The IdentityCheck directive causes the server to
attempt to identify the client’s user by querying
the identd
daemon of the client host. (See RFC
1413 for details, but the short explanation is that
identd will, when given a socket number, reveal
which user created that socket — that is, the username of the
client on his home machine.)
IdentityCheck [on|off]
If successful, the user ID is logged in the access log. However, as
the Apache manual austerely remarks, you should “not
trust this information in any way except for rudimentary usage
tracking.” Furthermore (or perhaps, furtherless),
this extra logging slows Apache down, and many machines do not run an
identd daemon, or if they do, they prevent
external access to it. Even if the client’s machine
is running identd, the information it provides
is entirely under the control of the remote machine. Many providers
find that it is not worth the trouble to use
IdentityCheck.