Hi,
What you have looks reasonable, PT should be URL-to-URL.
You might try logging %f in your logformat.
I've added %f and it just shows some of what looks like components from
the 404 page, not the redirected page.
What kind of handler is meant to handle these requests and how is it configured?
Do you mean php-fpm?
SetHandler "proxy:unix:/run/php-fpm/linuxsecurity.sock|fcgi://localhost"
This is the first log entry:
f:proxy:fcgi://localhost/var/www/linuxsecurity.com/html/index.php
68.195.111.33 - - [08/Mar/2024:15:29:19 -0500] "GET /content/view/161567
HTTP/1.1" 404 2983 "-" "Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36"
X:"SAMEORIGIN" 0/932130 1690/11576/2983 H:HTTP/1.1
U:/news/hackscracks/historic-hacker-attack-on-ebay-happened-3-months-ago
ls443 s:404 V:linuxsecurity.com v:linuxsecurity.com
Thanks,
Dave