I would like to stop Apache (2.2) from doing reverse lookups for client IP addresses. I have
HostnameLookups Off
and
LogFormat "%h %l %u %t %V \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" port:%p" combined_vhost
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
in httpd.conf but Apache still in many cases often does the lookups and writes down domain names instead of IP addresses into accesslogs.
I need the IPs from accesslogs to block them on firewall.
If it is not possible to set this up in Apache config., maybe it can be done in the bind config. On the machine I need to fix, bind runs as local recursive resolver.
The domain names are useless because they can't be resolved back to the original IP address (seems there is intentional lack of usual DNS A/AAAA record for these domain names).
Do not use names anywhere in configuration, just IP addresses and change the configuration format to log only IP addresses.
It is unclear however why you want to do that, you are creating a nightmare maintenance for yourself. IP addresses do change sometimes...
That is not a problem at all. The DNS will timeout or return an error and life goes on.
There is a LogFormat directive which tell Apache what should be written to accesslogs. For preferring IP address to hostname, there is the format string %a.
For Apache 2.2 LogFormat documentation, see
https://httpd.apache.org/docs/2.2/mod/mod_log_config.html#formats
When LogFormat is changed in a virtualhost context, it seems to have no effect; I tried changing %h into %a in a virtualhost block but still hostnames were being written into virtual host's accesslog.
But then I made the change in the global configuration file httpd.conf, and this helped. Now apache logs always IP addresses, not hostnames.