1 <?xml version="1.0" encoding="ISO-8859-1"?>
2 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
4 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
5 This file is generated from xml source: DO NOT EDIT
6 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
8 <title>mod_proxy - Apache HTTP Server</title>
9 <link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
10 <link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
11 <link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
12 <link href="../images/favicon.ico" rel="shortcut icon" /></head>
14 <div id="page-header">
15 <p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p>
16 <p class="apache">Apache HTTP Server Version 2.1</p>
17 <img alt="" src="../images/feather.gif" /></div>
18 <div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div>
20 <a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs-project/">Documentation</a> > <a href="../">Version 2.1</a> > <a href="./">Modules</a></div>
21 <div id="page-content">
22 <div id="preamble"><h1>Apache Module mod_proxy</h1>
24 <p><span>Available Languages: </span><a href="../en/mod/mod_proxy.html"> en </a></p>
26 <table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>HTTP/1.1 proxy/gateway server</td></tr>
27 <tr><th><a href="module-dict.html#Status">Status:</a></th><td>Extension</td></tr>
28 <tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:</a></th><td>proxy_module</td></tr>
29 <tr><th><a href="module-dict.html#SourceFile">Source File:</a></th><td>mod_proxy.c</td></tr></table>
32 <div class="warning"><h3>Warning</h3>
33 This document has been updated to take into account changes
34 made in the 2.0 version of the Apache HTTP Server. Some of the
35 information may still be inaccurate, please use it
39 <p>This module implements a proxy/gateway for Apache. It implements
40 proxying capability for
42 <code>CONNECT</code> (for SSL),
43 <code>HTTP/0.9</code>,
44 <code>HTTP/1.0</code>, and
45 <code>HTTP/1.1</code>.
46 The module can be configured to connect to other proxy modules for these
47 and other protocols.</p>
49 <p>This module was experimental in Apache 1.1.x. Improvements and bugfixes
50 were made in Apache v1.2.x and Apache v1.3.x, then the module underwent a major
51 overhaul for Apache v2.0. The protocol support was upgraded to HTTP/1.1,
52 and filter support was enabled.</p>
54 <p>Please note that the <strong>caching</strong> function present in
55 mod_proxy up to Apache v1.3.x has been <strong>removed</strong> from
56 mod_proxy and will be incorporated into a new module, mod_cache. In other words:
57 the Apache 2.0.x-Proxy doesn't
58 cache at all - all caching functionality has been moved into mod_cache,
59 which is capable of caching any content, not only content from proxy.
62 <p>If you need to use SSL when contacting remote servers, have a look at the
63 <code>SSLProxy*</code> directives in <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code>.</p>
65 <div class="warning"><p>Do not enable proxying with <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> until you have
66 <a href="#access">secured your server</a>. Open proxy servers are
67 dangerous both to your network and to the Internet at large.</p></div>
71 <div id="quickview"><h3 class="directives">Directives</h3>
73 <li><img alt="" src="../images/down.gif" /> <a href="#allowconnect">AllowCONNECT</a></li>
74 <li><img alt="" src="../images/down.gif" /> <a href="#noproxy">NoProxy</a></li>
75 <li><img alt="" src="../images/down.gif" /> <a href="#proxy"><Proxy></a></li>
76 <li><img alt="" src="../images/down.gif" /> <a href="#proxybadheader">ProxyBadHeader</a></li>
77 <li><img alt="" src="../images/down.gif" /> <a href="#proxyblock">ProxyBlock</a></li>
78 <li><img alt="" src="../images/down.gif" /> <a href="#proxydomain">ProxyDomain</a></li>
79 <li><img alt="" src="../images/down.gif" /> <a href="#proxyerroroverride">ProxyErrorOverride</a></li>
80 <li><img alt="" src="../images/down.gif" /> <a href="#proxyiobuffersize">ProxyIOBufferSize</a></li>
81 <li><img alt="" src="../images/down.gif" /> <a href="#proxymatch"><ProxyMatch></a></li>
82 <li><img alt="" src="../images/down.gif" /> <a href="#proxymaxforwards">ProxyMaxForwards</a></li>
83 <li><img alt="" src="../images/down.gif" /> <a href="#proxypass">ProxyPass</a></li>
84 <li><img alt="" src="../images/down.gif" /> <a href="#proxypassreverse">ProxyPassReverse</a></li>
85 <li><img alt="" src="../images/down.gif" /> <a href="#proxypreservehost">ProxyPreserveHost</a></li>
86 <li><img alt="" src="../images/down.gif" /> <a href="#proxyreceivebuffersize">ProxyReceiveBufferSize</a></li>
87 <li><img alt="" src="../images/down.gif" /> <a href="#proxyremote">ProxyRemote</a></li>
88 <li><img alt="" src="../images/down.gif" /> <a href="#proxyremotematch">ProxyRemoteMatch</a></li>
89 <li><img alt="" src="../images/down.gif" /> <a href="#proxyrequests">ProxyRequests</a></li>
90 <li><img alt="" src="../images/down.gif" /> <a href="#proxytimeout">ProxyTimeout</a></li>
91 <li><img alt="" src="../images/down.gif" /> <a href="#proxyvia">ProxyVia</a></li>
95 <li><img alt="" src="../images/down.gif" /> <a href="#configs">Common configuration topics</a></li>
97 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
99 <h2><a name="configs" id="configs">Common configuration topics</a></h2>
102 <li><a href="#forwardreverse">Forward and Reverse Proxies</a></li>
103 <li><a href="#access">Controlling access to your proxy</a></li>
104 <li><a href="#mimetypes">Why doesn't file type <em>xxx</em> download via FTP?</a></li>
105 <li><a href="#type">How can I force an FTP ASCII download of File <em>xxx</em>?</a></li>
106 <li><a href="#percent2fhack">How can I access FTP files outside of my home directory?</a></li>
107 <li><a href="#ftppass">How can I hide the FTP cleartext password in my browser's URL line?</a></li>
108 <li><a href="#startup">Why does Apache start more slowly when using the
109 proxy module?</a></li>
111 <li><a href="#intranet">What other functions are useful for an intranet proxy server?</a></li>
112 <li><a href="#envsettings">How can I make the proxy talk HTTP/1.0 and disable keepalives?</a></li>
115 <h3><a name="forwardreverse" id="forwardreverse">Forward and Reverse Proxies</a></h3>
117 <p>Apache can be configured in both a <em>forward</em> and <em>reverse</em>
118 proxy configuration.</p>
120 <p>A <em>forward proxy</em> is an intermediate system that enables a browser to connect to a
121 remote network to which it normally does not have access. A forward proxy
122 can also be used to cache data, reducing load on the networks between the
123 forward proxy and the remote webserver.</p>
125 <p>Apache's mod_proxy can be figured to behave like a forward proxy
126 using the <code class="directive"><a href="#proxyremote">ProxyRemote</a></code>
127 directive. In addition, caching of data can be achieved by configuring
128 Apache <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code>. Other dedicated forward proxy
129 packages include <a href="http://www.squid-cache.org/">Squid</a>.</p>
131 <p>A <em>reverse proxy</em> is a webserver system that is capable of serving webpages
132 sourced from other webservers - in addition to webpages on disk or generated
133 dynamically by CGI - making these pages look like they originated at the
136 <p>When configured with the mod_cache module the reverse
137 proxy can act as a cache for slower backend webservers. The reverse proxy
138 can also enable advanced URL strategies and management techniques, allowing
139 webpages served using different webserver systems or architectures to
140 coexist inside the same URL space. Reverse proxy systems are also ideal for
141 implementing centralised logging websites with many or diverse website
142 backends. Complex multi-tier webserver systems can be constructed using an
143 Apache mod_proxy frontend and any number of backend webservers.</p>
145 <p>The reverse proxy is configured using the
146 <code class="directive"><a href="#proxypass">ProxyPass</a></code> and <code class="directive"><a href="#proxypassreverse">ProxyPassReverse</a></code> directives. Caching can be
147 enabled using mod_cache as with the forward proxy.</p>
151 <h3><a name="access" id="access">Controlling access to your proxy</a></h3>
153 <p>You can control who can access your proxy via the
154 <code class="directive"><a href="#proxy"><Proxy></a></code>
155 control block using the following example:</p>
157 <div class="example"><p><code>
158 <Proxy *><br />
159 Order Deny,Allow<br />
161 Allow from 192.168.0<br />
165 <p>When configuring a reverse proxy, access control takes on the
166 attributes of the normal server <code class="directive"><a href="../mod/core.html#directory"><directory></a></code> configuration.</p>
169 <h3><a name="mimetypes" id="mimetypes">Why doesn't file type <em>xxx</em>
170 download via FTP?</a></h3>
172 <p>You probably don't have that particular file type defined as
173 <em>application/octet-stream</em> in your proxy's mime.types configuration
174 file. A useful line can be</p>
176 <div class="example"><p><code>
177 application/octet-stream bin dms lha lzh exe class tgz taz
181 <h3><a name="type" id="type">How can I force an FTP ASCII download of
182 File <em>xxx</em>?</a></h3>
184 <p>In the rare situation where you must download a specific file using the FTP
185 <strong>ASCII</strong> transfer method (while the default transfer is in
186 <strong>binary</strong> mode), you can override mod_proxy's default by
187 suffixing the request with <code>;type=a</code> to force an ASCII transfer.
188 (FTP Directory listings are always executed in ASCII mode, however.)</p>
191 <h3><a name="percent2fhck" id="percent2fhck">How can I access FTP files outside
192 of my home directory?</a></h3>
195 An FTP URI is interpreted relative to the home directory of the user
196 who is logging in. Alas, to reach higher directory levels you cannot
197 use /../, as the dots are interpreted by the browser and not actually
198 sent to the FTP server. To address this problem, the so called "Squid
199 %2f hack" was implemented in the Apache FTP proxy; it is is a solution
200 which is also used by other popular proxy servers like the <a href="http://www.squid-cache.org/">Squid Proxy Cache</a>. By
201 prepending /%2f to the path of your request, you can make such a proxy
202 change the FTP starting directory to / (instead of the home
205 <p><strong>Example:</strong> To retrieve the file
206 <code>/etc/motd</code>, you would use the URL</p>
207 <div class="example"><p><code>ftp://<em>user@host</em>/%2f/etc/motd</code></p></div>
210 <h3><a name="ftppass" id="ftppass">How can I hide the FTP cleartext password
211 in my browser's URL line?</a></h3>
214 To log in to an FTP server by username and password, Apache
215 uses different strategies.
216 In absense of a user name and password in the URL altogether,
217 Apache sends an anomymous login to the FTP server, i.e.,</p>
218 <div class="example"><p><code>
219 user: anonymous<br />
220 password: apache_proxy@
222 <p>This works for all popular FTP servers which are configured for
223 anonymous access.</p>
225 <p>For a personal login with a specific username, you can embed
226 the user name into the URL, like in:
227 <code>ftp://<em>username@host</em>/myfile</code>. If the FTP server
228 asks for a password when given this username (which it should),
229 then Apache will reply with a [401 Authorization required] response,
230 which causes the Browser to pop up the username/password dialog.
231 Upon entering the password, the connection attempt is retried,
232 and if successful, the requested resource is presented.
233 The advantage of this procedure is that your browser does not
234 display the password in cleartext (which it would if you had used
235 <code>ftp://<em>username:password@host</em>/myfile</code> in
236 the first place).</p>
238 <div class="note"><h3>Note</h3>
239 The password which is transmitted in such a way
240 is not encrypted on its way. It travels between your browser and
241 the Apache proxy server in a base64-encoded cleartext string, and
242 between the Apache proxy and the FTP server as plaintext. You should
243 therefore think twice before accessing your FTP server via HTTP
244 (or before accessing your personal files via FTP at all!) When
245 using unsecure channels, an eavesdropper might intercept your
250 <h3><a name="startup" id="startup">Why does Apache start more slowly when
251 using the proxy module?</a></h3>
253 <p>If you're using the <code class="directive"><a href="#proxyblock">ProxyBlock</a></code>
254 directive, hostnames' IP addresses are looked up and cached during
255 startup for later match test. This may take a few seconds (or more)
256 depending on the speed with which the hostname lookups occur.</p>
261 <h3><a name="intranet" id="intranet">What other functions are useful for an
262 intranet proxy server?</a></h3>
264 <p>An Apache proxy server situated in an intranet needs to forward
265 external requests through the company's firewall. However, when it has
266 to access resources within the intranet, it can bypass the firewall
267 when accessing hosts. The <code class="directive"><a href="#noproxy">NoProxy</a></code> directive is useful for
268 specifying which hosts belong to the intranet and should be accessed
271 <p>Users within an intranet tend to omit the local domain name from their
272 WWW requests, thus requesting "http://somehost/" instead of
273 "http://somehost.my.dom.ain/". Some commercial proxy servers let them get
274 away with this and simply serve the request, implying a configured
275 local domain. When the <code class="directive"><a href="#proxydomain">ProxyDomain</a></code> directive
276 is used and the server is <a href="#proxyrequests">configured for
277 proxy service</a>, Apache can return a redirect response and send the client
278 to the correct, fully qualified, server address. This is the preferred method
279 since the user's bookmark files will then contain fully qualified hosts.</p>
281 <h3><a name="envsettings" id="envsettings">How can I make the proxy talk HTTP/1.0 and
282 disable keepalives?</a></h3>
284 <p>For circumstances where you have a application server which doesn't implement
285 keepalives or HTTP/1.1 properly, there are 2 environment variables which when
286 set send a HTTP/1.0 with no keepalive. These are set via the <code class="directive"><a href="../mod/mod_env.html#setenv">SetEnv</a></code> directive.</p>
287 <p>These are the 'force-proxy-request-1.0' and 'proxy-nokeepalive' notes.</p>
289 <div class="example"><p><code>
290 <location /buggyappserver/ ><br />
291 ProxyPass http://buggyappserver:7001/foo/<br />
292 SetEnv force-proxy-request-1.0 1<br />
293 SetEnv proxy-nokeepalive 1<br />
300 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
301 <div class="directive-section"><h2><a name="AllowCONNECT" id="AllowCONNECT">AllowCONNECT</a> <a name="allowconnect" id="allowconnect">Directive</a></h2>
302 <table class="directive">
303 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Ports that are allowed to CONNECT through
305 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AllowCONNECT <em>port</em> [<em>port</em>] ...</code></td></tr>
306 <tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AllowCONNECT 443 563</code></td></tr>
307 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
308 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
309 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
311 <p>The <code class="directive">AllowCONNECT</code> directive specifies a list
312 of port numbers to which the proxy <code>CONNECT</code> method may
313 connect. Today's browsers use this method when a <em>https</em>
314 connection is requested and proxy tunneling over <em>http</em> is in
315 effect.<br /> By default, only the default https port (443) and the
316 default snews port (563) are enabled. Use the
317 <code class="directive">AllowCONNECT</code> directive to overrride this default and
318 allow connections to the listed ports only.</p>
321 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
322 <div class="directive-section"><h2><a name="NoProxy" id="NoProxy">NoProxy</a> <a name="noproxy" id="noproxy">Directive</a></h2>
323 <table class="directive">
324 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Hosts, domains, or networks that will be connected
325 to directly</td></tr>
326 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>NoProxy <em>host</em> [<em>host</em>] ...</code></td></tr>
327 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
328 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
329 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
331 <p>This directive is only useful for Apache proxy servers within
332 intranets. The <code class="directive">NoProxy</code> directive specifies a
333 list of subnets, IP addresses, hosts and/or domains, separated by
334 spaces. A request to a host which matches one or more of these is
335 always served directly, without forwarding to the configured
336 <code class="directive"><a href="#proxyremote">ProxyRemote</a></code> proxy server(s).</p>
338 <div class="example"><h3>Example</h3><p><code>
339 ProxyRemote * http://firewall.mycompany.com:81<br />
340 NoProxy .mycompany.com 192.168.112.0/21
343 <p>The <em>host</em> arguments to the NoProxy directive are one of the
344 following type list:</p>
347 <dt><a name="domain">
348 <em>Domain</em></a></dt>
349 <dd>A <em>Domain</em> is a partially qualified DNS domain name, preceded
351 It represents a list of hosts which logically belong to the same DNS
352 domain or zone (<em>i.e.</em>, the suffixes of the hostnames are all ending in
353 <em>Domain</em>).<br />
354 Examples: <code>.com</code> <code>.apache.org.</code><br />
355 To distinguish <em>Domain</em>s from <a href="#hostname"><em>Hostname</em></a>s (both
356 syntactically and semantically; a DNS domain can have a DNS A record,
357 too!), <em>Domain</em>s are always written
358 with a leading period.<br />
359 Note: Domain name comparisons are done without regard to the case,
360 and <em>Domain</em>s are always assumed to be anchored in the root
361 of the DNS tree, therefore two domains <code>.MyDomain.com</code> and
362 <code>.mydomain.com.</code> (note the trailing period) are
363 considered equal. Since a domain comparison does not involve a DNS
364 lookup, it is much more efficient than subnet comparison.</dd>
367 <dt><a name="subnet">
368 <em>SubNet</em></a></dt>
369 <dd>A <em>SubNet</em> is a partially qualified internet address in
370 numeric (dotted quad) form, optionally followed by a slash and the
371 netmask, specified as the number of significant bits in the
372 <em>SubNet</em>. It is used to represent a subnet of hosts which can
373 be reached over a common network interface. In the absence of the
374 explicit net mask it is assumed that omitted (or zero valued)
375 trailing digits specify the mask. (In this case, the netmask can
376 only be multiples of 8 bits wide.)<br />
379 <dt><code>192.168</code> or <code>192.168.0.0</code></dt>
380 <dd>the subnet 192.168.0.0 with an implied netmask of 16 valid bits
381 (sometimes used in the netmask form <code>255.255.0.0</code>)</dd>
382 <dt><code>192.168.112.0/21</code></dt>
383 <dd>the subnet <code>192.168.112.0/21</code> with a netmask of 21
384 valid bits (also used in the form 255.255.248.0)</dd>
386 As a degenerate case, a <em>SubNet</em> with 32 valid bits is the
387 equivalent to an <em>IPAddr</em>, while a <em>SubNet</em> with zero
388 valid bits (<em>e.g.</em>, 0.0.0.0/0) is the same as the constant
389 <em>_Default_</em>, matching any IP address. </dd>
392 <dt><a name="ipaddr">
393 <em>IPAddr</em></a></dt>
394 <dd>A <em>IPAddr</em> represents a fully qualified internet address in
395 numeric (dotted quad) form. Usually, this address represents a
396 host, but there need not necessarily be a DNS domain name
397 connected with the address.<br />
398 Example: 192.168.123.7<br />
399 Note: An <em>IPAddr</em> does not need to be resolved by the DNS
400 system, so it can result in more effective apache performance.</dd>
403 <dt><a name="hostname">
404 <em>Hostname</em></a></dt>
405 <dd>A <em>Hostname</em> is a fully qualified DNS domain name which can
406 be resolved to one or more <a href="#ipaddr"><em>IPAddrs</em></a> via the DNS domain name service.
407 It represents a logical host (in contrast to
408 <a href="#domain"><em>Domain</em></a>s, see
409 above) and must be resolvable to at least one <a href="#ipaddr"><em>IPAddr</em></a> (or often to a list of hosts
410 with different <a href="#ipaddr"><em>IPAddr</em></a>'s).<br />
411 Examples: <code>prep.ai.mit.edu</code>
412 <code>www.apache.org.</code><br />
413 Note: In many situations, it is more effective to specify an
414 <a href="#ipaddr"><em>IPAddr</em></a> in place of a
415 <em>Hostname</em> since a DNS lookup
416 can be avoided. Name resolution in Apache can take a remarkable deal
417 of time when the connection to the name server uses a slow PPP
419 Note: <em>Hostname</em> comparisons are done without regard to the case,
420 and <em>Hostname</em>s are always assumed to be anchored in the root
421 of the DNS tree, therefore two hosts <code>WWW.MyDomain.com</code>
422 and <code>www.mydomain.com.</code> (note the trailing period) are
423 considered equal.</dd>
428 <li><a href="../dns-caveats.html">DNS Issues</a></li>
431 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
432 <div class="directive-section"><h2><a name="Proxy" id="Proxy"><Proxy></a> <a name="proxy" id="proxy">Directive</a></h2>
433 <table class="directive">
434 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Container for directives applied to proxied
436 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code><Proxy <em>wildcard-url</em>> ...</Proxy></code></td></tr>
437 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
438 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
439 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
441 <p>Directives placed in <code class="directive"><Proxy></code>
442 sections apply only to matching proxied content. Shell-style
443 wildcards are allowed.</p>
445 <p>For example, the following will allow only hosts in
446 <code>yournetwork.example.com</code> to access content via your
449 <div class="example"><p><code>
450 <Proxy *><br />
451 Order Deny,Allow<br />
452 Deny from all<br />
453 Allow from yournetwork.example.com<br />
457 <p>The following example will process all files in the
458 <code>foo</code> directory of <code>example.com</code> through the
459 <code>INCLUDES</code> filter when they are sent through the proxy
461 <div class="example"><p><code>
462 <Proxy http://example.com/foo/*><br />
463 SetOutputFilter INCLUDES<br />
468 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
469 <div class="directive-section"><h2><a name="ProxyBadHeader" id="ProxyBadHeader">ProxyBadHeader</a> <a name="proxybadheader" id="proxybadheader">Directive</a></h2>
470 <table class="directive">
471 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Determines how to handle bad header lines in a
473 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyBadHeader IsError|Ignore|StartBody</code></td></tr>
474 <tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyBadHeader IsError</code></td></tr>
475 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
476 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
477 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
478 <tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>available in Apache 2.0.44 and later</td></tr>
480 <p>The <code class="directive">ProxyBadHeader</code> directive determines the behaviour
481 of <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> if it receives syntactically invalid header lines
482 (<em>i.e.</em> containing no colon). The following arguments are possible:</p>
484 <dt><code>IsError</code></dt>
485 <dd>Abort the request and end up with a 502 (Bad Gateway) response. This is the
486 default behaviour.</dd>
488 <dt><code>Ignore</code></dt>
489 <dd>Treat bad header lines as if they weren't sent.</dd>
491 <dt><code>StartBody</code></dt>
492 <dd>When receiving the first bad header line, finish reading the headers and
493 treat the remainder as body. This helps to work around buggy backend servers
494 which forget to insert an empty line between the headers and the body.</dd>
498 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
499 <div class="directive-section"><h2><a name="ProxyBlock" id="ProxyBlock">ProxyBlock</a> <a name="proxyblock" id="proxyblock">Directive</a></h2>
500 <table class="directive">
501 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Words, hosts, or domains that are banned from being
503 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyBlock *|<em>word|host|domain</em>
504 [<em>word|host|domain</em>] ...</code></td></tr>
505 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
506 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
507 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
509 <p>The <code class="directive">ProxyBlock</code> directive specifies a list of
510 words, hosts and/or domains, separated by spaces. HTTP, HTTPS, and
511 FTP document requests to sites whose names contain matched words,
512 hosts or domains are <em>blocked</em> by the proxy server. The proxy
513 module will also attempt to determine IP addresses of list items which
514 may be hostnames during startup, and cache them for match test as
517 <div class="example"><p><code>
518 ProxyBlock joes-garage.com some-host.co.uk rocky.wotsamattau.edu
521 <p>'rocky.wotsamattau.edu' would also be matched if referenced by IP
524 <p>Note that 'wotsamattau' would also be sufficient to match
525 'wotsamattau.edu'.</p>
527 <p>Note also that</p>
529 <div class="example"><p><code>
533 <p>blocks connections to all sites.</p>
537 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
538 <div class="directive-section"><h2><a name="ProxyDomain" id="ProxyDomain">ProxyDomain</a> <a name="proxydomain" id="proxydomain">Directive</a></h2>
539 <table class="directive">
540 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Default domain name for proxied requests</td></tr>
541 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyDomain <em>Domain</em></code></td></tr>
542 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
543 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
544 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
546 <p>This directive is only useful for Apache proxy servers within
547 intranets. The <code class="directive">ProxyDomain</code> directive specifies
548 the default domain which the apache proxy server will belong to. If a
549 request to a host without a domain name is encountered, a redirection
550 response to the same host with the configured <em>Domain</em> appended
551 will be generated.</p>
553 <div class="example"><h3>Example</h3><p><code>
554 ProxyRemote * http://firewall.mycompany.com:81<br />
555 NoProxy .mycompany.com 192.168.112.0/21<br />
556 ProxyDomain .mycompany.com
560 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
561 <div class="directive-section"><h2><a name="ProxyErrorOverride" id="ProxyErrorOverride">ProxyErrorOverride</a> <a name="proxyerroroverride" id="proxyerroroverride">Directive</a></h2>
562 <table class="directive">
563 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Override error pages for proxied content</td></tr>
564 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyErrorOverride On|Off</code></td></tr>
565 <tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyErrorOverride Off</code></td></tr>
566 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
567 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
568 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
569 <tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.0 and later</td></tr>
571 <p>This directive is useful for reverse-proxy setups, where you want to
572 have a common look and feel on the error pages seen by the end user.
573 This also allows for included files (via mod_include's SSI) to get
574 the error code and act accordingly (default behavior would display
575 the error page of the proxied server, turning this on shows the SSI
579 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
580 <div class="directive-section"><h2><a name="ProxyIOBufferSize" id="ProxyIOBufferSize">ProxyIOBufferSize</a> <a name="proxyiobuffersize" id="proxyiobuffersize">Directive</a></h2>
581 <table class="directive">
582 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>IO buffer size for outgoing HTTP and FTP
583 connections</td></tr>
584 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyIOBufferSize <em>bytes</em></code></td></tr>
585 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
586 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
587 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
592 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
593 <div class="directive-section"><h2><a name="ProxyMatch" id="ProxyMatch"><ProxyMatch></a> <a name="proxymatch" id="proxymatch">Directive</a></h2>
594 <table class="directive">
595 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Container for directives applied to regular-expression-matched
596 proxied resources</td></tr>
597 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code><ProxyMatch <em>regex</em>> ...</ProxyMatch></code></td></tr>
598 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
599 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
600 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
602 <p>The <code class="directive"><ProxyMatch></code> directive is
603 identical to the <code class="directive"><a href="#proxy"><Proxy></a></code> directive, except it matches URLs
604 using regular expressions.</p>
607 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
608 <div class="directive-section"><h2><a name="ProxyMaxForwards" id="ProxyMaxForwards">ProxyMaxForwards</a> <a name="proxymaxforwards" id="proxymaxforwards">Directive</a></h2>
609 <table class="directive">
610 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maximium number of proxies that a request can be forwarded
612 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyMaxForwards <em>number</em></code></td></tr>
613 <tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyMaxForwards 10</code></td></tr>
614 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
615 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
616 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
617 <tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.0 and later</td></tr>
619 <p>The <code class="directive">ProxyMaxForwards</code> directive specifies the
620 maximum number of proxies through which a request may pass. This is
621 set to prevent infinite proxy loops, or a DoS attack.</p>
623 <div class="example"><h3>Example</h3><p><code>
628 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
629 <div class="directive-section"><h2><a name="ProxyPass" id="ProxyPass">ProxyPass</a> <a name="proxypass" id="proxypass">Directive</a></h2>
630 <table class="directive">
631 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maps remote servers into the local server
633 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPass [<em>path</em>] !|<em>url</em></code></td></tr>
634 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
635 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
636 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
638 <p>This directive allows remote servers to be mapped into the space of
639 the local server; the local server does not act as a proxy in the
640 conventional sense, but appears to be a mirror of the remote
641 server. <em>path</em> is the name of a local virtual path;
642 <em>url</em> is a partial URL for the remote server and cannot
643 include a query string.</p>
645 <p>Suppose the local server has address <code>http://wibble.org/</code>;
647 <div class="example"><p><code>
648 ProxyPass /mirror/foo/ http://foo.com/
650 <p>will cause a local request for the
651 <<code>http://wibble.org/mirror/foo/bar</code>> to be
652 internally converted into a proxy request to
653 <<code>http://foo.com/bar</code>>.</p>
655 The ! directive is useful in situations where you don't want to reverse-proxy
656 a subdirectory. eg.</p>
657 <div class="example"><p><code>
658 ProxyPass /mirror/foo/i !<br />
659 ProxyPass /mirror/foo http://foo.com
661 <p>will proxy all requests to /mirror/foo to foo.com EXCEPT requests made to /mirror/foo/i</p>
663 <div class="note">NB: order is important. you need to put the exclusions BEFORE the general proxypass directive</div>
665 <p>When used inside a <code class="directive"><a href="../mod/core.html#location"><Location></a></code> section, the first argument is
666 ommitted and the local directory is obtained from the <code class="directive"><a href="../mod/core.html#location"><Location></a></code>.</p>
668 <p>If you require a more flexible reverse-proxy configuration, see
669 the <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> directive
670 with the <code>[P]</code> flag.</p>
674 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
675 <div class="directive-section"><h2><a name="ProxyPassReverse" id="ProxyPassReverse">ProxyPassReverse</a> <a name="proxypassreverse" id="proxypassreverse">Directive</a></h2>
676 <table class="directive">
677 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Adjusts the URL in HTTP response headers sent from
678 a reverse proxied server</td></tr>
679 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPassReverse [<em>path</em>] <em>url</em></code></td></tr>
680 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
681 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
682 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
684 <p>This directive lets Apache adjust the URL in the <code>Location</code>,
685 <code>Content-Location</code> and <code>URI</code> headers on
686 HTTP redirect responses. This is essential when Apache is used as
687 a reverse proxy to avoid by-passing the reverse proxy because of HTTP
688 redirects on the backend servers which stay behind the reverse proxy.</p>
690 <p><em>path</em> is the name of a local virtual path.<br />
691 <em>url</em> is a partial URL for the remote server - the same way they are
692 used for the <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive.</p>
696 Suppose the local server has address <code>http://wibble.org/</code>; then</p>
697 <div class="example"><p><code>
698 ProxyPass /mirror/foo/ http://foo.com/<br />
699 ProxyPassReverse /mirror/foo/ http://foo.com/
701 <p>will not only cause a local request for the
702 <<code>http://wibble.org/mirror/foo/bar</code>> to be internally
703 converted into a proxy request to <<code>http://foo.com/bar</code>> (the
704 functionality <code>ProxyPass</code> provides here). It also takes care of
705 redirects the server foo.com sends: when <code>http://foo.com/bar</code> is
706 redirected by him to <code>http://foo.com/quux</code> Apache adjusts this to
707 <code>http://wibble.org/mirror/foo/quux</code> before forwarding the HTTP
708 redirect response to the client. Note that the hostname used for
709 constructing the URL is chosen in respect to the setting of the
710 <code class="directive"><a href="../mod/core.html#usecanonicalname">UseCanonicalName</a></code> directive.</p>
712 Note that this <code class="directive">ProxyPassReverse</code> directive can
713 also be used in conjunction with the proxy pass-through feature
714 ("<code>RewriteRule ... [P]</code>") from
715 <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> because its doesn't depend on a
716 corresponding <code class="directive"><a href="#proxypass">ProxyPass</a></code>
719 <p>When used inside a <code class="directive"><a href="../mod/core.html#location"><Location></a></code> section, the first argument is
720 ommitted and the local directory is obtained from the <code class="directive"><a href="../mod/core.html#location"><Location></a></code>.</p>
724 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
725 <div class="directive-section"><h2><a name="ProxyPreserveHost" id="ProxyPreserveHost">ProxyPreserveHost</a> <a name="proxypreservehost" id="proxypreservehost">Directive</a></h2>
726 <table class="directive">
727 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use incoming Host HTTP request header for
728 proxy request</td></tr>
729 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPreserveHost on|off</code></td></tr>
730 <tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyPreserveHost Off</code></td></tr>
731 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
732 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
733 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
734 <tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in
735 Apache 2.0.31 and later.</td></tr>
737 <p>When enabled, this option will pass the Host: line from the
738 incoming request to the proxied host, instead of the hostname
739 specified in the proxypass line.
741 <p>This option should normally be turned 'off'.</p>
744 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
745 <div class="directive-section"><h2><a name="ProxyReceiveBufferSize" id="ProxyReceiveBufferSize">ProxyReceiveBufferSize</a> <a name="proxyreceivebuffersize" id="proxyreceivebuffersize">Directive</a></h2>
746 <table class="directive">
747 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Network buffer size for outgoing HTTP and FTP
748 connections</td></tr>
749 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyReceiveBufferSize <em>bytes</em></code></td></tr>
750 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
751 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
752 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
754 <p>The <code class="directive">ProxyReceiveBufferSize</code> directive
755 specifies an explicit network buffer size for outgoing HTTP and FTP
756 connections, for increased throughput. It has to be greater than 512
757 or set to 0 to indicate that the system's default buffer size should
759 <div class="example"><h3>Example</h3><p><code>
760 ProxyReceiveBufferSize 2048
764 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
765 <div class="directive-section"><h2><a name="ProxyRemote" id="ProxyRemote">ProxyRemote</a> <a name="proxyremote" id="proxyremote">Directive</a></h2>
766 <table class="directive">
767 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Remote proxy used to handle certain requests</td></tr>
768 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyRemote <em>match remote-server</em></code></td></tr>
769 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
770 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
771 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
773 <p>This defines remote proxies to this proxy. <em>match</em> is either the
774 name of a URL-scheme that the remote server supports, or a partial URL
775 for which the remote server should be used, or '*' to indicate the
776 server should be contacted for all requests. <em>remote-server</em> is a
777 partial URL for the remote server. Syntax:</p>
780 remote-server = protocol://hostname[:port]
783 <p><em>protocol</em> is the protocol that should be used to communicate
784 with the remote server; only "http" is supported by this module.</p>
788 <div class="example"><p><code>
789 ProxyRemote http://goodguys.com/ http://mirrorguys.com:8000<br />
790 ProxyRemote * http://cleversite.com<br />
791 ProxyRemote ftp http://ftpproxy.mydomain.com:8080
794 <p>In the last example, the proxy will forward FTP requests, encapsulated
795 as yet another HTTP proxy request, to another proxy which can handle
798 <p>This option also supports reverse proxy configuration - a backend
799 webserver can be embedded within a virtualhost URL space even if that
800 server is hidden by another forward proxy.</p>
803 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
804 <div class="directive-section"><h2><a name="ProxyRemoteMatch" id="ProxyRemoteMatch">ProxyRemoteMatch</a> <a name="proxyremotematch" id="proxyremotematch">Directive</a></h2>
805 <table class="directive">
806 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Remote proxy used to handle requests
807 matched by regular expressions</td></tr>
808 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyRemoteMatch <em>regex remote-server</em></code></td></tr>
809 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
810 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
811 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
813 <p>The <code class="directive">ProxyRemoteMatch</code> is identical
814 to the <code class="directive"><a href="#proxyremote">ProxyRemote</a></code>
815 directive, except the first argument is a regular expression
816 match against the requested URL.</p>
819 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
820 <div class="directive-section"><h2><a name="ProxyRequests" id="ProxyRequests">ProxyRequests</a> <a name="proxyrequests" id="proxyrequests">Directive</a></h2>
821 <table class="directive">
822 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enables forward (standard) proxy requests</td></tr>
823 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyRequests on|off</code></td></tr>
824 <tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyRequests Off</code></td></tr>
825 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
826 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
827 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
829 <p>This allows or prevents Apache from functioning as a forward proxy
830 server. (Setting ProxyRequests to 'off' does not disable use of the
831 <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive.)</p>
833 <p>In a typical reverse proxy configuration, this option should be set to
836 <div class="warning"><p>Do not enable proxying with <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> until you have
837 <a href="#access">secured your server</a>. Open proxy servers are
838 dangerous both to your network and to the Internet at large.</p></div>
842 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
843 <div class="directive-section"><h2><a name="ProxyTimeout" id="ProxyTimeout">ProxyTimeout</a> <a name="proxytimeout" id="proxytimeout">Directive</a></h2>
844 <table class="directive">
845 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Network timeout for proxied requests</td></tr>
846 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyTimeout <em>seconds</em></code></td></tr>
847 <tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyTimeout 300</code></td></tr>
848 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
849 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
850 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
851 <tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in
852 Apache 2.0.31 and later</td></tr>
854 <p>This directive allows a user to specifiy a timeout on proxy requests.
855 This is usefull when you have a slow/buggy appserver which hangs,
856 and you would rather just return a timeout and fail gracefully instead
857 of waiting however long it takes the server to return
861 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
862 <div class="directive-section"><h2><a name="ProxyVia" id="ProxyVia">ProxyVia</a> <a name="proxyvia" id="proxyvia">Directive</a></h2>
863 <table class="directive">
864 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Information provided in the Via HTTP response
865 header for proxied requests</td></tr>
866 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyVia on|off|full|block</code></td></tr>
867 <tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyVia off</code></td></tr>
868 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
869 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
870 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
872 <p>This directive controls the use of the <code>Via:</code> HTTP
873 header by the proxy. Its intended use is to control the flow of of
874 proxy requests along a chain of proxy servers. See RFC2068 (HTTP/1.1)
875 for an explanation of <code>Via:</code> header lines.</p>
878 to <em>off</em>, which is the default, no special processing is
879 performed. If a request or reply contains a <code>Via:</code> header,
880 it is passed through unchanged.</li>
882 <li>If set to <em>on</em>, each
883 request and reply will get a <code>Via:</code> header line added for
884 the current host.</li>
886 <li>If set to <em>full</em>, each generated <code>Via:</code> header
887 line will additionally have the Apache server version shown as a
888 <code>Via:</code> comment field.</li>
890 <li>If set to <em>block</em>, every
891 proxy request will have all its <code>Via:</code> header lines
892 removed. No new <code>Via:</code> header will be generated.</li>
897 <div class="bottomlang">
898 <p><span>Available Languages: </span><a href="../en/mod/mod_proxy.html"> en </a></p>
899 </div><div id="footer">
900 <p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p>
901 <p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div>