Apache by default logs the
HTTP request method but not the request data itself. This is especially inadequate when troubleshooting
POST requests as the details required are in the data that was sent with the request. These are some of the methods available to log
POST request data in
mod_dumpio is included by default in most
Apache installations and could easily be configured as the followings;
$ sudo a2enmod dump_io
The method could be different if you're not using
Ubuntu or other
CustomLog /var/log/httpd/website.log combined ErrorLog /var/log/httpd/website.error.log
DumpIOInput On DumpIOOutput On LogLevel dumpio:trace7
SecRuleEngine On SecAuditEngine on
SecRequestBodyAccess on SecAuditLogParts ABIFHZ
SecRule REQUEST_METHOD "^POST$" "chain,allow,phase:2,id:123" SecRule REQUEST_URI ".*" "auditlog"
POST request could be very big and take up too much space to log. Sensitive data that are sent in
POST requests such as passwords or credit card information should not reside in log files. In these instances, you'll have to whether choose what
POST data to log, or not log at all.
While this is not an
Apache specific solution, the best way to do it is to log
POST request data via your application. It's very flexible and you have granular control of what to log and what not to log. The caveat is that you'll have to code it and could be a bit of an extra work.