How to log POST request data in Apache

Apache by default logs incoming HTTP requests but not everything about the request is logged. Below is an example request, Apache's CustomLog directive and the correspnding log that it captures:

GET /apache/log-post?field01=value01&field02=value02 HTTP/1.1
Host: simplified.guide
Content-Type: application/x-www-form-urlencoded

LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined

52.46.36.182 - - [30/Jan/2020:18:04:53 +0000] "GET /apache/log-post?field01=value01&field02=value02 HTTP/1.1" 200 13375 "-" "Amazon CloudFront"

HTTP GET requests consist of the URL and query string combination (/apache/log-post?field01=value01&field02=value02 in the above example) and is fully logged. POST requests however sends the data in the request body while only the URL (/apache/log-post) is logged and the request body is not.

This means that in order to fully log a POST request, you'll need to also log the body of an HTTP request.

Steps to log HTTP request body in Apache:

Enable dump_io module for your distribution.

How to enable or disable Apache modules
User of Ubuntu and Debian derivatives can use a2enmod utility to enable the module.
```
$ sudo a2enmod dump_io
Enabling module dump_io.
To activate the new configuration, you need to run:
  systemctl restart apache2
```
Open Apache's configuration file using your preferred text editor.
```
$ sudo vi /etc/apache2/httpd.conf
```
Apache configuration files

Configure the below steps/lines in a VirtualHost directive to apply the logging configuration only to a specific VirtualHost configuration.
Turn on the related modules.
```
DumpIOInput On
DumpIOOutput On
```
Set the LogLevel to dumpio:trace7.
```
LogLevel dumpio:trace7
```
Restart Apache for the changes to take effect.

How to start, restart and stop Apache service
Create an HTTP POST request with dummy data in the request body to test.
```
$ curl -XPOST --data "field01=value01&field02=value02" 127.0.0.1
```

Check Apache's error log to see the logged HTTP request body.

$ sudo grep field01  /var/log/apache2/error.log
[Sun Feb 02 01:46:13.062838 2020] [dumpio:trace7] [pid 21080] mod_dumpio.c(100): [client 127.0.0.1:47386] mod_dumpio:  dumpio_in (data-HEAP): field01=value01&field02=value02

Guide compatibility:

Operating System
Ubuntu 16.04 LTS (Xenial Xerus)
Ubuntu 16.10 (Yakkety Yak)
Ubuntu 17.04 (Zesty Zapus)
Ubuntu 17.10 (Artful Aardvark)
Ubuntu 18.04 LTS (Bionic Beaver)
Ubuntu 18.10 (Cosmic Cuttlefish)
Ubuntu 19.04 (Disco Dingo)

Support us on Patreon.

Help us create more and better guides.

Discuss the article:

Comment anonymously. Login not required.