On 16.01.2015 20:52, C. Michael Pilato wrote: > On 01/16/2015 02:18 PM, Ivan Zhakov wrote: >> But I'm not sure that current behavior is the best. I'm thinking to >> implement the following logic in mod_authz_svn: use different log >> level whether access denied for subrequest or for primary request (the >> URL user actually tried to access). >> >> Does it make sense? >> >> The other open question is which error level use for these 'soft' >> access denied messages: >> a) info (Like we do for access granted messages) >> b) warning > It makes sense to me to log explicit attempts to hit an unreadable > resource differently than the somewhat unavoidable implicit attempts. > > As for log levels, is there any reason to log the implicit read attempts > at a level higher than "debug"?
Sounds good; I understand that there will be no equivalent entry in the access log for these sub-requests, so they're not really interesting to the admin in normal operations. > I have no opinion about the log level for the explicit ones. I believe a request for /private will return a 404 error, same as a request for a non-existent path. And IIRC these are normally logged at error level. -- Brane
