access_log to track failed logins

AJ Weber aweber at
Thu Dec 20 14:01:54 UTC 2012

This solution worked.  Many thanks to you AND Francis for your replies 
to help.

I always cringe when using the if-statement because of the "bad press" 
it's gotten in the past.  I understand the push to use "location" 
wherever possible, but sometimes a well-placed, simple if-statement is 
exactly what's needed!

Now the logging is working, and I wrote a (really just modified an 
existing) fail2ban "jail" to watch for IP's trying to hack the site.  
Nothing's foolproof, but every little bit helps!

Thanks to all again,

On 12/19/2012 4:11 AM, Antonio P.P. Almeida wrote:
>> I have a login page that redirects (actually appends the parameter
>> "?error=true" to the URL and lets the user try again).
>> I was trying to re-define "access_log" with a full path and (for now)
>> "combined" to a separate file in that location in hopes of tracking
>> failed logins in a separate log.  Originally, I had a regex nested
>> location for the error redirect, then I took it out and put it in its
>> own location.  Nothing seems to work.
>> This doesn't seem to work at all.  An empty log gets created at startup,
>> but nothing ever gets written there.  Is it because the access logging
>> is already done by the time the location is determined?
>> How can I somehow log when someone accesses the "login" page with the
>> "error=true" parameter on the URL?
> Try at the http level:
> map $arg_error $log_error {
>     default 0;
>     true 1;
> }
> and at the server level:
> error_page 418 @log-error;
> if ($log_error) {
>      return 418;
> }
> location @log-error {
>      access_log my_special.log;
> }
> --appa
> _______________________________________________
> nginx mailing list
> nginx at

More information about the nginx mailing list