How to configure Apache to log POST request data

By default, Apache logs basic request metadata, including the client’s IP address, requested URL, and HTTP response codes. Logging the actual POST data is disabled, though it can be critical for debugging and monitoring.

Capturing POST data requires loading specific Apache modules and adjusting configuration directives that govern how requests are recorded. This process can reveal sensitive information, so adhering to privacy regulations and implementing strict access controls is essential.

Enabling such detailed logging may increase log sizes and affect server performance, making it necessary to balance observability with efficiency. Comprehensive configuration and careful monitoring help ensure that Apache logs required data without compromising system resources.

Steps to log POST request data in Apache:

Enable the mod_dumpio module on your Apache server.

$ sudo a2enmod dump_io # Ubuntu and Debian
Enabling module dump_io.
To activate the new configuration, you need to run:
  systemctl restart apache2
$ sudo a2enmod dumpio # SUSE

Distribution with a2enmod support can simply run the command above without having to manually enable the required modules.
Fedora, CentOS and Red Hat enables the module by default so requires no manual action to enable the modules.

Options	Debian, Ubuntu	openSUSE and SLES	Fedora Core, CentOS, RHEL	macOS	homebrew	xampp
a2enmod support	yes	yes	no	no	no	no
Modules to install	none
Module name	n/a			dumpio
Loadmodule directive	n/a			LoadModule dumpio_module <module_locations>/mod_dumpio.so

Open the Apache VirtualHost configuration file for your website.
```
$ sudo vi /etc/apache2/sites-enabled/000-default.conf
```
Related: Location for Apache VirtualHost configuration files

Add the following directives to enable mod_dumpio and set the desired log level.

<VirtualHost *:80>
  ##### snipped
 
  DumpIOInput On
  DumpIOOutput On
  LogLevel dumpio:trace7
</VirtualHost>

Directive	Description
DumpIOInput	Enables or disables the logging of input data (like POST data). On means it's enabled.
DumpIOOutput	Enables or disables the logging of output data sent from the server to the client. On means enabled.
LogLevel	Sets the verbosity level of the logs. dumpio:trace7 is one of the most verbose levels.

Save and exit the text editor.

Restart Apache to apply the changes.

$ sudo systemctl restart apache2 # Ubuntu, Debian, openSUSE and SLES
$ sudo systemctl restart httpd # CentOS and Red Hat

Send a POST request to test the logging configuration.

$ curl -XPOST --data "field01=value01&field02=value02" 127.0.0.1

Check the Apache error log to verify that the POST data is being logged.
```
$ sudo grep field01  /var/log/apache2/error.log
[Sat Sep 02 07:22:55.645309 2023] [dumpio:trace7] [pid 3455:tid 281473037431072] mod_dumpio.c(100): [client 127.0.0.1:37492] mod_dumpio:  dumpio_in (data-HEAP): field01=value01&field02=value02
```
Consider disabling mod_dumpio or adjusting the log level to reduce the verbosity once you've finished debugging or monitoring. This will help in maintaining the performance and security of your server.

Author: Mohd Shakir Zakaria
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.

Discuss the article:

Comment anonymously. Login not required.