Welcome to WebmasterWorld Guest from 50.17.74.162

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

Configuration Change has no Effect

Not possible to switch HostnameLookups Off

     

wernizh

10:18 am on Oct 2, 2006 (gmt 0)

5+ Year Member



I do have two root servers. Both on Linux Suse 9.3.
I wanted to switch off HostnameLookups.
So I changed it to "Off" in /etc/apache2/default-server.conf
and did a #rcapache2 restart
This worked for one server but not for the other.

Then I looked at the configuration files of apache2. But they looked the same on both servers.

It tried also to put "HostnameLookups Off" in httpd.conf and in the virtual.d/my_domain.conf
But it still shows hostnames.

Then I tried to change the compression (deflate) in httpd.conf. This did work. So at least I know that httpd.conf is taken at startup.

But why is HostnameLookups still on?
(I never tried a reboot - only rcapache2 stop and start)

# ps -ef does show lines of:
... /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL

xian

12:09 am on Oct 3, 2006 (gmt 0)

5+ Year Member



It looks like you are using:
/etc/apache2/httpd.conf

as your conf file, but you made changes to:
/etc/apache2/default-server.conf

You might try there.. if that doesnt work:
grep -i hostnamelookup /etc/apache2/*

wernizh

4:37 am on Oct 3, 2006 (gmt 0)

5+ Year Member



Thanks for your reply.

I tried:

/etc/apache2/default-server.conf
/etc/apache2/httpd.conf
/etc/apache2/virtual.d/my_domain.conf

Nothing helped.

wernizh

3:25 am on Oct 4, 2006 (gmt 0)

5+ Year Member



In the meantime I found the following:

The entry "HostnameLookups Off" in /etc/apache2/default-server.conf does switch it off, but only for some virtual hosts.
For the other vhosts it stays on! I don't know why.

The definition for the virtual hosts do look all the same, expect for the name of the domain and the associates directory, of course.

jdMorgan

4:41 pm on Oct 4, 2006 (gmt 0)

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I can't be of much help, but perhaps a question might clarify the issue:

How are you determining that hostname lookups are enabled? - Are you looking at outgoing reverse DNS requests from your server, or are you looking at the log file format?

If the latter, then consider that the log file format may be overriding the hostname lookups settings; If you tell the server to log hostnames, then it must do hostname lookups.

Jim

wernizh

3:08 am on Oct 5, 2006 (gmt 0)

5+ Year Member



jdMorgan

Thanks for your input.

Yes, I'm looking at the access_log. All the entries go into one and only access_log. There for virtual hosts a. the accessing computers are logged by IP and for virtual host b. the accessing computers are logged by name.

I'm using this:
(and I don't change it in the virtual hosts defs.)

LogFormat "%v %h %l %u %t \"%r\" %>s %b \
\"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined

According to Apache documentation %h ist the accessing host. But it does not say whether it is the IP or the name. Nevertheless it is not clear why not all virtual hosts do show the same.

Any other ideas?

jdMorgan

3:24 am on Oct 5, 2006 (gmt 0)

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member



> "%v %h %l %u ...

%h is the remote hostname, resolved using reverse DNS. So the logging format is forcing remote hostname lookups, apparently.

You might consider changing that to

"%v %a %l %u ...

as a test.

I've no idea why it would do hostname lookups on one vhost, but not another. But the above test is easy to do, and may contribute a data point to aid analysis.

Jim

wernizh

5:13 am on Oct 5, 2006 (gmt 0)

5+ Year Member



jdMorgan

Thanks a lot for your response.

I did try now with %a and it really did show IP addresses only. I switched HostnameLookups Off and On and it always show IP adresses, only.

But according apache manual %a should display IP addresses. So it does what it should.

As mentioned before (on my system) %h does show host names for some virtual hosts if HostnameLookups=On. If HostnameLookups=Off it shows IP addresses only.
For some other virtual hosts %h shows IP addresses only, whether HostnameLookups is On or Off.

Is there another possiblity show see whether HostnameLookups is On or Off?

By the way: My system has 4 (virtual?) IP addresses defined for its network card. But I could not see any influence on the IP address the virtual host is defined.

jdMorgan

4:25 pm on Oct 5, 2006 (gmt 0)

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member



As mentioned before (on my system) %h does show host names for some virtual hosts if HostnameLookups=On. If HostnameLookups=Off it shows IP addresses only.
For some other virtual hosts %h shows IP addresses only, whether HostnameLookups is On or Off.

If HostnameLookups are on, or are implicitly requested by using the %h log file format, then the server will attempt to send a reverse-DNS lookup request to the DNS system. If the request returns a hostname, then that hostname will be displayed. If the request times out or fails for any reason, or if there is no hostname assoicated with the remote IP address, then only the remote IP address will be shown.

So a failure to show a remote hostname can be caused by a failure of a vhost to connect to the DNS system (check for firewall blocking outgoing TCP/IP or UDP requests to port 53 from your NIC IP addresses), by a failure or timeout on the DNS response, or by the lack of a hostname entry associated with the IP address for which the RDNS is requested.

As far as I know, the HostnameLookups setting and the log file format option are the only 'settings' associated with hostname lookups. But I don't pretend to know everything, so there may indeed be other settings that can influence this behaviour.

Jim

jdMorgan

4:55 pm on Oct 5, 2006 (gmt 0)

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Oh, a few more...

Using any of the following hostname-related directives might implicitly enable hostname lookups:


Allow from www.example.com
Deny from example.org
RewriteCond %{REMOTE_HOST} www.example.com

Jim