11.21 Apache访问日志
访问日志目录概要
- 访问日志记录用户的每一个请求
- vim /usr/local/apache2.4/conf/httpd.conf //搜索LogFormat
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common - 把虚拟主机配置文件改成如下:
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/www.123.com"
ServerName www.123.com
ServerAlias 123.com
CustomLog "logs/123.com-access_log" combined
</VirtualHost>- 重新加载配置文件 -t,graceful
- curl -x127.0.0.1:80 -I 123.com
- tail /usr/local/apache2.4/logs/123.com-access_log
访问日志
- 访问日志,就是在浏览器中输入网址,每一次访问,每一次请求,都会生成一个日志
- 查看apache2.4的日志
[root@hf-01 ~]# ls /usr/local/apache2.4/logs/
111.com-access_log abc.com-access_log access_log httpd.pid
111.com-error_log abc.com-error_log error_log
[root@hf-01 ~]# - 查看111.com访问日志
- 日志里面的HEAD都是curl命令导致的
- 日志里面的GET就是不加 -I参数的,在加上-I只会输出状态码,并不会把内容GET下来
- 日志里面包含 来源的IP,时间 , 行为 ,访问的域名 , HTTP的版本1.1 ,状态码 , 大小
[root@hf-01 ~]# ls /usr/local/apache2.4/logs/111.com-access_log
/usr/local/apache2.4/logs/111.com-access_log
[root@hf-01 ~]# cat !$
cat /usr/local/apache2.4/logs/111.com-access_log
127.0.0.1 - - [20/Dec/2017:23:29:53 +0800] "HEAD HTTP://111.com HTTP/1.1" 200 -
127.0.0.1 - - [20/Dec/2017:23:34:22 +0800] "HEAD HTTP://111.com HTTP/1.1" 401 -
127.0.0.1 - - [20/Dec/2017:23:36:57 +0800] "GET HTTP://111.com HTTP/1.1" 401 381
192.168.202.1 - - [20/Dec/2017:23:42:35 +0800] "GET /favicon.ico HTTP/1.1" 401 381
192.168.202.1 - - [20/Dec/2017:23:42:35 +0800] "GET / HTTP/1.1" 401 381
192.168.202.1 - - [20/Dec/2017:23:42:52 +0800] "GET / HTTP/1.1" 401 381
192.168.202.1 - - [20/Dec/2017:23:48:41 +0800] "GET / HTTP/1.1" 401 381
192.168.202.1 - hanfeng [20/Dec/2017:23:49:04 +0800] "GET / HTTP/1.1" 200 7
127.0.0.1 - hanfeng [20/Dec/2017:23:57:06 +0800] "HEAD HTTP://111.com HTTP/1.1" 200 -
127.0.0.1 - hanfeng [20/Dec/2017:23:59:16 +0800] "HEAD HTTP://111.com HTTP/1.1" 401 -
127.0.0.1 - hanfeng [21/Dec/2017:00:19:07 +0800] "HEAD HTTP://111.com HTTP/1.1" 200 -
127.0.0.1 - hanfeng [21/Dec/2017:00:19:21 +0800] "GET HTTP://111.com HTTP/1.1" 200 7
127.0.0.1 - - [21/Dec/2017:00:19:37 +0800] "GET HTTP://111.com HTTP/1.1" 200 7
127.0.0.1 - - [21/Dec/2017:00:19:41 +0800] "GET HTTP://111.com HTTP/1.1" 200 7
127.0.0.1 - - [21/Dec/2017:00:24:13 +0800] "HEAD HTTP://111.com HTTP/1.1" 200 -
127.0.0.1 - - [21/Dec/2017:00:25:42 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 401 -
127.0.0.1 - hanfeng [21/Dec/2017:00:27:11 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 200 -
127.0.0.1 - hanfeng [21/Dec/2017:00:27:43 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 155
127.0.0.1 - hanfeng [21/Dec/2017:00:29:05 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 7
127.0.0.1 - hanfeng [21/Dec/2017:00:52:40 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 200 -
192.168.202.130 - - [21/Dec/2017:21:07:37 +0800] "HEAD HTTP://2111.com.cn HTTP/1.1" 301 -
[root@hf-01 ~]# 定义日志文件格式
- 上面输出的日志太过简单,不是我们所需要的日志格式,日志其实可以自定义格式的
- 打开主配置文件
- 默认使用的是common
- %h,来源IP
- %l,用户
- %u,用户名和密码
- %t,时间
- %r,行为和网站
- %>s,网站状态码
- %b,页面大小
- {Referer}i 表示访问页面的上一个所访问的页面
- %{User-Agent}i 表示用户代理,是通过浏览器访问,还是curl命令访问,最终获得网站的内容,浏览器就是用户代理
[root@hf-01 ~]# vim /usr/local/apache2.4/conf/httpd.conf ——>不更改信息
搜索 /LogFormat ,看到的就是文件格式,这里提供了两个文件的格式,默认使用的是common
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common- 打开虚拟机配置文件
[root@hf-01 ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf
未更改前
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/abc.com"
ServerName abc.com
ServerAlias www.abc.com www.123.com
ErrorLog "logs/abc.com-error_log"
CustomLog "logs/abc.com-access_log" common
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com 2111.com.cn
# <Directory /data/wwwroot/111.com>
# <FilesMatch 123.php>
# AllowOverride AuthConfig
# AuthName "111.com user auth"
# AuthType Basic
# AuthUserFile /data/.htpasswd
# require valid-user
# </FilesMatch>
#</Directory>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^111.com$
RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
</IfModule>
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" common
</VirtualHost>
更改后,将common 改为 combined
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/abc.com"
ServerName abc.com
ServerAlias www.abc.com www.123.com
ErrorLog "logs/abc.com-error_log"
CustomLog "logs/abc.com-access_log" common
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/data/wwwroot/111.com"
ServerName 111.com
ServerAlias www.example.com 2111.com.cn
# <Directory /data/wwwroot/111.com>
# <FilesMatch 123.php>
# AllowOverride AuthConfig
# AuthName "111.com user auth"
# AuthType Basic
# AuthUserFile /data/.htpasswd
# require valid-user
# </FilesMatch>
#</Directory>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^111.com$
RewriteRule ^/(.*)$ http://111.com/$1 [R=301,L]
</IfModule>
ErrorLog "logs/111.com-error_log"
CustomLog "logs/111.com-access_log" combined
</VirtualHost>- 检查配置文件是否存在语法错误,并重启配置文件
[root@hf-01 ~]# /usr/local/apache2.4/bin/apachectl -t
Syntax OK
[root@hf-01 ~]# /usr/local/apache2.4/bin/apachectl graceful
[root@hf-01 ~]# - 使用curl命令访问网址
[root@hf-01 ~]# curl -x192.168.202.150:80 http://111.com123.php -I
HTTP/1.1 200 OK
Date: Thu, 21 Dec 2017 13:50:10 GMT
Server: Apache/2.4.29 (Unix) PHP/7.1.6
X-Powered-By: PHP/7.1.6
Content-Type: text/html; charset=UTF-8
[root@hf-01 ~]# - 再用浏览器访问下网址
- 查看日志文件
- 会看到日志文件丰富了
[root@hf-01 ~]# tail !$
tail /usr/local/apache2.4/logs/111.com-access_log
127.0.0.1 - - [21/Dec/2017:00:24:13 +0800] "HEAD HTTP://111.com HTTP/1.1" 200 -
127.0.0.1 - - [21/Dec/2017:00:25:42 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 401 -
127.0.0.1 - hanfeng [21/Dec/2017:00:27:11 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 200 -
127.0.0.1 - hanfeng [21/Dec/2017:00:27:43 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 155
127.0.0.1 - hanfeng [21/Dec/2017:00:29:05 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 7
127.0.0.1 - hanfeng [21/Dec/2017:00:52:40 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 200 -
192.168.202.130 - - [21/Dec/2017:21:07:37 +0800] "HEAD HTTP://2111.com.cn HTTP/1.1" 301 -
192.168.202.130 - - [21/Dec/2017:21:51:25 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
192.168.202.1 - - [21/Dec/2017:21:51:32 +0800] "GET /123.php HTTP/1.1" 200 7 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.221 Safari/537.36 SE 2.X MetaSr 1.0"
192.168.202.130 - - [21/Dec/2017:21:55:08 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
[root@hf-01 ~]# - 测试{Referer}i ,在论坛新建一个笔记,测试网址,加入自己的测试链接,并在日志中打开自己的测试链接
- 再来查看日志文件,会看到生成了{Referer}i
[root@hf-01 ~]# tail -5 /usr/local/apache2.4/logs/111.com-access_log
192.168.202.130 - - [21/Dec/2017:21:07:37 +0800] "HEAD HTTP://2111.com.cn HTTP/1.1" 301 -
192.168.202.130 - - [21/Dec/2017:21:51:25 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
192.168.202.1 - - [21/Dec/2017:21:51:32 +0800] "GET /123.php HTTP/1.1" 200 7 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.221 Safari/537.36 SE 2.X MetaSr 1.0"
192.168.202.130 - - [21/Dec/2017:21:55:08 +0800] "HEAD http://111.com/123.php HTTP/1.1" 200 - "-" "curl/7.29.0"
192.168.202.1 - - [21/Dec/2017:22:04:27 +0800] "GET /123.php HTTP/1.1" 200 7 "http://ask.apelearn.com/question/17687" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.221 Safari/537.36 SE 2.X MetaSr 1.0"
[root@hf-01 ~]# 本文参与 腾讯云自媒体同步曝光计划,分享自作者个人站点/博客。
如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读
目录
相关产品与服务
轻量应用服务器
轻量应用服务器(TencentCloud Lighthouse)是新一代开箱即用、面向轻量应用场景的云服务器产品,助力中小企业和开发者便捷高效的在云端构建网站、Web应用、小程序/小游戏、游戏服、电商应用、云盘/图床和开发测试环境,相比普通云服务器更加简单易用且更贴近应用,以套餐形式整体售卖云资源并提供高带宽流量包,将热门软件打包实现一键构建应用,提供极简上云体验。
腾讯云开发者
