diff --git a/docs/manual/ssl/ssl_howto.xml b/docs/manual/ssl/ssl_howto.xml
index df90aa08d4..512622a5b0 100644
--- a/docs/manual/ssl/ssl_howto.xml
+++ b/docs/manual/ssl/ssl_howto.xml
@@ -301,5 +301,16 @@ Require              valid-user
 </section>
 <!-- /access control -->
 
+<section id="logging">
+    <title>Logging</title>
+
+    <p><module>mod_ssl</module> can log extremely verbose debugging information
+    to the error log, when its <directive module="core">LogLevel</directive> is
+    set to the higher trace levels. On the other hand, on a very busy server,
+    level <code>info</code> may already be too much. Remember that you can
+    configure the <directive module="core">LogLevel</directive> per module to
+    suite your needs.</p>
+</section>
+
 </manualpage>
 
diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c
index 01f8d8aee1..603a00e7c7 100644
--- a/modules/ssl/mod_ssl.c
+++ b/modules/ssl/mod_ssl.c
@@ -130,9 +130,6 @@ static const command_rec ssl_config_cmds[] = {
                 "Enable support for insecure renegotiation")
     SSL_CMD_ALL(UserName, TAKE1,
                 "Set user name to SSL variable value")
-    SSL_CMD_SRV(LogLevelDebugDump, TAKE1,
-                "Include I/O Dump when LogLevel is set to Debug "
-                "([ None (default) | IO (not bytes) | Bytes ])")
     SSL_CMD_SRV(StrictSNIVHostCheck, FLAG,
                 "Strict SNI virtual host checking")
 
diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c
index cdfc733490..ec9dd5d0a8 100644
--- a/modules/ssl/ssl_engine_config.c
+++ b/modules/ssl/ssl_engine_config.c
@@ -186,7 +186,6 @@ static SSLSrvConfigRec *ssl_config_server_new(apr_pool_t *p)
     sc->session_cache_timeout  = UNSET;
     sc->cipher_server_pref     = UNSET;
     sc->insecure_reneg         = UNSET;
-    sc->ssl_log_level          = SSL_LOG_UNSET;
     sc->proxy_ssl_check_peer_expire = SSL_ENABLED_UNSET;
     sc->proxy_ssl_check_peer_cn     = SSL_ENABLED_UNSET;
 #ifndef OPENSSL_NO_TLSEXT
@@ -299,7 +298,6 @@ void *ssl_config_server_merge(apr_pool_t *p, void *basev, void *addv)
     cfgMergeInt(session_cache_timeout);
     cfgMergeBool(cipher_server_pref);
     cfgMergeBool(insecure_reneg);
-    cfgMerge(ssl_log_level, SSL_LOG_UNSET);
     cfgMerge(proxy_ssl_check_peer_expire, SSL_ENABLED_UNSET);
     cfgMerge(proxy_ssl_check_peer_cn, SSL_ENABLED_UNSET);
 #ifndef OPENSSL_NO_TLSEXT
@@ -1073,30 +1071,6 @@ const char *ssl_cmd_SSLSessionCacheTimeout(cmd_parms *cmd,
     return NULL;
 }
 
-const char *ssl_cmd_SSLLogLevelDebugDump(cmd_parms *cmd,
-                                         void *dcfg,
-                                         const char *arg)
-{
-    SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
-
-    if (strcEQ(arg, "none") || strcEQ(arg, "off")) {
-        sc->ssl_log_level = SSL_LOG_NONE;
-    }
-    else if (strcEQ(arg, "io") || strcEQ(arg, "i/o")) {
-        sc->ssl_log_level = SSL_LOG_IO;
-    }
-    else if (strcEQ(arg, "bytes") || strcEQ(arg, "on")) {
-        sc->ssl_log_level = SSL_LOG_BYTES;
-    }
-    else {
-        return apr_pstrcat(cmd->temp_pool, cmd->cmd->name,
-                           ": Invalid argument '", arg, "'",
-                           NULL);
-    }
-
-    return NULL;
-}
-
 const char *ssl_cmd_SSLOptions(cmd_parms *cmd,
                                void *dcfg,
                                const char *arg)
diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c
index 762a03b569..33ca726147 100644
--- a/modules/ssl/ssl_engine_io.c
+++ b/modules/ssl/ssl_engine_io.c
@@ -1717,8 +1717,6 @@ static void ssl_io_input_add_filter(ssl_filter_ctx_t *filter_ctx, conn_rec *c,
 void ssl_io_filter_init(conn_rec *c, request_rec *r, SSL *ssl)
 {
     ssl_filter_ctx_t *filter_ctx;
-    server_rec *s = c->base_server;
-    SSLSrvConfigRec *sc = mySrvConfig(s);
 
     filter_ctx = apr_palloc(c->pool, sizeof(ssl_filter_ctx_t));
 
@@ -1742,7 +1740,7 @@ void ssl_io_filter_init(conn_rec *c, request_rec *r, SSL *ssl)
     apr_pool_cleanup_register(c->pool, (void*)filter_ctx,
                               ssl_io_filter_cleanup, apr_pool_cleanup_null);
 
-    if (APLOGcdebug(c) && (sc->ssl_log_level >= SSL_LOG_IO)) {
+    if (APLOGctrace4(c)) {
         BIO_set_callback(SSL_get_rbio(ssl), ssl_io_data_cb);
         BIO_set_callback_arg(SSL_get_rbio(ssl), (void *)ssl);
     }
@@ -1783,7 +1781,7 @@ static void ssl_io_data_dump(server_rec *srvr,
     rows = (len / DUMP_WIDTH);
     if ((rows * DUMP_WIDTH) < len)
         rows++;
-    ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, srvr,
+    ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, srvr,
             "+-------------------------------------------------------------------------+");
     for(i = 0 ; i< rows; i++) {
 #if APR_CHARSET_EBCDIC
@@ -1822,13 +1820,13 @@ static void ssl_io_data_dump(server_rec *srvr,
             }
         }
         apr_cpystrn(buf+strlen(buf), " |", sizeof(buf)-strlen(buf));
-        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, srvr,
+        ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, srvr,
                      "%s", buf);
     }
     if (trunc > 0)
-        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, srvr,
+        ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, srvr,
                 "| %04ld - <SPACES/NULS>", len + trunc);
-    ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, srvr,
+    ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, srvr,
             "+-------------------------------------------------------------------------+");
     return;
 }
@@ -1852,18 +1850,18 @@ long ssl_io_data_cb(BIO *bio, int cmd,
     if (   cmd == (BIO_CB_WRITE|BIO_CB_RETURN)
         || cmd == (BIO_CB_READ |BIO_CB_RETURN) ) {
         if (rc >= 0) {
-            ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
+            ap_log_error(APLOG_MARK, APLOG_TRACE4, 0, s,
                     "%s: %s %ld/%d bytes %s BIO#%pp [mem: %pp] %s",
                     SSL_LIBRARY_NAME,
                     (cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "write" : "read"),
                     rc, argi, (cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "to" : "from"),
                     bio, argp,
                     (argp != NULL ? "(BIO dump follows)" : "(Oops, no memory buffer?)"));
-            if ((argp != NULL) && (sc->ssl_log_level >= SSL_LOG_BYTES))
+            if ((argp != NULL) && APLOGctrace7(c))
                 ssl_io_data_dump(s, argp, rc);
         }
         else {
-            ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
+            ap_log_error(APLOG_MARK, APLOG_TRACE4, 0, s,
                     "%s: I/O error, %d bytes expected to %s on BIO#%pp [mem: %pp]",
                     SSL_LIBRARY_NAME, argi,
                     (cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "write" : "read"),
diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h
index d8f252a01d..5ead74678e 100644
--- a/modules/ssl/ssl_private.h
+++ b/modules/ssl/ssl_private.h
@@ -149,18 +149,6 @@ ap_set_module_config(c->conn_config, &ssl_module, val)
 #define DEFAULT_RENEG_BUFFER_SIZE (128 * 1024)
 #endif
 
-/**
- * Define the per-server SSLLogLevel constants which provide
- * finer-than-debug resolution to decide if logs are to be
- * assulted with tens of thousands of characters per request.
- */
-typedef enum {
-    SSL_LOG_UNSET  = UNSET,
-    SSL_LOG_NONE   = 0,
-    SSL_LOG_IO     = 6,
-    SSL_LOG_BYTES  = 7
-} ssl_log_level_e;
-
 /**
  * Support for MM library
  */
@@ -512,7 +500,6 @@ struct SSLSrvConfigRec {
     BOOL             insecure_reneg;
     modssl_ctx_t    *server;
     modssl_ctx_t    *proxy;
-    ssl_log_level_e  ssl_log_level;
     ssl_enabled_t    proxy_ssl_check_peer_expire;
     ssl_enabled_t    proxy_ssl_check_peer_cn;
 #ifndef OPENSSL_NO_TLSEXT
@@ -583,7 +570,6 @@ const char  *ssl_cmd_SSLOptions(cmd_parms *, void *, const char *);
 const char  *ssl_cmd_SSLRequireSSL(cmd_parms *, void *);
 const char  *ssl_cmd_SSLRequire(cmd_parms *, void *, const char *);
 const char  *ssl_cmd_SSLUserName(cmd_parms *, void *, const char *);
-const char  *ssl_cmd_SSLLogLevelDebugDump(cmd_parms *, void *, const char *);
 const char  *ssl_cmd_SSLRenegBufferSize(cmd_parms *cmd, void *dcfg, const char *arg);
 const char  *ssl_cmd_SSLStrictSNIVHostCheck(cmd_parms *cmd, void *dcfg, int flag);
 const char *ssl_cmd_SSLInsecureRenegotiation(cmd_parms *cmd, void *dcfg, int flag);