env.html.en revision f36d6b9fd84a70b9be1819ed376e67327f763db9
78cd48acd325773619d78ac0d7263a99a8922faend<html><head><META http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><!--
b0fb330a8581c8bfab5e523084f9f39264a52b12gstein XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
71da3cca78eea6010f89b139ecadb79e6d213c4fnd This file is generated from xml source: DO NOT EDIT
71da3cca78eea6010f89b139ecadb79e6d213c4fnd XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
71da3cca78eea6010f89b139ecadb79e6d213c4fnd --><title>Environment Variables in Apache - Apache HTTP Server</title><link href="/style/manual.css" type="text/css" rel="stylesheet"></head><body><blockquote><div align="center"><img src="/images/sub.gif" alt="[APACHE DOCUMENTATION]"><h3>Apache HTTP Server Version 2.0</h3></div><h1 align="center">Environment Variables in Apache</h1>
b0fb330a8581c8bfab5e523084f9f39264a52b12gstein <p>The Apache HTTP Server provides a mechanism for storing
71da3cca78eea6010f89b139ecadb79e6d213c4fnd information in named variables that are called <em>environment
b0fb330a8581c8bfab5e523084f9f39264a52b12gstein variables</em>. This information can be used to control various
71da3cca78eea6010f89b139ecadb79e6d213c4fnd operations such as logging or access control. The variables are
71da3cca78eea6010f89b139ecadb79e6d213c4fnd also used as a mechanism to communicate with external programs
71da3cca78eea6010f89b139ecadb79e6d213c4fnd such as CGI scripts. This document discusses different ways to
71da3cca78eea6010f89b139ecadb79e6d213c4fnd manipulate and use these variables.</p>
b0fb330a8581c8bfab5e523084f9f39264a52b12gstein <p>Although these variables are referred to as <em>environment
f4c310fd2555c6faca1f980f00b161eadb089023gstein variables</em>, they are not the same as the environment
f4c310fd2555c6faca1f980f00b161eadb089023gstein variables controlled by the underlying operating system.
b0fb330a8581c8bfab5e523084f9f39264a52b12gstein Instead, these variables are stored and manipulated in an
f4c310fd2555c6faca1f980f00b161eadb089023gstein internal Apache structure. They only become actual operating
f4c310fd2555c6faca1f980f00b161eadb089023gstein system environment variables when they are provided to CGI
f4c310fd2555c6faca1f980f00b161eadb089023gstein scripts and Server Side Include scripts. If you wish to
1b21d7b3d97def358b2e923655edeb16613a1c31gstein manipulate the operating system environment under which the
952023a04a2f9d51553babd9094fb857f1c97548trawick server itself runs, you must use the standard environment
1b21d7b3d97def358b2e923655edeb16613a1c31gstein manipulation mechanisms provided by your operating system
1b21d7b3d97def358b2e923655edeb16613a1c31gstein <ul><li><a href="#setting">Setting Environment Variables</a><ul><li><a href="#basic-manipulation">Basic Environment Manipulation</a></li><li><a href="#conditional">Conditional Per-Request Settings</a></li><li><a href="#unique-identifiers">Unique Identifiers</a></li><li><a href="#standard-cgi">Standard CGI Variables</a></li><li><a href="#caveats">Some Caveats</a></li></ul></li><li><a href="#using">Using Environment Variables</a><ul><li><a href="#cgi-scripts">CGI Scripts</a></li><li><a href="#ssi-pages">SSI Pages</a></li><li><a href="#access-control">Access Control</a></li><li><a href="#logging">Conditional Logging</a></li><li><a href="#response-headers">Conditional Response Headers</a></li><li><a href="#external-filter">External Filter Activation</a></li><li><a href="#url-rewriting">URL Rewriting</a></li></ul></li><li><a href="#special">Special Purpose Environment Variables</a><ul><li><a href="#downgrade">downgrade-1.0</a></li><li><a href="#force-no-vary">force-no-vary</a></li><li><a href="#force-response">force-response-1.0</a></li><li><a href="#gzip-only-text/html">gzip-only-text/html</a></li><li><a href="#nokeepalive">nokeepalive</a></li><li><a href="#redirect-carefully">redirect-carefully</a></li><li><a href="#suppress-error-charset">suppress-error-charset</a></li></ul></li><li><a href="#examples">Examples</a><ul><li><a href="#misbehaving">Changing protocol behavior with misbehaving clients</a></li><li><a href="#no-img-log">Do not log requests for images in the access log</a></li><li><a href="#image-theft">Prevent "Image Theft"</a></li></ul></li></ul><hr><h2><a name="setting">Setting Environment Variables</a></h2>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <table border="1"><tr><td valign="top"><strong>Related Modules</strong><br><br><code><a href="/mod/mod_env.html">mod_env</a></code><br><code><a href="/mod/mod_rewrite.html">mod_rewrite</a></code><br><code><a href="/mod/mod_setenvif.html">mod_setenvif</a></code><br><code><a href="/mod/mod_unique_id.html">mod_unique_id</a></code><br></td><td valign="top"><strong>Related Directives</strong><br><br><a href="/mod/mod_setenvif.html#browsermatch" class="directive"><code class="directive">BrowserMatch</code></a><br><a href="/mod/mod_setenvif.html#browsermatchnocase" class="directive"><code class="directive">BrowserMatchNoCase</code></a><br><a href="/mod/mod_env.html#passenv" class="directive"><code class="directive">PassEnv</code></a><br><a href="/mod/mod_rewrite.html#rewriterule" class="directive"><code class="directive">RewriteRule</code></a><br><a href="/mod/mod_env.html#setenv" class="directive"><code class="directive">SetEnv</code></a><br><a href="/mod/mod_setenvif.html#setenvif" class="directive"><code class="directive">SetEnvIf</code></a><br><a href="/mod/mod_setenvif.html#setenvifnocase" class="directive"><code class="directive">SetEnvIfNoCase</code></a><br><a href="/mod/mod_env.html#unsetenv" class="directive"><code class="directive">UnsetEnv</code></a><br></td></tr></table>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <h3><a name="basic-manipulation">Basic Environment Manipulation</a></h3>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <p>The most basic way to set an environment variable in Apache
f4c310fd2555c6faca1f980f00b161eadb089023gstein is using the unconditional <a href="/mod/mod_env.html#setenv" class="directive"><code class="directive">SetEnv</code></a> directive. Variables may also be passed from
f4c310fd2555c6faca1f980f00b161eadb089023gstein the environment of the shell which started the server using the
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe <a href="/mod/mod_env.html#passenv" class="directive"><code class="directive">PassEnv</code></a> directive.</p>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <h3><a name="conditional">Conditional Per-Request Settings</a></h3>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <p>For additional flexibility, the directives provided by
f4c310fd2555c6faca1f980f00b161eadb089023gstein mod_setenvif allow environment variables to be set on a
f4c310fd2555c6faca1f980f00b161eadb089023gstein per-request basis, conditional on characteristics of particular
f4c310fd2555c6faca1f980f00b161eadb089023gstein requests. For example, a variable could be set only when a
f4c310fd2555c6faca1f980f00b161eadb089023gstein specific browser (User-Agent) is making a request, or only when
f4c310fd2555c6faca1f980f00b161eadb089023gstein a specific Referer [sic] header is found. Even more flexibility
f4c310fd2555c6faca1f980f00b161eadb089023gstein is available through the mod_rewrite's <a href="/mod/mod_rewrite.html#rewriterule" class="directive"><code class="directive">RewriteRule</code></a> which uses the
f4c310fd2555c6faca1f980f00b161eadb089023gstein <code>[E=...]</code> option to set environment variables.</p>
5b03ba47ff7225cacb131f14b019332af27da960gstein <h3><a name="unique-identifiers">Unique Identifiers</a></h3>
5b03ba47ff7225cacb131f14b019332af27da960gstein <p>Finally, mod_unique_id sets the environment variable
5b03ba47ff7225cacb131f14b019332af27da960gstein <code>UNIQUE_ID</code> for each request to a value which is
5b03ba47ff7225cacb131f14b019332af27da960gstein guaranteed to be unique across "all" requests under very
5b03ba47ff7225cacb131f14b019332af27da960gstein specific conditions.</p>
5b03ba47ff7225cacb131f14b019332af27da960gstein <h3><a name="standard-cgi">Standard CGI Variables</a></h3>
5b03ba47ff7225cacb131f14b019332af27da960gstein <p>In addition to all environment variables set within the
5b03ba47ff7225cacb131f14b019332af27da960gstein Apache configuration and passed from the shell, CGI scripts and
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe SSI pages are provided with a set of environment variables
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe containing meta-information about the request as required by
f4c310fd2555c6faca1f980f00b161eadb089023gstein <li>It is not possible to override or change the standard CGI
f4c310fd2555c6faca1f980f00b161eadb089023gstein variables using the environment manipulation directives.</li>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <li>When <a href="suexec.html">suexec</a> is used to launch
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe CGI scripts, the environment will be cleaned down to a set of
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe <em>safe</em> variables before CGI scripts are launched. The
f4c310fd2555c6faca1f980f00b161eadb089023gstein list of <em>safe</em> variables is defined at compile-time in
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe <li>For portability reasons, the names of environment
f4c310fd2555c6faca1f980f00b161eadb089023gstein variables may contain only letters, numbers, and the
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe underscore character. In addition, the first character may
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe not be a number. Characters which do not match this
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe restriction will be replaced by an underscore when passed to
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe CGI scripts and SSI pages.</li>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <h2><a name="using">Using Environment Variables</a></h2>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <table border="1"><tr><td valign="top"><strong>Related Modules</strong><br><br><code><a href="/mod/mod_access.html">mod_access</a></code><br><code><a href="/mod/mod_cgi.html">mod_cgi</a></code><br><code><a href="/mod/mod_ext_filter.html">mod_ext_filter</a></code><br><code><a href="/mod/mod_headers.html">mod_headers</a></code><br><code><a href="/mod/mod_include.html">mod_include</a></code><br><code><a href="/mod/mod_log_config.html">mod_log_config</a></code><br><code><a href="/mod/mod_rewrite.html">mod_rewrite</a></code><br></td><td valign="top"><strong>Related Directives</strong><br><br><a href="/mod/mod_access.html#allow" class="directive"><code class="directive">Allow</code></a><br><a href="/mod/mod_log_config.html#customlog" class="directive"><code class="directive">CustomLog</code></a><br><a href="/mod/mod_access.html#deny" class="directive"><code class="directive">Deny</code></a><br><a href="/mod/mod_ext_filter.html#extfilterdefine" class="directive"><code class="directive">ExtFilterDefine</code></a><br><a href="/mod/mod_headers.html#header" class="directive"><code class="directive">Header</code></a><br><a href="/mod/mod_log_config.html#logformat" class="directive"><code class="directive">LogFormat</code></a><br><a href="/mod/mod_rewrite.html#rewritecond" class="directive"><code class="directive">RewriteCond</code></a><br><a href="/mod/mod_rewrite.html#rewriterule" class="directive"><code class="directive">RewriteRule</code></a><br></td></tr></table>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <p>One of the primary uses of environment variables is to
f4c310fd2555c6faca1f980f00b161eadb089023gstein communicate information to CGI scripts. As discussed above, the
f4c310fd2555c6faca1f980f00b161eadb089023gstein environment passed to CGI scripts includes standard
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe meta-information about the request in addition to any variables
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe set within the Apache configuration. For more details, see the
f4c310fd2555c6faca1f980f00b161eadb089023gstein <p>Server-parsed (SSI) documents processed by mod_include's
f4c310fd2555c6faca1f980f00b161eadb089023gstein <code>INCLUDES</code> filter can print environment variables
f4c310fd2555c6faca1f980f00b161eadb089023gstein using the <code>echo</code> element, and can use environment
f4c310fd2555c6faca1f980f00b161eadb089023gstein variables in flow control elements to makes parts of a page
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe conditional on characteristics of a request. Apache also
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe provides SSI pages with the standard CGI environment variables
f4c310fd2555c6faca1f980f00b161eadb089023gstein as discussed above. For more details, see the <a href="howto/ssi.html">SSI tutorial</a>.</p>
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe <p>Access to the server can be controlled based on the value of
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe environment variables using the <code>allow from env=</code>
f4c310fd2555c6faca1f980f00b161eadb089023gstein and <code>deny from env=</code> directives. In combination with
58fd79b56eb624bf011772994e9761d3c2e228c1orlikowski <a href="/mod/mod_setenvif.html#setenvif" class="directive"><code class="directive">SetEnvIf</code></a>, this
f4c310fd2555c6faca1f980f00b161eadb089023gstein allows for flexible control of access to the server based on
f4c310fd2555c6faca1f980f00b161eadb089023gstein characteristics of the client. For example, you can use these
f4c310fd2555c6faca1f980f00b161eadb089023gstein directives to deny access to a particular browser (User-Agent).
f4c310fd2555c6faca1f980f00b161eadb089023gstein <p>Environment variables can be logged in the access log using
58fd79b56eb624bf011772994e9761d3c2e228c1orlikowski the <a href="/mod/mod_log_config.html#logformat" class="directive"><code class="directive">LogFormat</code></a>
f4c310fd2555c6faca1f980f00b161eadb089023gstein option <code>%e</code>. In addition, the decision on whether
f4c310fd2555c6faca1f980f00b161eadb089023gstein or not to log requests can be made based on the status of
f4c310fd2555c6faca1f980f00b161eadb089023gstein environment variables using the conditional form of the
f4c310fd2555c6faca1f980f00b161eadb089023gstein <a href="/mod/mod_log_config.html#customlog" class="directive"><code class="directive">CustomLog</code></a>
f4c310fd2555c6faca1f980f00b161eadb089023gstein directive. In combination with <a href="/mod/mod_setenvif.html#setenvif" class="directive"><code class="directive">SetEnvIf</code></a> this allows for flexible control of which
f4c310fd2555c6faca1f980f00b161eadb089023gstein requests are logged. For example, you can choose not to log
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe requests for filenames ending in <code>gif</code>, or you can
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe choose to only log requests from clients which are outside your
98e9c4a310bb623ff788680f88b6bd200ff36a24wrowe subnet.</p>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <h3><a name="response-headers">Conditional Response Headers</a></h3>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <p>The <a href="/mod/mod_headers.html#header" class="directive"><code class="directive">Header</code></a>
f4c310fd2555c6faca1f980f00b161eadb089023gstein directive can use the presence or
f4c310fd2555c6faca1f980f00b161eadb089023gstein absence of an environment variable to determine whether or not
f4c310fd2555c6faca1f980f00b161eadb089023gstein a certain HTTP header will be placed in the response to the
f4c310fd2555c6faca1f980f00b161eadb089023gstein client. This allows, for example, a certain response header to
f4c310fd2555c6faca1f980f00b161eadb089023gstein be sent only if a corresponding header is received in the
f4c310fd2555c6faca1f980f00b161eadb089023gstein request from the client.</p>
48f35e10f195dd594d75738fc536bb885eda537cgstein <h3><a name="external-filter">External Filter Activation</a></h3>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <p>External filters configured by <code><a href="/mod/mod_ext_filter.html">mod_ext_filter</a></code>
91644a5f4d3e992dc208304b50e80bbb236fca89trawick using the <a href="/mod/mod_ext_filter.html#extfilterdefine" class="directive"><code class="directive">ExtFilterDefine</code></a> directive can
8b99f2a316c5e2fa6ab208206fdd7fc2bfc4a921dougm by activated conditional on an environment variable using the
f4c310fd2555c6faca1f980f00b161eadb089023gstein <code>disableenv=</code> and <code>enableenv=</code> options.</p>
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe <p>The <code>%{ENV:...}</code> form of <em>TestString</em> in
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe the <a href="/mod/mod_rewrite.html#rewritecond" class="directive"><code class="directive">RewriteCond</code></a>
f4c310fd2555c6faca1f980f00b161eadb089023gstein allows mod_rewrite's rewrite
f4c310fd2555c6faca1f980f00b161eadb089023gstein engine to make decisions conditional on environment variables.
f4c310fd2555c6faca1f980f00b161eadb089023gstein Note that the variables accessible in mod_rewrite without the
48f35e10f195dd594d75738fc536bb885eda537cgstein <code>ENV:</code> prefix are not actually environment
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe variables. Rather, they are variables special to mod_rewrite
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe which cannot be accessed from other modules.</p>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <h2><a name="special">Special Purpose Environment Variables</a></h2>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <p>Interoperability problems have led to the introduction of
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe mechanisms to modify the way Apache behaves when talking to
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe particular clients. To make these mechanisms as flexible as
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe possible, they are invoked by defining environment variables,
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe typically with <a href="/mod/mod_setenvif.html#browsermatch" class="directive"><code class="directive">BrowserMatch</code></a>,
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe though <a href="/mod/mod_env.html#setenv" class="directive"><code class="directive">SetEnv</code></a> and
f4c310fd2555c6faca1f980f00b161eadb089023gstein <a href="/mod/mod_env.html#passenv" class="directive"><code class="directive">PassEnv</code></a> could also be used,
f4c310fd2555c6faca1f980f00b161eadb089023gstein for example.</p>
48f35e10f195dd594d75738fc536bb885eda537cgstein <p>This forces the request to be treated as a HTTP/1.0 request
48f35e10f195dd594d75738fc536bb885eda537cgstein even if it was in a later dialect.</p>
48f35e10f195dd594d75738fc536bb885eda537cgstein <p>This causes any <code>Vary</code> fields to be removed from
48f35e10f195dd594d75738fc536bb885eda537cgstein the response header before it is sent back to the client. Some
7b6ba9c468f26bdb3492d5e8cb79628a3b04e8c8wrowe clients don't interpret this field correctly (see the <a href="misc/known_client_problems.html">known client
48f35e10f195dd594d75738fc536bb885eda537cgstein problems</a> page); setting this variable can work around this
48f35e10f195dd594d75738fc536bb885eda537cgstein problem. Setting this variable also implies
48f35e10f195dd594d75738fc536bb885eda537cgstein <h3><a name="force-response">force-response-1.0</a></h3>
c1b808d160bfb5c849263be8d4acff600853a328trawick <p>This forces an HTTP/1.0 response when set. It was originally
77c2148c53e0a4a20a80af735caa4e0e6bd448e0gstein implemented as a result of a problem with AOL's proxies. Some
77c2148c53e0a4a20a80af735caa4e0e6bd448e0gstein clients may not behave correctly when given an HTTP/1.1
77c2148c53e0a4a20a80af735caa4e0e6bd448e0gstein response, and this can be used to interoperate with them.</p>
48f35e10f195dd594d75738fc536bb885eda537cgstein <h3><a name="gzip-only-text/html">gzip-only-text/html</a></h3>
48f35e10f195dd594d75738fc536bb885eda537cgstein <p>When set to a value of "1", this variable disables the DEFLATE
48f35e10f195dd594d75738fc536bb885eda537cgstein output filter provided by <code><a href="/mod/mod_deflate.html">mod_deflate</a></code> for
48f35e10f195dd594d75738fc536bb885eda537cgstein <p>This disables <a href="/mod/core.html#keepalive" class="directive"><code class="directive">KeepAlive</code></a> when set.</p>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <h3><a name="redirect-carefully">redirect-carefully</a></h3>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <p>This forces the server to be more careful when sending a redirect
f4c310fd2555c6faca1f980f00b161eadb089023gstein to the client. This is typically used when a client has a known
f4c310fd2555c6faca1f980f00b161eadb089023gstein problem handling redirects. This was originally implemented as a
f4c310fd2555c6faca1f980f00b161eadb089023gstein result of a problem with Microsoft's WebFolders software which has
f4c310fd2555c6faca1f980f00b161eadb089023gstein a problem handling redirects on directory resources via DAV
f4c310fd2555c6faca1f980f00b161eadb089023gstein methods.</p>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <h3><a name="suppress-error-charset">suppress-error-charset</a></h3>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <p>When Apache issues a redirect in response to a client request,
f4c310fd2555c6faca1f980f00b161eadb089023gstein the response includes some actual text to be displayed in case
f4c310fd2555c6faca1f980f00b161eadb089023gstein the client can't (or doesn't) automatically follow the redirection.
f4c310fd2555c6faca1f980f00b161eadb089023gstein Apache ordinarily labels this text according to the character set
f4c310fd2555c6faca1f980f00b161eadb089023gstein which it uses, which is ISO-8859-1.</p>
77c2148c53e0a4a20a80af735caa4e0e6bd448e0gstein <p> However, if the redirection is to a page that uses a different
f4c310fd2555c6faca1f980f00b161eadb089023gstein character set, some broken browser versions will try to use the
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe character set from the redirection text rather than the actual page.
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe This can result in Greek, for instance, being incorrectly rendered.</p>
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe <p>Setting this environment variable causes Apache to omit the character
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe set for the redirection text, and these broken browsers will then correctly
f4c310fd2555c6faca1f980f00b161eadb089023gstein use that of the destination page.</p>
8b99f2a316c5e2fa6ab208206fdd7fc2bfc4a921dougm <h3><a name="misbehaving">Changing protocol behavior with misbehaving clients</a></h3>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <p>We recommend that the following lines be included in
f4c310fd2555c6faca1f980f00b161eadb089023gstein<blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code><pre>
f958dac1550254a59b45f4655138bb34dad5e76egstein# The following directives modify normal HTTP response behavior.
f4c310fd2555c6faca1f980f00b161eadb089023gstein# The first directive disables keepalive for Netscape 2.x and browsers that
f4c310fd2555c6faca1f980f00b161eadb089023gstein# spoof it. There are known problems with these browser implementations.
f4c310fd2555c6faca1f980f00b161eadb089023gstein# The second directive is for Microsoft Internet Explorer 4.0b2
f4c310fd2555c6faca1f980f00b161eadb089023gstein# which has a broken HTTP/1.1 implementation and does not properly
f4c310fd2555c6faca1f980f00b161eadb089023gstein# support keepalive when it is used on 301 or 302 (redirect) responses.
f4c310fd2555c6faca1f980f00b161eadb089023gsteinBrowserMatch "Mozilla/2" nokeepalive
f4c310fd2555c6faca1f980f00b161eadb089023gsteinBrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
0946f90438dcf29a5fe5d9e21559b3b9d640bc12wrowe# The following directive disables HTTP/1.1 responses to browsers which
f4c310fd2555c6faca1f980f00b161eadb089023gstein# are in violation of the HTTP/1.0 spec by not being able to grok a
f4c310fd2555c6faca1f980f00b161eadb089023gstein# basic 1.1 response.
6f15570e3adc0faf87bf55f70857028276fc9e32wroweBrowserMatch "RealPlayer 4\.0" force-response-1.0
f4c310fd2555c6faca1f980f00b161eadb089023gsteinBrowserMatch "Java/1\.0" force-response-1.0
f4c310fd2555c6faca1f980f00b161eadb089023gsteinBrowserMatch "JDK/1\.0" force-response-1.0</pre></code></td></tr></table></blockquote>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <h3><a name="no-img-log">Do not log requests for images in the access log</a></h3>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <p>This example keeps requests for images from appearing in the
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe access log. It can be easily modified to prevent logging of
6f15570e3adc0faf87bf55f70857028276fc9e32wrowe particular directories, or to prevent logging of requests
f4c310fd2555c6faca1f980f00b161eadb089023gstein coming from particular hosts.</p>
f4c310fd2555c6faca1f980f00b161eadb089023gstein <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code><pre>
f4c310fd2555c6faca1f980f00b161eadb089023gsteinSetEnvIf Request_URI \.gif image-request
f39230a531b23d94f86a087963299bbe2e431a4agsteinSetEnvIf Request_URI \.jpg image-request
0946f90438dcf29a5fe5d9e21559b3b9d640bc12wroweSetEnvIf Request_URI \.png image-request
f39230a531b23d94f86a087963299bbe2e431a4agsteinCustomLog logs/access_log common env=!image-request</pre></code></td></tr></table></blockquote>
0946f90438dcf29a5fe5d9e21559b3b9d640bc12wrowe <h3><a name="image-theft">Prevent "Image Theft"</a></h3>
f39230a531b23d94f86a087963299bbe2e431a4agstein <p>This example shows how to keep people not on your server
f39230a531b23d94f86a087963299bbe2e431a4agstein from using images on your server as inline-images on their
1e2133fe37e6cbcd683233057ef62236bc8e5826trawick pages. This is not a recommended configuration, but it can work
ab78b55c6dc4431d2c68d6bb4d169ba1554290a8gstein in limited circumstances. We assume that all your images are in
ab78b55c6dc4431d2c68d6bb4d169ba1554290a8gstein <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code><pre>
ab78b55c6dc4431d2c68d6bb4d169ba1554290a8gsteinSetEnvIf Referer "^http://www.example.com/" local_referal
ab78b55c6dc4431d2c68d6bb4d169ba1554290a8gstein# Allow browsers that do not send Referer info
ab78b55c6dc4431d2c68d6bb4d169ba1554290a8gsteinSetEnvIf Referer "^$" local_referal
f39230a531b23d94f86a087963299bbe2e431a4agstein Order Deny,Allow
f39230a531b23d94f86a087963299bbe2e431a4agstein Deny from all
f39230a531b23d94f86a087963299bbe2e431a4agstein Allow from env=local_referal
f39230a531b23d94f86a087963299bbe2e431a4agstein</Directory></pre></code></td></tr></table></blockquote>
ab78b55c6dc4431d2c68d6bb4d169ba1554290a8gstein <p>For more information about this technique, see the
ab78b55c6dc4431d2c68d6bb4d169ba1554290a8gstein ApacheToday tutorial " <a href="http://apachetoday.com/news_story.php3?ltsn=2000-06-14-002-01-PS">
ab78b55c6dc4431d2c68d6bb4d169ba1554290a8gstein Keeping Your Images from Adorning Other Sites</a>".</p>
