1 <?xml version="1.0" encoding="ISO-8859-1"?>
2 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
4 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
5 This file is generated from xml source: DO NOT EDIT
6 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
8 <title>Environment Variables in Apache - Apache HTTP Server</title>
9 <link href="./style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
10 <link href="./style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
11 <link href="./style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
12 <link href="./images/favicon.ico" rel="shortcut icon" /></head>
13 <body id="manual-page"><div id="page-header">
14 <p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/directives.html">Directives</a> | <a href="./faq/">FAQ</a> | <a href="./glossary.html">Glossary</a> | <a href="./sitemap.html">Sitemap</a></p>
15 <p class="apache">Apache HTTP Server Version 2.5</p>
16 <img alt="" src="./images/feather.gif" /></div>
17 <div class="up"><a href="./"><img title="<-" alt="<-" src="./images/left.gif" /></a></div>
19 <a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="./">Version 2.5</a></div><div id="page-content"><div id="preamble"><h1>Environment Variables in Apache</h1>
21 <p><span>Available Languages: </span><a href="./en/env.html" title="English"> en </a> |
22 <a href="./fr/env.html" hreflang="fr" rel="alternate" title="Français"> fr </a> |
23 <a href="./ja/env.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
24 <a href="./ko/env.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
25 <a href="./tr/env.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p>
28 <p>There are two kinds of environment variables that affect
29 the Apache HTTP Server.</p>
31 <p>First, there are the environment variables controlled by
32 the underlying operating system. These are set before the
33 server starts. They can be used in expansions in configuration
34 files, and can optionally be passed to CGI scripts and SSI
35 using the PassEnv directive.</p>
37 <p>Second, the Apache HTTP Server provides a mechanism for storing
38 information in named variables that are also called <em>environment
39 variables</em>. This information can be used to control various
40 operations such as logging or access control. The variables are
41 also used as a mechanism to communicate with external programs
42 such as CGI scripts. This document discusses different ways to
43 manipulate and use these variables.</p>
45 <p>Although these variables are referred to as <em>environment
46 variables</em>, they are not the same as the environment
47 variables controlled by the underlying operating system.
48 Instead, these variables are stored and manipulated in an
49 internal Apache structure. They only become actual operating
50 system environment variables when they are provided to CGI
51 scripts and Server Side Include scripts. If you wish to
52 manipulate the operating system environment under which the
53 server itself runs, you must use the standard environment
54 manipulation mechanisms provided by your operating system
57 <div id="quickview"><ul id="toc"><li><img alt="" src="./images/down.gif" /> <a href="#setting">Setting Environment Variables</a></li>
58 <li><img alt="" src="./images/down.gif" /> <a href="#using">Using Environment Variables</a></li>
59 <li><img alt="" src="./images/down.gif" /> <a href="#special">Special Purpose Environment Variables</a></li>
60 <li><img alt="" src="./images/down.gif" /> <a href="#examples">Examples</a></li>
62 <div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
64 <h2><a name="setting" id="setting">Setting Environment Variables</a></h2>
66 <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code></li><li><code class="module"><a href="./mod/mod_env.html">mod_env</a></code></li><li><code class="module"><a href="./mod/mod_rewrite.html">mod_rewrite</a></code></li><li><code class="module"><a href="./mod/mod_setenvif.html">mod_setenvif</a></code></li><li><code class="module"><a href="./mod/mod_unique_id.html">mod_unique_id</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_setenvif.html#browsermatch">BrowserMatch</a></code></li><li><code class="directive"><a href="./mod/mod_setenvif.html#browsermatchnocase">BrowserMatchNoCase</a></code></li><li><code class="directive"><a href="./mod/mod_env.html#passenv">PassEnv</a></code></li><li><code class="directive"><a href="./mod/mod_rewrite.html#rewriterule">RewriteRule</a></code></li><li><code class="directive"><a href="./mod/mod_env.html#setenv">SetEnv</a></code></li><li><code class="directive"><a href="./mod/mod_setenvif.html#setenvif">SetEnvIf</a></code></li><li><code class="directive"><a href="./mod/mod_setenvif.html#setenvifnocase">SetEnvIfNoCase</a></code></li><li><code class="directive"><a href="./mod/mod_env.html#unsetenv">UnsetEnv</a></code></li></ul></td></tr></table>
68 <h3><a name="basic-manipulation" id="basic-manipulation">Basic Environment Manipulation</a></h3>
71 <p>The most basic way to set an environment variable in Apache
72 is using the unconditional <code class="directive"><a href="./mod/mod_env.html#setenv">SetEnv</a></code> directive. Variables may also be passed from
73 the environment of the shell which started the server using the
74 <code class="directive"><a href="./mod/mod_env.html#passenv">PassEnv</a></code> directive.</p>
77 <h3><a name="conditional" id="conditional">Conditional Per-Request Settings</a></h3>
80 <p>For additional flexibility, the directives provided by
81 <code class="module"><a href="./mod/mod_setenvif.html">mod_setenvif</a></code> allow environment variables to be set
82 on a per-request basis, conditional on characteristics of particular
83 requests. For example, a variable could be set only when a
84 specific browser (User-Agent) is making a request, or only when
85 a specific Referer [sic] header is found. Even more flexibility
86 is available through the <code class="module"><a href="./mod/mod_rewrite.html">mod_rewrite</a></code>'s <code class="directive"><a href="./mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> which uses the
87 <code>[E=...]</code> option to set environment variables.</p>
90 <h3><a name="unique-identifiers" id="unique-identifiers">Unique Identifiers</a></h3>
93 <p>Finally, <code class="module"><a href="./mod/mod_unique_id.html">mod_unique_id</a></code> sets the environment
94 variable <code>UNIQUE_ID</code> for each request to a value which is
95 guaranteed to be unique across "all" requests under very
96 specific conditions.</p>
99 <h3><a name="standard-cgi" id="standard-cgi">Standard CGI Variables</a></h3>
102 <p>In addition to all environment variables set within the
103 Apache configuration and passed from the shell, CGI scripts and
104 SSI pages are provided with a set of environment variables
105 containing meta-information about the request as required by
106 the <a href="http://www.ietf.org/rfc/rfc3875">CGI
107 specification</a>.</p>
110 <h3><a name="caveats" id="caveats">Some Caveats</a></h3>
114 <li>It is not possible to override or change the standard CGI
115 variables using the environment manipulation directives.</li>
117 <li>When <code class="program"><a href="./programs/suexec.html">suexec</a></code> is used to launch
118 CGI scripts, the environment will be cleaned down to a set of
119 <em>safe</em> variables before CGI scripts are launched. The
120 list of <em>safe</em> variables is defined at compile-time in
121 <code>suexec.c</code>.</li>
123 <li>For portability reasons, the names of environment
124 variables may contain only letters, numbers, and the
125 underscore character. In addition, the first character may
126 not be a number. Characters which do not match this
127 restriction will be replaced by an underscore when passed to
128 CGI scripts and SSI pages.</li>
130 <li>A special case are HTTP headers which are passed to CGI
131 scripts and the like via environment variables (see below).
132 They are converted to uppercase and only dashes are replaced with
133 underscores; if the header contains any other (invalid) character,
134 the whole header is silently dropped. See <a href="#fixheader">
135 below</a> for a workaround.</li>
137 <li>The <code class="directive"><a href="./mod/mod_env.html#setenv">SetEnv</a></code> directive runs
138 late during request processing meaning that directives such as
139 <code class="directive"><a href="./mod/mod_setenvif.html#setenvif">SetEnvIf</a></code> and <code class="directive"><a href="./mod/mod_rewrite.html#rewritecond">RewriteCond</a></code> will not see the
140 variables set with it.</li>
143 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
144 <div class="section">
145 <h2><a name="using" id="using">Using Environment Variables</a></h2>
148 <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="./mod/mod_authz_host.html">mod_authz_host</a></code></li><li><code class="module"><a href="./mod/mod_cgi.html">mod_cgi</a></code></li><li><code class="module"><a href="./mod/mod_ext_filter.html">mod_ext_filter</a></code></li><li><code class="module"><a href="./mod/mod_headers.html">mod_headers</a></code></li><li><code class="module"><a href="./mod/mod_include.html">mod_include</a></code></li><li><code class="module"><a href="./mod/mod_log_config.html">mod_log_config</a></code></li><li><code class="module"><a href="./mod/mod_rewrite.html">mod_rewrite</a></code></li></ul></td><td><ul><li><code class="directive"><a href="./mod/mod_authz_host.html#allow">Allow</a></code></li><li><code class="directive"><a href="./mod/mod_log_config.html#customlog">CustomLog</a></code></li><li><code class="directive"><a href="./mod/mod_authz_host.html#deny">Deny</a></code></li><li><code class="directive"><a href="./mod/mod_ext_filter.html#extfilterdefine">ExtFilterDefine</a></code></li><li><code class="directive"><a href="./mod/mod_headers.html#header">Header</a></code></li><li><code class="directive"><a href="./mod/mod_log_config.html#logformat">LogFormat</a></code></li><li><code class="directive"><a href="./mod/mod_rewrite.html#rewritecond">RewriteCond</a></code></li><li><code class="directive"><a href="./mod/mod_rewrite.html#rewriterule">RewriteRule</a></code></li></ul></td></tr></table>
150 <h3><a name="cgi-scripts" id="cgi-scripts">CGI Scripts</a></h3>
153 <p>One of the primary uses of environment variables is to
154 communicate information to CGI scripts. As discussed above, the
155 environment passed to CGI scripts includes standard
156 meta-information about the request in addition to any variables
157 set within the Apache configuration. For more details, see the
158 <a href="howto/cgi.html">CGI tutorial</a>.</p>
161 <h3><a name="ssi-pages" id="ssi-pages">SSI Pages</a></h3>
164 <p>Server-parsed (SSI) documents processed by
165 <code class="module"><a href="./mod/mod_include.html">mod_include</a></code>'s
166 <code>INCLUDES</code> filter can print environment variables
167 using the <code>echo</code> element, and can use environment
168 variables in flow control elements to makes parts of a page
169 conditional on characteristics of a request. Apache also
170 provides SSI pages with the standard CGI environment variables
171 as discussed above. For more details, see the <a href="howto/ssi.html">SSI tutorial</a>.</p>
174 <h3><a name="access-control" id="access-control">Access Control</a></h3>
177 <p>Access to the server can be controlled based on the value of
178 environment variables using the <code>allow from env=</code>
179 and <code>deny from env=</code> directives. In combination with
180 <code class="directive"><a href="./mod/mod_setenvif.html#setenvif">SetEnvIf</a></code>, this
181 allows for flexible control of access to the server based on
182 characteristics of the client. For example, you can use these
183 directives to deny access to a particular browser (User-Agent).
187 <h3><a name="logging" id="logging">Conditional Logging</a></h3>
190 <p>Environment variables can be logged in the access log using
191 the <code class="directive"><a href="./mod/mod_log_config.html#logformat">LogFormat</a></code>
192 option <code>%e</code>. In addition, the decision on whether
193 or not to log requests can be made based on the status of
194 environment variables using the conditional form of the
195 <code class="directive"><a href="./mod/mod_log_config.html#customlog">CustomLog</a></code>
196 directive. In combination with <code class="directive"><a href="./mod/mod_setenvif.html#setenvif">SetEnvIf</a></code> this allows for flexible control of which
197 requests are logged. For example, you can choose not to log
198 requests for filenames ending in <code>gif</code>, or you can
199 choose to only log requests from clients which are outside your
203 <h3><a name="response-headers" id="response-headers">Conditional Response Headers</a></h3>
206 <p>The <code class="directive"><a href="./mod/mod_headers.html#header">Header</a></code>
207 directive can use the presence or
208 absence of an environment variable to determine whether or not
209 a certain HTTP header will be placed in the response to the
210 client. This allows, for example, a certain response header to
211 be sent only if a corresponding header is received in the
212 request from the client.</p>
216 <h3><a name="external-filter" id="external-filter">External Filter Activation</a></h3>
219 <p>External filters configured by <code class="module"><a href="./mod/mod_ext_filter.html">mod_ext_filter</a></code>
220 using the <code class="directive"><a href="./mod/mod_ext_filter.html#extfilterdefine">ExtFilterDefine</a></code> directive can
221 by activated conditional on an environment variable using the
222 <code>disableenv=</code> and <code>enableenv=</code> options.</p>
225 <h3><a name="url-rewriting" id="url-rewriting">URL Rewriting</a></h3>
228 <p>The <code>%{ENV:<em>variable</em>}</code> form of
229 <em>TestString</em> in the <code class="directive"><a href="./mod/mod_rewrite.html#rewritecond">RewriteCond</a></code> allows <code class="module"><a href="./mod/mod_rewrite.html">mod_rewrite</a></code>'s rewrite
230 engine to make decisions conditional on environment variables.
231 Note that the variables accessible in <code class="module"><a href="./mod/mod_rewrite.html">mod_rewrite</a></code>
232 without the <code>ENV:</code> prefix are not actually environment
233 variables. Rather, they are variables special to
234 <code class="module"><a href="./mod/mod_rewrite.html">mod_rewrite</a></code> which cannot be accessed from other
237 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
238 <div class="section">
239 <h2><a name="special" id="special">Special Purpose Environment Variables</a></h2>
242 <p>Interoperability problems have led to the introduction of
243 mechanisms to modify the way Apache behaves when talking to
244 particular clients. To make these mechanisms as flexible as
245 possible, they are invoked by defining environment variables,
246 typically with <code class="directive"><a href="./mod/mod_setenvif.html#browsermatch">BrowserMatch</a></code>, though <code class="directive"><a href="./mod/mod_env.html#setenv">SetEnv</a></code> and <code class="directive"><a href="./mod/mod_env.html#passenv">PassEnv</a></code> could also be used, for example.</p>
248 <h3><a name="downgrade" id="downgrade">downgrade-1.0</a></h3>
251 <p>This forces the request to be treated as a HTTP/1.0 request
252 even if it was in a later dialect.</p>
255 <h3><a name="force-gzip" id="force-gzip">force-gzip</a></h3>
257 <p>If you have the <code>DEFLATE</code> filter activated, this
258 environment variable will ignore the accept-encoding setting of
259 your browser and will send compressed output unconditionally.</p>
261 <h3><a name="force-no-vary" id="force-no-vary">force-no-vary</a></h3>
264 <p>This causes any <code>Vary</code> fields to be removed from
265 the response header before it is sent back to the client. Some
266 clients don't interpret this field correctly; setting this
267 variable can work around this problem. Setting this variable
268 also implies <strong>force-response-1.0</strong>.</p>
271 <h3><a name="force-response" id="force-response">force-response-1.0</a></h3>
274 <p>This forces an HTTP/1.0 response to clients making an HTTP/1.0
275 request. It was originally
276 implemented as a result of a problem with AOL's proxies. Some
277 HTTP/1.0 clients may not behave correctly when given an HTTP/1.1
278 response, and this can be used to interoperate with them.</p>
282 <h3><a name="gzip-only-text-html" id="gzip-only-text-html">gzip-only-text/html</a></h3>
285 <p>When set to a value of "1", this variable disables the
286 <code>DEFLATE</code> output filter provided by
287 <code class="module"><a href="./mod/mod_deflate.html">mod_deflate</a></code> for content-types other than
288 <code>text/html</code>. If you'd rather
289 use statically compressed files, <code class="module"><a href="./mod/mod_negotiation.html">mod_negotiation</a></code>
290 evaluates the variable as well (not only for gzip, but for all
291 encodings that differ from "identity").</p>
294 <h3><a name="no-gzip" id="no-gzip">no-gzip</a></h3>
296 <p>When set, the <code>DEFLATE</code> filter of
297 <code class="module"><a href="./mod/mod_deflate.html">mod_deflate</a></code> will be turned off and
298 <code class="module"><a href="./mod/mod_negotiation.html">mod_negotiation</a></code> will refuse to deliver encoded
303 <h3><a name="no-cache" id="no-cache">no-cache</a></h3>
304 <p><em>Available in versions 2.2.12 and later</em></p>
306 <p>When set, <code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code> will not save an otherwise
307 cacheable response. This environment variable does not influence
308 whether a response already in the cache will be served for the current
313 <h3><a name="nokeepalive" id="nokeepalive">nokeepalive</a></h3>
316 <p>This disables <code class="directive"><a href="./mod/core.html#keepalive">KeepAlive</a></code>
321 <h3><a name="prefer-language" id="prefer-language">prefer-language</a></h3>
323 <p>This influences <code class="module"><a href="./mod/mod_negotiation.html">mod_negotiation</a></code>'s behaviour. If
324 it contains a language tag (such as <code>en</code>, <code>ja</code>
325 or <code>x-klingon</code>), <code class="module"><a href="./mod/mod_negotiation.html">mod_negotiation</a></code> tries
326 to deliver a variant with that language. If there's no such variant,
327 the normal <a href="content-negotiation.html">negotiation</a> process
332 <h3><a name="redirect-carefully" id="redirect-carefully">redirect-carefully</a></h3>
335 <p>This forces the server to be more careful when sending a redirect
336 to the client. This is typically used when a client has a known
337 problem handling redirects. This was originally implemented as a
338 result of a problem with Microsoft's WebFolders software which has
339 a problem handling redirects on directory resources via DAV
344 <h3><a name="suppress-error-charset" id="suppress-error-charset">suppress-error-charset</a></h3>
347 <p><em>Available in versions after 2.0.54</em></p>
349 <p>When Apache issues a redirect in response to a client request,
350 the response includes some actual text to be displayed in case
351 the client can't (or doesn't) automatically follow the redirection.
352 Apache ordinarily labels this text according to the character set
353 which it uses, which is ISO-8859-1.</p>
355 <p> However, if the redirection is to a page that uses a different
356 character set, some broken browser versions will try to use the
357 character set from the redirection text rather than the actual page.
358 This can result in Greek, for instance, being incorrectly rendered.</p>
360 <p>Setting this environment variable causes Apache to omit the character
361 set for the redirection text, and these broken browsers will then correctly
362 use that of the destination page.</p>
364 <div class="warning">
365 <h3>Security note</h3>
367 <p>Sending error pages without a specified character set may
368 allow a cross-site-scripting attack for existing browsers (MSIE)
369 which do not follow the HTTP/1.1 specification and attempt to
370 "guess" the character set from the content. Such browsers can
371 be easily fooled into using the UTF-7 character set, and UTF-7
372 content from input data (such as the request-URI) will not be
373 escaped by the usual escaping mechanisms designed to prevent
374 cross-site-scripting attacks.</p>
379 <h3><a name="proxy" id="proxy">force-proxy-request-1.0, proxy-nokeepalive, proxy-sendchunked,
380 proxy-sendcl, proxy-chain-auth, proxy-interim-response, proxy-initial-not-pooled</a></h3>
382 <p>These directives alter the protocol behavior of
383 <code class="module"><a href="./mod/mod_proxy.html">mod_proxy</a></code>. See the <code class="module"><a href="./mod/mod_proxy.html">mod_proxy</a></code> and <code class="module"><a href="./mod/mod_proxy_http.html">mod_proxy_http</a></code>
384 documentation for more details.</p>
387 </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
388 <div class="section">
389 <h2><a name="examples" id="examples">Examples</a></h2>
392 <h3><a name="fixheader" id="fixheader">Passing broken headers to CGI scripts</a></h3>
395 <p>Starting with version 2.4, Apache is more strict about how HTTP
396 headers are converted to environment variables in <code class="module"><a href="./mod/mod_cgi .html">mod_cgi
397 </a></code> and other modules: Previously any invalid characters
398 in header names were simply translated to underscores. This allowed
399 for some potential cross-site-scripting attacks via header injection
400 (see <a href="http://events.ccc.de/congress/2007/Fahrplan/events/2212.en.html">
401 Unusual Web Bugs</a>, slide 19/20).</p>
403 <p>If you have to support a client which sends broken headers and
404 which can't be fixed, a simple workaround involving <code class="module"><a href="./mod/mod_setenvif .html">mod_setenvif
405 </a></code> and <code class="module"><a href="./mod/mod_header.html">mod_header</a></code> allows you to still accept
408 <div class="example"><p><code>
410 # The following works around a client sending a broken Accept_Encoding<br />
413 SetEnvIfNoCase ^Accept.Encoding$ ^(.*)$ fix_accept_encoding=$1<br />
414 RequestHeader set Accept-Encoding %{fix_accept_encoding}e env=fix_accept_encoding
419 <h3><a name="misbehaving" id="misbehaving">Changing protocol behavior with misbehaving clients</a></h3>
422 <p>Earlier versions recommended that the following lines be included in
423 httpd.conf to deal with known client problems. Since the affected clients
424 are no longer seen in the wild, this configuration is likely no-longer
426 <div class="example"><p><code>
428 # The following directives modify normal HTTP response behavior.<br />
429 # The first directive disables keepalive for Netscape 2.x and browsers that<br />
430 # spoof it. There are known problems with these browser implementations.<br />
431 # The second directive is for Microsoft Internet Explorer 4.0b2<br />
432 # which has a broken HTTP/1.1 implementation and does not properly<br />
433 # support keepalive when it is used on 301 or 302 (redirect) responses.<br />
435 BrowserMatch "Mozilla/2" nokeepalive<br />
436 BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0<br />
439 # The following directive disables HTTP/1.1 responses to browsers which<br />
440 # are in violation of the HTTP/1.0 spec by not being able to understand a<br />
441 # basic 1.1 response.<br />
443 BrowserMatch "RealPlayer 4\.0" force-response-1.0<br />
444 BrowserMatch "Java/1\.0" force-response-1.0<br />
445 BrowserMatch "JDK/1\.0" force-response-1.0
449 <h3><a name="no-img-log" id="no-img-log">Do not log requests for images in the access log</a></h3>
452 <p>This example keeps requests for images from appearing in the
453 access log. It can be easily modified to prevent logging of
454 particular directories, or to prevent logging of requests
455 coming from particular hosts.</p>
457 <div class="example"><p><code>
458 SetEnvIf Request_URI \.gif image-request<br />
459 SetEnvIf Request_URI \.jpg image-request<br />
460 SetEnvIf Request_URI \.png image-request<br />
461 CustomLog logs/access_log common env=!image-request
465 <h3><a name="image-theft" id="image-theft">Prevent "Image Theft"</a></h3>
468 <p>This example shows how to keep people not on your server
469 from using images on your server as inline-images on their
470 pages. This is not a recommended configuration, but it can work
471 in limited circumstances. We assume that all your images are in
472 a directory called <code>/web/images</code>.</p>
474 <div class="example"><p><code>
475 SetEnvIf Referer "^http://www\.example\.com/" local_referal<br />
476 # Allow browsers that do not send Referer info<br />
477 SetEnvIf Referer "^$" local_referal<br />
478 <Directory /web/images><br />
479 <span class="indent">
480 Order Deny,Allow<br />
482 Allow from env=local_referal
487 <p>For more information about this technique, see the
488 "<a href="http://www.serverwatch.com/tutorials/article.php/1132731">Keeping Your Images from Adorning Other Sites</a>"
489 tutorial on ServerWatch.</p>
492 <div class="bottomlang">
493 <p><span>Available Languages: </span><a href="./en/env.html" title="English"> en </a> |
494 <a href="./fr/env.html" hreflang="fr" rel="alternate" title="Français"> fr </a> |
495 <a href="./ja/env.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
496 <a href="./ko/env.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
497 <a href="./tr/env.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p>
498 </div><div id="footer">
499 <p class="apache">Copyright 2011 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
500 <p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/directives.html">Directives</a> | <a href="./faq/">FAQ</a> | <a href="./glossary.html">Glossary</a> | <a href="./sitemap.html">Sitemap</a></p></div>