아파치 로그 파일 - 특이한 녀석들은 따로 담거나 없애기
페이지 정보
본문
<span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">아파치 로그 파일 - 특이한 녀석들은 따로 담거나 없애기 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">* 제목이 좀 이상하네요........^.^ </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">작성자 : 김칠봉 <san2(at)linuxchannel.net> </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">작성일 : 2001. 04. 30 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">대상자 : 초보 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">- 힌트 URL : 임은재님이 쓴 글을 보고 나서 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> </span><a href="http://kltp.kldp.org/stories.php?story=00/10/22/9724184" target="_blank" style="text-decoration: none; color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">http://kltp.kldp.org/stories.php?story=00/10/22/9724184</a><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">- 관련 문서 : 아파치 제공 문서 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> </span><a href="http://httpd.apache.org/docs/mod/mod_log_config.html" target="_blank" style="text-decoration: none; color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">http://httpd.apache.org/docs/mod/mod_log_config.html</a><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> </span><a href="http://httpd.apache.org/docs/mod/mod_setenvif.html" target="_blank" style="text-decoration: none; color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">http://httpd.apache.org/docs/mod/mod_setenvif.html</a><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">목차 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">1. 배경 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">2. 기초지식 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> 2-1. 로그포맷과 CustomLog 지시자 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> 2-2. 아파치 환경변수 설정 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">3. 예제 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> 3-1. 특정 IP 주소만 환경변수로 설정하기 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> 3-2. 특정 타입의 파일만 환경변수로 설정하기 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> 3-3. 특정 User-Agent 만 환경변수로 설정하기 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> 3-4. 종합예제 : 사오정(?) 로그 분석 피하기 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">------------------------------------------ </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">1. 배경 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">몇 달 전부터 Webalizer 라는 로그 분석기로 제가(이하 '필자') 운영하는 싸이트의 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">로그를 대충 분석(?)해 봤는데 사오정(?) 분석이 되어 버렸더군요. </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">결정적으로 필자가 운영하는 싸이트의 대부분은 php로 구성되어 있는데, 이는 실제로 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> - 방문자 외에 localhost에서 php가 실행하는 로그 기록 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> - 로봇들의 접근 기록 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> - 운영자(필자)가 접근한 로그 기록 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> 등등이 함께 기록되어 있어 순수 방문자 통계에 약간 덜(?) 정확한 통계가 나오더군요. </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> 따라서 이런 유형들의 로그는 없애거나 따로 로그기록하는 것이 낫을 것 같더군요. </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> 위의 내용이 이하 다루는 내용입니다. </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">2. 기초지식 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">2-1. 로그포맷과 CustomLog 지시자 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">Module mod_log_config 은 아파치 기본 모듈입니다. </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> 로그 포맷 스트링 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %a : 원격의 IP 주소 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %b : 헤더를 포함한 전송량(bytes) </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %{var}e : 환경 변수 "var" </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %f : 파일이름 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %h : 원격의 호스트 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %{hdr}i : 서버에 들어오는(요청) 헤더 값 "hdr" </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %l : 원격의 로그인 ID(지원한다면) </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %{label}n : 다른 모듈에서 "label" 구성 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %{hdr}o : 응답 헤더 값 "hdr" </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %p : 서버의 Canonical 포트 번호 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %P : 자식 프로세스 ID(PID) </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %r : 첫번째 요청 라인 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %s : 상태코드 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %t : 시간 포맷(CLF 포맷) </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %{format}t : "format"으로 구성된 시간 포맷 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %T : 서버에 요청하는 시간(초) </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %u : 원격의 유저이름(인증시) </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %U : 요청한 URL </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %v : 클라이언트 요청에 따른 Canonical 서버네임 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> %V : UseCanonicalName 설정에 따른 서버네임 </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">일반적으로 아파치를 설치하고 나면, 다음과 같이 기본설정되어 있을 겁니다. </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal">(굳지 수정할 필요없음) </span><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><br style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal" /><span style="color: rgb(85, 85, 85); font-family: 굴림, seoul, helvetica; line-height: normal"> LogFormat "%h %l %u %t \\%r\\" %>s %b \\"%{Referer}i\\" \\"%{User-Agent}i\\""" combined </span><br style=""color: rgb(85
관련링크
- 이전글zero보드 bbs/skin/view.php 파일 해킹경고 00.00.00
댓글목록
등록된 댓글이 없습니다.