nginx implementation

[i300220]

Hello,

Would like to make some websites I maintain compliant,

However, the $loggable variable is already in use and mapped to $uri for specific paths are exempted from logging.

nginx.conf: access_log /var/log/nginx/access.log combined if=$loggable;
snippets/unwanted_uri.conf: map $uri $loggable { ... }

Any suggestion? I know it could be a challenge because the unusual way nginx processes directives.

Thanks.

[void-elf]

Hi @i300220!

You don't have to use the variable names chosen in the guides. You could just replace every instance of $loggable with $dnt_loggable or whatever you like, that way there won't be two variables with the same name.

[i300220]

Hi,

Although I perfectly understand I could use another variable such as
snippets/unwanted_uri.conf: map $uri $loggable { ... }
map $http_dnt $dnt_loggable { ... }
as you suggested,

What I can't figure out is what to do with the access_log directive.
The 'if' test condition is already defined:
nginx.conf: access_log /var/log/nginx/access.log combined if=$loggable;

nginx is pretty limited in its configuration and doesn't accept booleans in conditions e.g. 'if = $loggable && $dnt_loggable'

[void-elf]

Hi @i300220. I'm sorry for misunderstanding your original question, and thank you for the clarification. I think I have an idea for a solution to your problem, but I need some time to test it out first. I'll get back to you in a few days.

[void-elf]

Hi @i300220, apologies for the incredibly delayed response.

Assuming this is all happening in a server block (otherwise you might not be able to use if), here's a potential solution:

## You have a bunch of code up here that initially sets the value of $loggable
## .......

if ($http_dnt) {
  set $loggable "";
} // if the DNT header is set to anything other than 0, it'll turn off logging

access_log /var/log/nginx/access.log combined if=$loggable;

Note: when I tested this, I had to use set $loggable "" instead of set $loggable 0 to get this to work. The nginx docs say that both should work, but that wasn't the case for me.

Please let me know if you need any more help or if that doesn't work for you.

[i300220]

Hey no problem. Totally makes sense. I already use set $loggable 0 to bybass some exceptional conditions. Your solution would be perfect. However in the meantime, I've limited log retaining to 10 days and will stick only to that without interfering with nginx/apache configuration. All will be managed by logrotate. In addition, I've disabled pingdom, google analytics at php level when dnt=1; Since newrelics doesn't support such conditional, I've stopped using it. With all my gratitude. * yomna (notifications@github.com) wrote:

…

Hi @i300220, apologies for the incredibly delayed response. Assuming this is all happening in a `server` block (otherwise you might not be able to use `if`), here's a potential solution: ``` ## You have a bunch of code up here that initially sets the value of $loggable ## ....... if ($http_dnt) { set $loggable ""; } // if the DNT header is set to anything other than 0, it'll turn off logging access_log /var/log/nginx/access.log combined if=$loggable; ``` Note: when I tested this, I had to use `set $loggable ""` instead of `set $loggable 0` to get this to work. The nginx docs say that both should work, but that wasn't the case for me. Please let me know if you need any more help or if that doesn't work for you. -- You are receiving this because you were mentioned. Reply to this email directly or view it on GitHub: #2 (comment)

[void-elf]

Alright, I'll go ahead and close this issue then. Feel free to open another if needed :)