logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: user entered ip instead of dns
Author
sailor



Joined: 17 Apr 2015
Posts: 82
Location: US

PostPosted: Tue 16 Nov '21 17:21    Post subject: user entered ip instead of dns Reply with quote

I was looking at my error log, I see it's filled with people trying to use TLS 1.0, 1.1 and SSL v3.

Is there a way to tell if user used an ip to get to your site instead of DNS?

I believe if it's in error log, it won't even show up in the access log as it didn't get to that point.
Back to top
tangent
Moderator


Joined: 16 Aug 2020
Posts: 348
Location: UK

PostPosted: Wed 17 Nov '21 22:16    Post subject: Reply with quote

Apache error log filtering is not as flexible as that available for the access log. However, if your error logs are getting full of extraneous SSL entries, such as failures for TLS 1.1, 1.0 or SSL v3, you could potentially exclude them with something like:-
Code:

LogLevel ssl:error

See http://httpd.apache.org/docs/current/mod/core.html#loglevel - the default level for modules is warn.

Clients will use DNS to resolve what IP address to use to connect to your site, but thereafter the host request header should carry what they put in the address window of their browser, i.e. name or IP. However, IP is going to give them a certificate challenge.

Once their connection request is successful, that detail will be logged in the access log, and can be conditionally filtered if needbe.
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7373
Location: Germany, Next to Hamburg

PostPosted: Sun 21 Nov '21 22:15    Post subject: Re: user entered ip instead of dns Reply with quote

sailor wrote:


Is there a way to tell if user used an ip to get to your site instead of DNS?


Another idea is to set up a default vhost aka fetch all, and there you can do a redirect to the main vhost (or don't redirect). In the logs of that vhost you can see the IPs of ppl who try to access your server via IP only.
Back to top


Reply to topic   Topic: user entered ip instead of dns View previous topic :: View next topic
Post new topic   Forum Index -> Apache