Why logging twice?

Once, my server was Apache-Plesk, then became Apache-Cpanel. Since it became Cpanel, I can’t access Apache’s server logs anymore (it’s a choice my hoster made, don’t worry about). A viable workaround has shown to be CountryBlocker’s log-feature. But why do you log each access twice, like that:

{"time":"xxx","client_ip":"yyy","country":"ZZ","is_proxy":"","proxy_type":"","lookup_by":"BIN","cache":false,"uri":"uuu":"Country not in the list.","action":"BLOCKED"}

{"time":"xxx","client_ip":"yyy","country":"ZZ","is_proxy":"","proxy_type":"","lookup_by":"BIN","cache":false,"uri":"uuu","message":"Access denied.","action":"ABORTED"}

while time, client_ip, country and uri are exactly the same in both the messages? It would be smart, to log only once. Because your log afterwards is being used to feed NCSC, and filtering out the doublets makes a lot of work. This leads to the next question:

For those with free plan (like me); could you cut the proxy too?

• This topic was modified 1 week, 6 days ago by marisol3007.