I've always been slightly annoyed with Apache 401 "unauthorized" log
entries
when accessing a Subversion repository. I realize these are part of the
standard authentication "handshake" via the http protocol.
(Always ask anonymously first...)
I also realize that mod_dav_svn can now provide a custom log file, but I
like
my apache logs. On a busy server, these can get to be tens of gigabytes
per
day. I'm not aware of a way to limit log entries based upon return status
codes...
As a test, I think I have been able to abuse the rewrite_module to get rid
of these apache 401 log entries and I was wondering if any
Apache/Subversion
gurus could poke holes in why this either doesn't work or shouldn't be
used:
<IfModule rewrite_module>
# Do not log authentication required responses
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteCond %{LA-U:REMOTE_USER} =""
RewriteCond %{REQUEST_URI} !-U
RewriteRule .* - [Last, ENV=dontlog:1]
</IfModule>
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog "logs/access.log" common env=!dontlog
</IfModule>
I'm aware the sub-request for the last RewriteCond line is expensive. I'm
hopeful the other RewriteCond lines would short circuit most of the server
accesses. Does Subversion create any connections with something
other than an initial OPTIONS request? I only trivially tested neon. I
added
that condition as a hopeful performance improvement.
And yes, as I stated above, I realize Subversion can create it's own
custom log, but using that removes the fun in this experiment...
Kevin R.
