Turn off reverse DNS lookups for Apache access logging

If reverse DNS lookups are shown in your Apache access log, while you were expecting (and needing) IP addresses, this post may help.

htaccess ip address block
Figure 1: Example “.htaccess” file for blocking IP addresses

By default IP addresses are logged in the Apache access log “/var/log/apache2/access.log” unless you specify “HostnameLookups On” in “/etc/apache2/apache2.conf” (it is off by default). But if you are restricting access to specific content using an “.htaccess” file with an “allow from” or “deny from” construction this changes. If you have this in your “.htaccess” file IP addresses are logged:


deny from 14.23.32.41

But if you add a comment to the line like this reverse DNS lookups are logged:


deny from 14.23.32.41 # my home ip address

Cause and work-around

This is caused by “mod_authz_host” (which is enabled by default) that kicks in and converts the IP addresses to hostnames. The work-around is to put the comment on the previous line:


# my home ip address:
deny from 14.23.32.41

It also happens when you use a regular expression or a host name (which is more obvious). Plain IP addresses and CIDR notation do not trigger the conversion. Hopefully this post can save you some time.

Share

5 thoughts on “Turn off reverse DNS lookups for Apache access logging”

  1. “Hopefully this post can save you some time.”

    Sure ! This post just saved my life.

    Our mobile website was very slow, you just saved it 😉

    Lot of thanks !

    Joris

  2. Thanks! I had blocked the IP of someone scraping content from my site and commented it with the reason. Moving the comment to the preceding line fixed this for me. Is this a “bug” or a “feature”?

  3. @Damian: Great that this helped you. I do consider this to be a bug, but the software’s author will probably disagree 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *