apache and reverse DNS hostname lookups
No, no, no, it ain't me babe!
Doing reverse DNS hostname lookups on every request in apache (to have those domain names in the log file) is a bad idea as it will slow your server down, everybody seems to agree on that. Yesterday I noticed one of our servers doing just that, despite me not having remembered turning that feature on. Took me a bit of searching and cursing to find the culprit.
There are a few reasons why Apache (or Apache 2) will start looking up hostnames:
- HostnameLookups on somewhere
- checking of allow / deny rules with domains instead of IP ranges, e.g. Allow from www.example.org or Deny from example.org
- a rewrite rule with a condition like RewriteCond %{REMOTE_HOST} www.example.com (the last two I found on this thread)
- update 2009-06-23 according to a post on a "simplywebhosting kb" , having Deny from none somewhere (this caused the problem to reappear for me one more time), apparently "none" is not a proper apache directive
- and the winner was: using %h in a LogFormat directive instead of %a (%h will give you the hostname, no matter what HostnameLookups says, %a will give you the IP address)
... and now please don't ask me why Apple (or is it Apache 2 at fault?) has the LogFormat with %h in their config on Mac OS X 10.5.