for any reason, or if there is no hostname assoicated with the remote IP address, then only the remote IP address will be shown.

So a failure to show a remote hostname can be caused by a failure of a vhost to connect to the DNS system (check for firewall blocking outgoing TCP/IP or UDP requests to port 53 from your NIC IP addresses), by a failure or timeout on the DNS response, or by the lack of a hostname entry associated with the IP address for which the RDNS is requested.

As far as I know, the HostnameLookups setting and the log file format option are the only 'settings' associated with hostname lookups. But I don't pretend to know everything, so there may indeed be other settings that can influence this behaviour.

Jim

jdMorgan




msg:3109821
 4:55 pm on Oct 5, 2006 (gmt 0)

Oh, a few more...

Using any of the following hostname-related directives might implicitly enable hostname lookups:

Allow from www.example.com
Deny from example.org
RewriteCond %{REMOTE_HOST} www.example.com

Jim

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved