Hi! On Sun, Dec 14, 2008 at 3:46 PM, Morgan Gangwere <0.fractalus@xxxxxxxxx> wrote: > Well, more accurately, this is kinda backwards. According to the > "documentation", the syntax for SetEnvIf is > > SetEnvIf (statement) (statement) (varname) In my documentation: http://httpd.apache.org/docs/2.2/mod/mod_setenvif.html it is written: SetEnvIf attribute regex [!]env-variable[=value] [[!]env-variable[=value]] ... > You're acctually //setting// a variable here to a particular //value//. if > this is possible please let me know, as i could use this, as I'm having 0 > luck getting CustomLog to work. But CustomLog just checks whether environment variable exists or not. So the value does not matter in this case. And about my problem. I have opted at the end for: CustomLog "/dev/null" common And now I do not have invalid requests logged. I do not like that but I do not like having them logged even more. I really do not understand why this short-circuiting is necessary. We have an error log for such "important" things. CustomLog should be completely customizable. Even this short-circuiting. It is funny in some way that I do not want those requests to be logged for security reasons (because they could leak some data to logs) but reason Apache logs them is just because of security. Only some other security. Can I make this a feature request? Obviously (t)here are users which do not mind not logging such requests. I agree that the default behavior should be logging them. But I also believe this should be customizable. Not all usage cases have the same definition of security. I could pipe to another program which would remove them before writing to a log file, though. Mitar --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|