Description: Controls the verbosity of the ErrorLog
Syntax: LogLevel [module:]level [module:level] ...
Default: LogLevel warn
Context: server config, virtual host, directory
Status: Core
Module: core
Compatibility: Per-module and per-directory configuration is available in Apache HTTP Server 2.3.6 and later
LogLevel adjusts the verbosity of the messages recorded in the error logs (see ErrorLog directive).
The following levels are available, in order of decreasing significance:
Level Description Example
emerg Emergencies - system is unusable. "Child cannot open lock file. Exiting"
alert Action must be taken immediately. "getpwuid: couldn't determine user name from uid"
crit Critical Conditions. "socket: Failed to get a socket, exiting child"
error Error conditions. "Premature end of script headers"
warn Warning conditions. "child process 1234 did not exit, sending another SIGHUP"
notice Normal but significant condition. "httpd: caught SIGBUS, attempting to dump core in ..."
info Informational. "Server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers)..."
debug Debug-level messages "Opening config file ..."
trace1 Trace messages "proxy: FTP: control connection complete"
trace2 Trace messages "proxy: CONNECT: sending the CONNECT request to the remote proxy"
trace3 Trace messages "openssl: Handshake: start"
trace4 Trace messages "read from buffered SSL brigade, mode 0, 17 bytes"
trace5 Trace messages "map lookup FAILED: map=rewritemap key=keyname"
trace6 Trace messages "cache lookup FAILED, forcing new map lookup"
trace7 Trace messages, dumping large amounts of data "| 0000: 02 23 44 30 13 40 ac 34 df 3d bf 9a 19 49 39 15 |"
trace8 Trace messages, dumping large amounts of data "| 0000: 02 23 44 30 13 40 ac 34 df 3d bf 9a 19 49 39 15 |"
When a particular level is specified, messages from all other levels of higher significance will be reported as well.
E.g., when LogLevel info is specified, then messages with log levels of notice and warn will also be posted.
Using a level of at least crit is recommended.
For example:
LogLevel notice
Note
When logging to a regular file, messages of the level notice cannot be suppressed and thus are always logged. However, this doesn't apply when logging is done using syslog.
Specifying a level without a module name will reset the level for all modules to that level.
Specifying a level with a module name will set the level for that module only.
It is possible to use the module source file name, the module identifier, or the module identifier with the trailing _module omitted as module specification.
This means the following three specifications are equivalent:
LogLevel info ssl:warn
LogLevel info mod_ssl.c:warn
LogLevel info ssl_module:warn
It is also possible to change the level per directory:
LogLevel info
<Directory "/usr/local/apache/htdocs/app">
LogLevel debug
</Directory>
Per directory loglevel configuration only affects messages that are logged after the request has been parsed and that are associated
Hello,
I tried searching through lot of threads for a solution but couldn't fetch the exact solution, so I am creating a new thread.
I am trying to connect to a FTP server
1) using a simple FTP command, it gives the error :
534 Policy requires SSL.
Login failed.
2) using SFTP... (19 Replies)
We have a production server at a client site running AIX. And recently when users are trying to connect to it via telnet, it prompts "No more multiple IP addresses to connect".
Can I know what does this error mean? and how to rectify this?
Thanks. (2 Replies)
I have a ubuntu server running subsonic as a web app. Currently the web interface is available from port 4040 for https connections and 4141 for https connections with the context /subsonic as follows:
http://mydomain:4040/subsonic
https://mydomain:4141/subsonic
I would like to loose the port... (0 Replies)
I am having a hard time with this one. We have a websocket server listening on port 80 at myserver.com/wsDemo?ID=12. We need to test a client program by connecting it to this server through a proxy. I am trying nginx 1.2.7 as the proxy on port 8080, running on proxy-server. We want the client to... (1 Reply)
Hi all, I have a web app with the following pages, browse.jsp and shopping.jsp. I want to protect shopping.jsp with https. (https is only between browser and apache httpd server.)The https for the shopping.jsp page will terminate at the web server.
From web server to tomcat application server... (0 Replies)
The below error message I started seeing using Ubuntu 14.04 and was wondering if the forum has seen it because I cant seem much on the net for this:
perl -e 'use IO::Socket::SSL qw(debug3);IO::Socket::SSL->new(PeerAddr=>"10.0.0.100",PeerPort=> 443,Proto=>"TCP") or die $!'
DEBUG:... (1 Reply)
Tryied both ways curl and wget
wget --no-check-certificate https://mysitet.it:61617
--2017-05-05 17:29:02-- https://mysitet.it:61617/
Connecting to myproxy:8080... connected.
Proxy tunneling failed: ForbiddenUnable to establish SSL connection.
curl https://mysite.it:61617
curl: (56)... (3 Replies)
Discussion started by: charli1
3 Replies
LEARN ABOUT DEBIAN
sslh
SSLH(1p) User Contributed Perl Documentation SSLH(1p)NAME
sslh - Switch incoming connection between SSH and SSL/HTTPS servers
SYNOPSIS
sslh [ -v ] [ -p [host:]port ] [ -t timeout ]
[ --ssh [host:]port ] [ --ssl [host:]port ]
DESCRIPTION
sslh is a simple script that lets you switch an incoming connection on a single port between distinct SSH and SSL/HTTPS servers.
sslh listens for connections on a port and is able to redirect them either to an HTTPS web server or a SSH server.
This lets one setup both a HTTPS web server and a SSH server and access them through the same host+port.
OPTIONS
The program follows the usual GNU command line syntax, with long options starting with two dashes.
-p, --port [host:]port
The port the proxy will listen to. If no port is given, 443 is used by default. If no host is given, "localhost" is used by default.
-s, --ssh [host:]port
The SSH server which the SSH connections must be forwarded to. If omitted, the default is localhost:22.
-l, --ssl, --https [host:]port
The HTTPS server which the HTTPS connections must be forwarded to. If omitted, the default is localhost:443.
-t, --timeout delay
Timeout in seconds before a silent incoming connection is considered as a SSH connection. The number can be fractional.
The default is 2seconds.
-v, --verbose
Verbose output. This option can be used several times for more verbose output.
EXAMPLE OF USE
Is this tool actually useful? Yes.
For example one can use it to access both a SSH server and a secure web server via a corporate proxy that only accepts to relay connections
to port 443. Creating a tunnel that passes SSH connection through a CONNECT-enabled web proxy is easy with connect-tunnel (also included in
the "Net::Proxy" distribution).
The proxy will let both SSH and HTTPS connections out (since they all point to port 443), and the home server will connect those incoming
connections to the appropriate server. This only requires to run the HTTPS server on a non standard port (not 443).
TECHNICAL NOTE
How can this proxy find out what kind of protocol is using a TCP connection to port 443, without being connected (yet) to the server? We
actually rely on a slight difference between the SSL and SSH protocols (found thanks to ethereal):
SSH Once the TCP connection is established, the server speaks first, presenting itself by saying something like:
SSH-2.0-OpenSSH_3.6.1p2 Debian 1:3.6.1p2-1
SSL With SSL, it's always the client that speaks first.
This means that sslh can be used with any pair of protocols/services that share this property (the client speaks first for one and the
server speaks first for the other).
AUTHORS
Original idea and C version
Frederic Ple "<sslh@wattoo.org>".
Perl versions
Philippe 'BooK' Bruhat "<book@cpan.org>".
SCRIPT HISTORY
Version 0.01 of the script was a quick hack designed in 2003 as a proof of concept.
Version 0.02 (and higher) are based on "Net::Proxy", and included with the "Net::Proxy" distribution. Version 0.02 didn't work, though.
Version 0.03 correctly initialised the "in" connector.
Version 0.04 lets the proxy listen on any address (instead of "localhost", which is still the default). Thanks to Dieter Voegtli for
spotting this.
SEE ALSO
Net::Proxy, Net::Proxy::Connector::dual.
COPYRIGHT
Copyright 2003-2006, Philippe Bruhat. All rights reserved.
LICENSE
This module is free software; you can redistribute it or modify it under the same terms as Perl itself.
perl v5.10.1 2009-10-18 SSLH(1p)