Apache logs - viewing POST data?

Hello,

I suspect that somebody is trying to do SQL injections on one of my websites. Is the POST information that is send using forms logged anywhere so I can read it in the same way I can read the GET requests in Apache logs?

Thanks

Straight forward answer, no.

You can build into apache to do so however if you are asking that question I would imagine that’s not an option.

The only way to log it is to use the target scripts functionalites to record it, such as php you could use $postdata = print_r($_POST,true);



  if(is_array($_POST) || is_array($_GET)){
		$atpage = $_SERVER['PHP_SELF'];
		$p = 0;
		foreach ($_POST as $varname => $varvalue) {
			$post_vars .= "$varname $varvalue <br> ";
			$p++;	
		}
		$g = 0;
		foreach ($_GET as $varname => $varvalue) {
			$get_vars .= "$varname $varvalue <br> ";	
			$g++;
		}	
	
		
	
		if($p > 0 || $g > 0){
			mysql_query("INSERT INTO `track` ( `id` , `user` , `post` , `get` , `location` ) VALUES (NULL , '$username', '$post_vars', '$get_vars', '$atpage')");
		}
		
  }


I use this at my site, where sql injection and other ways to fool my script is VERY popular.

Thanks.

Now that I saw what zenanthor posted I am thinking if there is some sort of script that you can have at the top of all pages to not only record the variables but also check them and if there is something suspicious to stop the script from running.

If for example the names or attributes of the database tables are mentioned in some POST or GET variable to stop the script from running.

You may wish to mysql_escape_string those variables, FYI.

Have a look at mod_security.