How to dump entire HTTP requests with apache

Solution 1:

I think what you want instead of Apache might be a packet analyzer, Also known as a packet sniffer. Two of the most popular ones are probably TCPDump and Wireshark, both of which are free and have versions for Windows and *nix operating systems. These will show you all traffic coming in on an interface, not just what Apache sees. But you can use filters to restrict to a specified port, such as 80 for http.

tcpdump:
The following command run from the server will show you all packets destined for port 80:

sudo tcpdump -s 0 -X 'tcp dst port 80'

The capital X switch dumps the payload in hex and ASCII. The s switch with 0 means to get the whole packet. 'tcp dst port 80' means to filter and only show packets destined for port 80 in the tcp header.

Wireshark:
For the more user friendly version, if you have a GUI running, consider wireshark (formally known as ethereal).

Solution 2:

maybe dumping of cookies ? otherwise - look at mod_dumpio.

---

Solution 3:

Basic packet sniffing is easy with ngrep a hybrid of tcpdump and grep. In certain scenarios if you are desirous to see how web browsers communicate with web servers, and to inspect the HTTP headers.
In this example, run an ngrep on a webserver like this:

$ ngrep port 80

you can also choose to filter the http request to the "GET /" request to port 80 by :

$ ngrep -q '^GET .* HTTP/1.[01]'

Client side, there are a useful tool named Tamper Data it is a Firefox Extension which gives you the power to view, record and even modify outgoing HTTP requests.
You can find more information here

---

Solution 4:

Rather than using tcpdump or wireshark, use tcpflow. It is a drop in replacement for tcpdump, but creates a file for each side of every connection, so you don't have to attempt to decode the stream yourself.