By default, Apache logs only basic information about incoming requests, such as the client's IP address, the requested URL, and the response status code. However, the actual data sent in a POST request, which is often the most critical part of the interaction, is not logged.

Logging POST request data in an Apache server can be essential for debugging, monitoring, or auditing purposes. POST requests are commonly used in web forms, API calls, and other web interactions to send data from the client to the server.

To capture POST data, you'll need to use the mod_dumpio module. This involves risks, especially if sensitive data is being sent in POST requests. Ensure that you're compliant with privacy regulations and best practices when logging POST data. Logging POST request data can also significantly increase log file sizes.

Steps to log HTTP request body in Apache:

  1. Enable dumpio module for Apache.
    $ sudo a2enmod dump_io # Ubuntu and Debian
    Enabling module dump_io.
    To activate the new configuration, you need to run:
      systemctl restart apache2
    $ sudo a2enmod dumpio # SUSE
    • Distribution with a2enmod support can simply run the command above without having to manually enable the required modules.
    • Fedora, CentOS and Red Hat enables the module by default so requires no manual action to enable the modules.
    Options Debian, Ubuntu openSUSE and SLES Fedora Core, CentOS, RHEL macOS homebrew xampp
    a2enmod support yes yes no no no no
    Modules to install none
    Module name n/a dumpio
    Loadmodule directive n/a LoadModule dumpio_module <module_locations>/mod_dumpio.so
  2. Open Apache's VirtualHost configuration for your website using your preferred text editor.
    $ sudo vi /etc/apache2/sites-enabled/000-default.conf
  3. Add the following directives to enable mod_dumpio and set the desired log level.
    <VirtualHost *:80>
      ##### snipped
     
      DumpIOInput On
      DumpIOOutput On
      LogLevel dumpio:trace7
    </VirtualHost>
    Directive Description
    DumpIOInput Enables or disables the logging of input data (like POST data). On means it's enabled.
    DumpIOOutput Enables or disables the logging of output data sent from the server to the client. On means enabled.
    LogLevel Sets the verbosity level of the logs. dumpio:trace7 is one of the most verbose levels.
  4. Save and exit the text editor.
  5. Restart Apache to apply the changes.
    $ sudo systemctl restart apache2 # Ubuntu, Debian, openSUSE and SLES
    $ sudo systemctl restart httpd # CentOS and Red Hat
  6. Make a POST request to your Apache server to test.
    $ curl -XPOST --data "field01=value01&field02=value02" 127.0.0.1
  7. Check Apache's error log to see the logged HTTP request body.
    $ sudo grep field01  /var/log/apache2/error.log
    [Sat Sep 02 07:22:55.645309 2023] [dumpio:trace7] [pid 3455:tid 281473037431072] mod_dumpio.c(100): [client 127.0.0.1:37492] mod_dumpio:  dumpio_in (data-HEAP): field01=value01&field02=value02

    Consider disabling mod_dumpio or adjusting the log level to reduce the verbosity once you've finished debugging or monitoring. This will help in maintaining the performance and security of your server.

Discuss the article:

Comment anonymously. Login not required.