Thanks for the reply, Matt. I think that would be helpful. For what it’s worth, I also tried adding the following, which doesn’t seem to have any effect (everything is still logged to access.log):
log /forbidden /log/forbidden.log
As a matter of fact, I can’t seem to get anything logged to /log/error.log either. Any idea why all 404 errors are being logged in access.log instead of the specified error.log?
4xx responses indicate client errors. The server received and responded to the request as expected (although with 404, for example, it obviously did not find what the client requested, so it appears the client made a mistaken request).
5xx responses indicate server errors and the actual generated errors should be logged in the error logs.
edit: I’m incorrect and >=400 should be logged as indicated (according to the errors docs).
Does /log/site-error.log exist and is it writable by Caddy?
And the ownership of site-error.log is identical to site-access.log?
I don’t think it should be a cause of issue, but what about ownership of ./?
Maybe try with a simplified Caddyfile - put up a test site at localhost with errors /log/site-error-test.log, make some bad requests to it, and see what it puts out.
It’s actually more complicated than just status codes. Each HTTP handler (middleware) returns two values: a status code integer and an error value: httpserver package - github.com/mholt/caddy/caddyhttp/httpserver - pkg.go.dev - if an error value is returned the errors middleware logs it. It doesn’t actually care what the status code is. Generally, middleware should NOT return an error value unless it is a 5xx error, but I suppose in some cases there are 4xx errors where a server operator might want an error message in the log (other than just “Not found” or something like that – something more useful that doesn’t get shown publicly).
The log middleware (access log) just logs requests, but it actually shouldn’t care what the response code is. It should just log it anyway. Does the access log not have those in there?
Don’t know about @justin, but I’m not seeing any issues with the access logs at all, it’s working fine. The errors log just doesn’t seem to mesh up with how it’s described in the errors directive documentation on caddyserver.com.