diff --git a/debian/config-dir/apache2.conf.in b/debian/config-dir/apache2.conf.in
index 72220aabf3c105a76893a123c26a9144efd7c237..4b6b7202a722a140edec55e1afc778ef7a64226b 100644
--- a/debian/config-dir/apache2.conf.in
+++ b/debian/config-dir/apache2.conf.in
@@ -206,6 +206,9 @@ AccessFileName .htaccess
 # requested file), because the latter makes it impossible to detect partial
 # requests.
 #
+# The "privacy" format follows the format of the "combined" LogFormat but
+# with Personally Identifiable Information (PII) stripped out.
+#
 # Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
 # Use mod_remoteip instead.
 #
@@ -214,6 +217,8 @@ LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combine
 LogFormat "%h %l %u %t \"%r\" %>s %O" common
 LogFormat "%{Referer}i -> %U" referer
 LogFormat "%{User-agent}i" agent
+LogFormat "%v:%p 0.0.0.0 - - %{[%d/%b/%Y:00:00:00 %z]}t \"%r\" %>s %O \"%{Referer}i\" \"-\"" vhost_privacy
+LogFormat "0.0.0.0 - - %{[%d/%b/%Y:00:00:00 %z]}t \"%r\" %>s %O \"%{Referer}i\" \"-\"" privacy
 
 # Include of directories ignores editors' and dpkg's backup files,
 # see README.Debian for details.