How to stop Apache mod_rewrite log message [Apache]

Updated on December 3, 2021

I had written a few rewrite rules to disable HTTP TRACE and TRACK as part of VAPT. When looking at the httpd logs, a dozen of [rewrite:trace3] warning messages are logged per request and the actual error messages were lost. Below are the warning message snippets. This article will show you how to stop the Apache mod_rewrite log messages.

[Wed Nov 24 14:42:27.764555 2021] [rewrite:trace3] [pid 26610] mod_rewrite.c(470): [client] - - [][rid#55fa32f64fe0/initial] [perdir /var/www/html/admin/] add path info postfix: /var/www/html/admin/login -> /var/www/html/admin/login/
[Wed Nov 24 14:42:27.764657 2021] [rewrite:trace3] [pid 26610] mod_rewrite.c(470): [client] - - [][rid#55fa32f64fe0/initial] [perdir /var/www/html/admin/] strip per-dir prefix: /var/www/html/admin/login/ -> login/
[Wed Nov 24 14:42:27.764667 2021] [rewrite:trace3] [pid 26610] mod_rewrite.c(470): [client] - - [][rid#55fa32f64fe0/initial] [perdir /var/www/html/admin/] applying pattern '.*' to uri 'login/'
[Wed Nov 24 14:42:27.764781 2021] [rewrite:trace5] [pid 26610] mod_rewrite.c(470): [client] - - [][rid#55fa32f64fe0/initial] setting env variable 'HTTP_AUTHORIZATION' to ''
[Wed Nov 24 14:42:27.764793 2021] [rewrite:trace3] [pid 26610] mod_rewrite.c(470): [client] - - [][rid#55fa32f64fe0/initial] [perdir /var/www/html/admin/] add path info postfix: /var/www/html/admin/login -> /var/www/html/admin/login/

How to stop Apache mod_rewrite log message?

Generally, mod_rewrite applies each rule and tests whether it should be applied or not, and captures this event in the log file.  This additional level of logging is not enabled by default, someone has explicitly enabled it in the server config and inadvertently left it enabled. Search for the below entry either in the webserver config file (httpd.conf) or in your virtual host configuration.

LogLevel rewrite:trace3

You can either remove it  or comment it out or set it to the default as below:

LogLevel warn
Above Rewrite log should never be enabled permanently on a production server

For more LogLevel directives refer to Apache documentation.

Was this article helpful?

Related Articles

Leave a Comment