From: Daniel Ruggeri <druggeri@apache.org>
Date: Wed, 15 Apr 2015 17:03:08 +0000 (+0000)
Subject: We need moar emails - format change
X-Git-Tag: 2.4.13~229
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=40db6f5b58a5bf54e18c4160b6ae4fe62953cdd7;p=apache

We need moar emails - format change

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1673873 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/manual/mod/core.html.en b/docs/manual/mod/core.html.en
index 0b70b04729..68a9d09ca5 100644
--- a/docs/manual/mod/core.html.en
+++ b/docs/manual/mod/core.html.en
@@ -45,6 +45,7 @@ available</td></tr>
 <li><img alt="" src="../images/down.gif" /> <a href="#allowoverride">AllowOverride</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#allowoverridelist">AllowOverrideList</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#cgimapextension">CGIMapExtension</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#cgipassauth">CGIPassAuth</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#contentdigest">ContentDigest</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#defaultruntimedir">DefaultRuntimeDir</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#defaulttype">DefaultType</a></li>
@@ -117,6 +118,7 @@ available</td></tr>
 <li><img alt="" src="../images/down.gif" /> <a href="#virtualhost">&lt;VirtualHost&gt;</a></li>
 </ul>
 <ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="AcceptFilter" id="AcceptFilter">AcceptFilter</a> <a name="acceptfilter" id="acceptfilter">Directive</a></h2>
 <table class="directive">
@@ -617,6 +619,43 @@ scripts</td></tr>
     cause all CGI script files with a <code>.foo</code> extension to
     be passed to the FOO interpreter.</p>
 
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="CGIPassAuth" id="CGIPassAuth">CGIPassAuth</a> <a name="cgipassauth" id="cgipassauth">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enables passing HTTP authorization headers to scripts as CGI
+variables</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>CGIPassAuth On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>CGIPassAuth Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Core</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>core</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.4.13 and later</td></tr>
+</table>
+    <p><code class="directive">CGIPassAuth</code> allows scripts access to HTTP
+    authorization headers such as <code>Authorization</code>, which is
+    required for scripts that implement HTTP Basic authentication.
+    Normally these HTTP headers are hidden from scripts, as it allows
+    scripts to see user ids and passwords used to access the server when
+    HTTP Basic authentication is enabled in the web server.  This directive
+    should be used when scripts are allowed to implement HTTP Basic
+    authentication.</p>
+
+    <p>This directive can be used instead of the compile-time setting
+    <code>SECURITY_HOLE_PASS_AUTHORIZATION</code> which has been available
+    in previous versions of Apache HTTP Server.</p>
+
+    <p>The setting is respected by any modules which use
+    <code>ap_add_common_vars()</code>, such as <code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code>,
+    <code class="module"><a href="../mod/mod_cgid.html">mod_cgid</a></code>, <code class="module"><a href="../mod/mod_proxy_fcgi.html">mod_proxy_fcgi</a></code>,
+    <code class="module"><a href="../mod/mod_proxy_scgi.html">mod_proxy_scgi</a></code>, and so on.  Notably, it affects
+    modules which don't handle the request in the usual sense but
+    still use this API; examples of this are <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>
+    and <code class="module"><a href="../mod/mod_ext_filter.html">mod_ext_filter</a></code>.  Third-party modules that don't
+    use <code>ap_add_common_vars()</code> may choose to respect the setting
+    as well.</p>
+
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="ContentDigest" id="ContentDigest">ContentDigest</a> <a name="contentdigest" id="contentdigest">Directive</a></h2>
@@ -4487,7 +4526,6 @@ hostname or IP address</td></tr>
     different sections are combined when a request is received</li>
 </ul>
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../de/mod/core.html" hreflang="de" rel="alternate" title="Deutsch">&nbsp;de&nbsp;</a> |
diff --git a/docs/manual/mod/core.xml.de b/docs/manual/mod/core.xml.de
index 508ec9b64f..a00988ec97 100644
--- a/docs/manual/mod/core.xml.de
+++ b/docs/manual/mod/core.xml.de
@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.de.xsl"?>
-<!-- English Revision: 344972:1673805 (outdated) -->
+<!-- English Revision: 344972:1673860 (outdated) -->
 
 <!--
  Licensed to the Apache Software Foundation (ASF) under one or more
diff --git a/docs/manual/mod/core.xml.es b/docs/manual/mod/core.xml.es
index f81d472fff..b4a726b082 100644
--- a/docs/manual/mod/core.xml.es
+++ b/docs/manual/mod/core.xml.es
@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
-<!-- English Revision: 1040494:1673805 (outdated) -->
+<!-- English Revision: 1040494:1673860 (outdated) -->
 
 <!--
  Licensed to the Apache Software Foundation (ASF) under one or more
diff --git a/docs/manual/mod/core.xml.fr b/docs/manual/mod/core.xml.fr
index e118ecf795..585e90000a 100644
--- a/docs/manual/mod/core.xml.fr
+++ b/docs/manual/mod/core.xml.fr
@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.fr.xsl"?>
-<!-- English Revision: 1670326:1673805 (outdated) -->
+<!-- English Revision: 1670326:1673860 (outdated) -->
 <!-- French translation : Lucien GENTIS -->
 <!-- Reviewed by : Vincent Deffontaines -->
 
diff --git a/docs/manual/mod/core.xml.ja b/docs/manual/mod/core.xml.ja
index 09c326214b..f8b05e5c45 100644
--- a/docs/manual/mod/core.xml.ja
+++ b/docs/manual/mod/core.xml.ja
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
-<!-- English Revision: 669847:1673805 (outdated) -->
+<!-- English Revision: 669847:1673860 (outdated) -->
 
 <!--
  Licensed to the Apache Software Foundation (ASF) under one or more
diff --git a/docs/manual/mod/core.xml.tr b/docs/manual/mod/core.xml.tr
index 5c284aa980..10e69aef9f 100644
--- a/docs/manual/mod/core.xml.tr
+++ b/docs/manual/mod/core.xml.tr
@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.tr.xsl"?>
-<!-- English Revision: 1647230:1673805 (outdated) -->
+<!-- English Revision: 1647230:1673860 (outdated) -->
 <!-- =====================================================
  Translated by: Nilgün Belma Bugüner <nilgun belgeler.gen.tr>
    Reviewed by: Orhan Berent <berent belgeler.gen.tr>
diff --git a/docs/manual/mod/directives.html.en b/docs/manual/mod/directives.html.en
index d8a4ff13da..d52b1657b7 100644
--- a/docs/manual/mod/directives.html.en
+++ b/docs/manual/mod/directives.html.en
@@ -197,6 +197,7 @@
 <li><a href="mod_cache.html#cachestoreprivate">CacheStorePrivate</a></li>
 <li><a href="mod_cgid.html#cgidscripttimeout">CGIDScriptTimeout</a></li>
 <li><a href="core.html#cgimapextension">CGIMapExtension</a></li>
+<li><a href="core.html#cgipassauth">CGIPassAuth</a></li>
 <li><a href="mod_charset_lite.html#charsetdefault">CharsetDefault</a></li>
 <li><a href="mod_charset_lite.html#charsetoptions">CharsetOptions</a></li>
 <li><a href="mod_charset_lite.html#charsetsourceenc">CharsetSourceEnc</a></li>
diff --git a/docs/manual/mod/event.html.en b/docs/manual/mod/event.html.en
index 6f25612acb..92b0b29745 100644
--- a/docs/manual/mod/event.html.en
+++ b/docs/manual/mod/event.html.en
@@ -48,7 +48,11 @@ of consuming threads only for connections with active processing</td></tr>
       script's arguments when building the <code class="program"><a href="../programs/httpd.html">httpd</a></code>.</p>
 
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#how-it-works">How it Works</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#requirements">Requirements</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#asyncrequestworkerfactor">AsyncRequestWorkerFactor</a></li>
 <li><img alt="" src="../images/right.gif" /> <a href="mpm_common.html#coredumpdirectory">CoreDumpDirectory</a></li>
@@ -71,67 +75,11 @@ of consuming threads only for connections with active processing</td></tr>
 <li><img alt="" src="../images/right.gif" /> <a href="mpm_common.html#threadstacksize">ThreadStackSize</a></li>
 <li><img alt="" src="../images/right.gif" /> <a href="mod_unixd.html#user">User</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#how-it-works">How it Works</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#requirements">Requirements</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><a href="worker.html">The worker MPM</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AsyncRequestWorkerFactor" id="AsyncRequestWorkerFactor">AsyncRequestWorkerFactor</a> <a name="asyncrequestworkerfactor" id="asyncrequestworkerfactor">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Limit concurrent connections per process</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AsyncRequestWorkerFactor <var>factor</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>2</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>MPM</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>event</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.13 and later</td></tr>
-</table>
-    <p>The event MPM handles some connections in an asynchronous way, where
-    request worker threads are only allocated for short periods of time as
-    needed, and other connections with one request worker thread reserved per
-    connection. This can lead to situations where all workers are tied up and
-    no worker thread is available to handle new work on established async
-    connections.</p>
-
-    <p>To mitigate this problem, the event MPM does two things: Firstly, it
-    limits the number of connections accepted per process, depending on the
-    number of idle request workers. Secondly, if all workers are busy, it will
-    close connections in keep-alive state even if the keep-alive timeout has
-    not expired. This allows the respective clients to reconnect to a
-    different process which may still have worker threads available.</p>
-
-    <p>This directive can be used to fine-tune the per-process connection
-    limit. A process will only accept new connections if the current number of
-    connections (not counting connections in the "closing" state) is lower
-    than:</p>
-
-    <p class="indent"><strong>
-        <code class="directive"><a href="../mod/mpm_common.html#threadsperchild">ThreadsPerChild</a></code> +
-        (<code class="directive">AsyncRequestWorkerFactor</code> *
-        <var>number of idle workers</var>)
-    </strong></p>
-
-    <p>This means the absolute maximum numbers of concurrent connections is:</p>
-
-    <p class="indent"><strong>
-        (<code class="directive">AsyncRequestWorkerFactor</code> + 1) *
-        <code class="directive"><a href="../mod/mpm_common.html#maxrequestworkers">MaxRequestWorkers</a></code>
-    </strong></p>
-
-    <p><code class="directive"><a href="../mod/mpm_common.html#maxrequestworkers">MaxRequestWorkers</a></code> was called
-    <code class="directive">MaxClients</code> prior to version 2.3.13. The above value
-    shows that the old name did not accurately describe its meaning for the event MPM.</p>
-
-    <p><code class="directive">AsyncRequestWorkerFactor</code> can take non-integer
-    arguments, e.g "1.5".</p>
-
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="how-it-works" id="how-it-works">How it Works</a></h2>
     <p>This MPM tries to fix the 'keep alive problem' in HTTP. After a client
@@ -197,6 +145,58 @@ of consuming threads only for connections with active processing</td></tr>
       with support for EPoll.</li>
 
     </ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AsyncRequestWorkerFactor" id="AsyncRequestWorkerFactor">AsyncRequestWorkerFactor</a> <a name="asyncrequestworkerfactor" id="asyncrequestworkerfactor">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Limit concurrent connections per process</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AsyncRequestWorkerFactor <var>factor</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>2</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>MPM</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>event</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.13 and later</td></tr>
+</table>
+    <p>The event MPM handles some connections in an asynchronous way, where
+    request worker threads are only allocated for short periods of time as
+    needed, and other connections with one request worker thread reserved per
+    connection. This can lead to situations where all workers are tied up and
+    no worker thread is available to handle new work on established async
+    connections.</p>
+
+    <p>To mitigate this problem, the event MPM does two things: Firstly, it
+    limits the number of connections accepted per process, depending on the
+    number of idle request workers. Secondly, if all workers are busy, it will
+    close connections in keep-alive state even if the keep-alive timeout has
+    not expired. This allows the respective clients to reconnect to a
+    different process which may still have worker threads available.</p>
+
+    <p>This directive can be used to fine-tune the per-process connection
+    limit. A process will only accept new connections if the current number of
+    connections (not counting connections in the "closing" state) is lower
+    than:</p>
+
+    <p class="indent"><strong>
+        <code class="directive"><a href="../mod/mpm_common.html#threadsperchild">ThreadsPerChild</a></code> +
+        (<code class="directive">AsyncRequestWorkerFactor</code> *
+        <var>number of idle workers</var>)
+    </strong></p>
+
+    <p>This means the absolute maximum numbers of concurrent connections is:</p>
+
+    <p class="indent"><strong>
+        (<code class="directive">AsyncRequestWorkerFactor</code> + 1) *
+        <code class="directive"><a href="../mod/mpm_common.html#maxrequestworkers">MaxRequestWorkers</a></code>
+    </strong></p>
+
+    <p><code class="directive"><a href="../mod/mpm_common.html#maxrequestworkers">MaxRequestWorkers</a></code> was called
+    <code class="directive">MaxClients</code> prior to version 2.3.13. The above value
+    shows that the old name did not accurately describe its meaning for the event MPM.</p>
+
+    <p><code class="directive">AsyncRequestWorkerFactor</code> can take non-integer
+    arguments, e.g "1.5".</p>
+
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_access_compat.html.en b/docs/manual/mod/mod_access_compat.html.en
index 405b2dcbdd..3edb360678 100644
--- a/docs/manual/mod/mod_access_compat.html.en
+++ b/docs/manual/mod/mod_access_compat.html.en
@@ -91,6 +91,7 @@ have been deprecated by the new authz refactoring.  Please see
 <li><code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code></li>
 <li><code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="Allow" id="Allow">Allow</a> <a name="allow" id="allow">Directive</a></h2>
 <table class="directive">
@@ -458,7 +459,6 @@ Satisfy Any</pre>
 <li><code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code></li>
 </ul>
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_access_compat.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_actions.html.en b/docs/manual/mod/mod_actions.html.en
index 2479c58131..d0011b8dc3 100644
--- a/docs/manual/mod/mod_actions.html.en
+++ b/docs/manual/mod/mod_actions.html.en
@@ -53,6 +53,7 @@
 <li><a href="../howto/cgi.html">Dynamic Content with CGI</a></li>
 <li><a href="../handler.html">Apache httpd's Handler Use</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="Action" id="Action">Action</a> <a name="action" id="action">Directive</a></h2>
 <table class="directive">
@@ -149,7 +150,6 @@ Script PUT "/~bob/put.cgi"</pre>
 
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../de/mod/mod_actions.html" hreflang="de" rel="alternate" title="Deutsch">&nbsp;de&nbsp;</a> |
diff --git a/docs/manual/mod/mod_alias.html.en b/docs/manual/mod/mod_alias.html.en
index b611886519..9580b8eb03 100644
--- a/docs/manual/mod/mod_alias.html.en
+++ b/docs/manual/mod/mod_alias.html.en
@@ -66,7 +66,10 @@
     <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>.</p>
 
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#order">Order of Processing</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#alias">Alias</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#aliasmatch">AliasMatch</a></li>
@@ -77,15 +80,53 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#scriptalias">ScriptAlias</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#scriptaliasmatch">ScriptAliasMatch</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#order">Order of Processing</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code></li>
 <li><a href="../urlmapping.html">Mapping URLs to the filesystem</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="order" id="order">Order of Processing</a></h2>
+
+    <p>Aliases and Redirects occurring in different contexts are processed
+    like other directives according to standard <a href="../sections.html#mergin">merging rules</a>.  But when multiple
+    Aliases or Redirects occur in the same context (for example, in the
+    same <code class="directive"><a href="../mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code>
+    section) they are processed in a particular order.</p>
+
+    <p>First, all Redirects are processed before Aliases are processed,
+    and therefore a request that matches a <code class="directive"><a href="#redirect">Redirect</a></code> or <code class="directive"><a href="#redirectmatch">RedirectMatch</a></code> will never have Aliases
+    applied.  Second, the Aliases and Redirects are processed in the order
+    they appear in the configuration files, with the first match taking
+    precedence.</p>
+
+    <p>For this reason, when two or more of these directives apply to the
+    same sub-path, you must list the most specific path first in order for
+    all the directives to have an effect.  For example, the following
+    configuration will work as expected:</p>
+
+    <pre class="prettyprint lang-config">Alias "/foo/bar" "/baz"
+Alias "/foo" "/gaq"</pre>
+
+
+    <p>But if the above two directives were reversed in order, the
+    <code>/foo</code> <code class="directive"><a href="#alias">Alias</a></code>
+    would always match before the <code>/foo/bar</code> <code class="directive"><a href="#alias">Alias</a></code>, so the latter directive would be
+    ignored.</p>
+
+    <p>When the <code class="directive"><a href="#alias">Alias</a></code>,
+    <code class="directive"><a href="#scriptalias">ScriptAlias</a></code> and
+    <code class="directive"><a href="#redirect">Redirect</a></code> directives are used
+    within a <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code>
+    or <code class="directive"><a href="../mod/core.html#locationmatch">&lt;LocationMatch&gt;</a></code>
+    section, these directives will take precedence over any globally
+    defined <code class="directive"><a href="#alias">Alias</a></code>,
+    <code class="directive"><a href="#scriptalias">ScriptAlias</a></code> and
+    <code class="directive"><a href="#redirect">Redirect</a></code> directives.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="Alias" id="Alias">Alias</a> <a name="alias" id="alias">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maps URLs to filesystem locations</td></tr>
@@ -556,47 +597,6 @@ and designates the target as a CGI script</td></tr>
     details.</p>
 
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="order" id="order">Order of Processing</a></h2>
-
-    <p>Aliases and Redirects occurring in different contexts are processed
-    like other directives according to standard <a href="../sections.html#mergin">merging rules</a>.  But when multiple
-    Aliases or Redirects occur in the same context (for example, in the
-    same <code class="directive"><a href="../mod/core.html#virtualhost">&lt;VirtualHost&gt;</a></code>
-    section) they are processed in a particular order.</p>
-
-    <p>First, all Redirects are processed before Aliases are processed,
-    and therefore a request that matches a <code class="directive"><a href="#redirect">Redirect</a></code> or <code class="directive"><a href="#redirectmatch">RedirectMatch</a></code> will never have Aliases
-    applied.  Second, the Aliases and Redirects are processed in the order
-    they appear in the configuration files, with the first match taking
-    precedence.</p>
-
-    <p>For this reason, when two or more of these directives apply to the
-    same sub-path, you must list the most specific path first in order for
-    all the directives to have an effect.  For example, the following
-    configuration will work as expected:</p>
-
-    <pre class="prettyprint lang-config">Alias "/foo/bar" "/baz"
-Alias "/foo" "/gaq"</pre>
-
-
-    <p>But if the above two directives were reversed in order, the
-    <code>/foo</code> <code class="directive"><a href="#alias">Alias</a></code>
-    would always match before the <code>/foo/bar</code> <code class="directive"><a href="#alias">Alias</a></code>, so the latter directive would be
-    ignored.</p>
-
-    <p>When the <code class="directive"><a href="#alias">Alias</a></code>,
-    <code class="directive"><a href="#scriptalias">ScriptAlias</a></code> and
-    <code class="directive"><a href="#redirect">Redirect</a></code> directives are used
-    within a <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code>
-    or <code class="directive"><a href="../mod/core.html#locationmatch">&lt;LocationMatch&gt;</a></code>
-    section, these directives will take precedence over any globally
-    defined <code class="directive"><a href="#alias">Alias</a></code>,
-    <code class="directive"><a href="#scriptalias">ScriptAlias</a></code> and
-    <code class="directive"><a href="#redirect">Redirect</a></code> directives.</p>
-
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_allowmethods.html.en b/docs/manual/mod/mod_allowmethods.html.en
index 09833ec632..0b492eef13 100644
--- a/docs/manual/mod/mod_allowmethods.html.en
+++ b/docs/manual/mod/mod_allowmethods.html.en
@@ -47,6 +47,7 @@ used on an server. The most common configuration would be:</p>
 <li><img alt="" src="../images/down.gif" /> <a href="#allowmethods">AllowMethods</a></li>
 </ul>
 <ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="AllowMethods" id="AllowMethods">AllowMethods</a> <a name="allowmethods" id="allowmethods">Directive</a></h2>
 <table class="directive">
@@ -79,7 +80,6 @@ kludgy implementation of <code class="directive"><a href="../mod/core.html#limit
 <code class="directive"><a href="../mod/core.html#limitexcept">LimitExcept</a></code>.</p>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_allowmethods.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_asis.html.en b/docs/manual/mod/mod_asis.html.en
index ea56f89d32..c54730428d 100644
--- a/docs/manual/mod/mod_asis.html.en
+++ b/docs/manual/mod/mod_asis.html.en
@@ -47,13 +47,13 @@ HTTP headers</td></tr>
     <p>For historical reasons, this module will also process any
     file with the mime type <code>httpd/send-as-is</code>.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<p>This module provides no
-            directives.</p>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#usage">Usage</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<p>This module provides no
+            directives.</p>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_headers.html">mod_headers</a></code></li>
 <li><code class="module"><a href="../mod/mod_cern_meta.html">mod_cern_meta</a></code></li>
diff --git a/docs/manual/mod/mod_auth_basic.html.en b/docs/manual/mod/mod_auth_basic.html.en
index e939cd30a6..0aa646a096 100644
--- a/docs/manual/mod/mod_auth_basic.html.en
+++ b/docs/manual/mod/mod_auth_basic.html.en
@@ -58,6 +58,7 @@
 <li><code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code></li>
 <li><a href="../howto/auth.html">Authentication howto</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="AuthBasicAuthoritative" id="AuthBasicAuthoritative">AuthBasicAuthoritative</a> <a name="authbasicauthoritative" id="authbasicauthoritative">Directive</a></h2>
 <table class="directive">
@@ -252,7 +253,6 @@ Digest Authentication was in force instead of Basic Authentication.
     </div>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_auth_basic.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_auth_digest.html.en b/docs/manual/mod/mod_auth_digest.html.en
index bb967ce339..d2569970d5 100644
--- a/docs/manual/mod/mod_auth_digest.html.en
+++ b/docs/manual/mod/mod_auth_digest.html.en
@@ -46,7 +46,10 @@
     whole connection using <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> is a much better
     alternative.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#using">Using Digest Authentication</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#authdigestalgorithm">AuthDigestAlgorithm</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#authdigestdomain">AuthDigestDomain</a></li>
@@ -55,10 +58,7 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#authdigestqop">AuthDigestQop</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#authdigestshmemsize">AuthDigestShmemSize</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#using">Using Digest Authentication</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="directive"><a href="../mod/mod_authn_core.html#authname">AuthName</a></code></li>
 <li><code class="directive"><a href="../mod/mod_authn_core.html#authtype">AuthType</a></code></li>
@@ -66,6 +66,48 @@
 <li><a href="../howto/auth.html">Authentication howto</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="using" id="using">Using Digest Authentication</a></h2>
+
+    <p>To use MD5 Digest authentication, simply
+    change the normal <code>AuthType Basic</code> and
+    <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>
+    to <code>AuthType Digest</code> and
+    <code class="directive"><a href="#authdigestprovider">AuthDigestProvider</a></code>,
+    when setting up authentication, then add a
+    <code class="directive"><a href="#authdigestdomain">AuthDigestDomain</a></code> directive containing at least the root
+    URI(s) for this protection space.</p>
+
+    <p>Appropriate user (text) files can be created using the
+    <code class="program"><a href="../programs/htdigest.html">htdigest</a></code> tool.</p>
+
+    <div class="example"><h3>Example:</h3><pre class="prettyprint lang-config">&lt;Location "/private/"&gt;
+    AuthType Digest
+    AuthName "private area"
+    AuthDigestDomain "/private/" "http://mirror.my.dom/private2/"
+    
+    AuthDigestProvider file
+    AuthUserFile "/web/auth/.digest_pw"
+    Require valid-user
+&lt;/Location&gt;</pre>
+</div>
+
+    <div class="note"><h3>Note</h3>
+    <p>Digest authentication was intended to be more secure than basic
+    authentication, but no longer fulfills that design goal. A
+    man-in-the-middle attacker can trivially force the browser to downgrade
+    to basic authentication. And even a passive eavesdropper can brute-force
+    the password using today's graphics hardware, because the hashing
+    algorithm used by digest authentication is too fast. Another problem is
+    that the storage of the passwords on the server is insecure. The contents
+    of a stolen htdigest file can be used directly for digest authentication.
+    Therefore using <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> to encrypt the whole connection is
+    strongly recommended.</p>
+    <p><code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> only works properly on platforms
+      where APR supports shared memory.</p>
+    </div>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="AuthDigestAlgorithm" id="AuthDigestAlgorithm">AuthDigestAlgorithm</a> <a name="authdigestalgorithm" id="authdigestalgorithm">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Selects the algorithm used to calculate the challenge and
@@ -222,48 +264,6 @@ AuthDigestShmemSize 1024K
 AuthDigestShmemSize 1M</pre>
 
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="using" id="using">Using Digest Authentication</a></h2>
-
-    <p>To use MD5 Digest authentication, simply
-    change the normal <code>AuthType Basic</code> and
-    <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>
-    to <code>AuthType Digest</code> and
-    <code class="directive"><a href="#authdigestprovider">AuthDigestProvider</a></code>,
-    when setting up authentication, then add a
-    <code class="directive"><a href="#authdigestdomain">AuthDigestDomain</a></code> directive containing at least the root
-    URI(s) for this protection space.</p>
-
-    <p>Appropriate user (text) files can be created using the
-    <code class="program"><a href="../programs/htdigest.html">htdigest</a></code> tool.</p>
-
-    <div class="example"><h3>Example:</h3><pre class="prettyprint lang-config">&lt;Location "/private/"&gt;
-    AuthType Digest
-    AuthName "private area"
-    AuthDigestDomain "/private/" "http://mirror.my.dom/private2/"
-    
-    AuthDigestProvider file
-    AuthUserFile "/web/auth/.digest_pw"
-    Require valid-user
-&lt;/Location&gt;</pre>
-</div>
-
-    <div class="note"><h3>Note</h3>
-    <p>Digest authentication was intended to be more secure than basic
-    authentication, but no longer fulfills that design goal. A
-    man-in-the-middle attacker can trivially force the browser to downgrade
-    to basic authentication. And even a passive eavesdropper can brute-force
-    the password using today's graphics hardware, because the hashing
-    algorithm used by digest authentication is too fast. Another problem is
-    that the storage of the passwords on the server is insecure. The contents
-    of a stolen htdigest file can be used directly for digest authentication.
-    Therefore using <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> to encrypt the whole connection is
-    strongly recommended.</p>
-    <p><code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code> only works properly on platforms
-      where APR supports shared memory.</p>
-    </div>
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_auth_form.html.en b/docs/manual/mod/mod_auth_form.html.en
index 118443059f..e3e058c56f 100644
--- a/docs/manual/mod/mod_auth_form.html.en
+++ b/docs/manual/mod/mod_auth_form.html.en
@@ -61,7 +61,15 @@
     </p>
 
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#basicconfig">Basic Configuration</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#standalone">Standalone Login</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#inline">Inline Login</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#inlinepreservebody">Inline Login with Body Preservation</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#loggingout">Logging Out</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#urlencoding">Usernames and Passwords</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#authformauthoritative">AuthFormAuthoritative</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#authformbody">AuthFormBody</a></li>
@@ -79,15 +87,7 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#authformsize">AuthFormSize</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#authformusername">AuthFormUsername</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#basicconfig">Basic Configuration</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#standalone">Standalone Login</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#inline">Inline Login</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#inlinepreservebody">Inline Login with Body Preservation</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#loggingout">Logging Out</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#urlencoding">Usernames and Passwords</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_session.html">mod_session</a></code></li>
 <li><code class="directive"><a href="../mod/mod_authn_core.html#authname">AuthName</a></code></li>
@@ -96,6 +96,253 @@
 <li><a href="../howto/auth.html">Authentication howto</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="basicconfig" id="basicconfig">Basic Configuration</a></h2>
+
+      <p>To protect a particular URL with <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code>, you need to
+      decide where you will store your <var>session</var>, and you will need to
+      decide what method you will use to authenticate. In this simple example, the
+      login details will be stored in a session based on
+      <code class="module"><a href="../mod/mod_session_cookie.html">mod_session_cookie</a></code>, and authentication will be attempted against
+      a file using <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>. If authentication is unsuccessful,
+      the user will be redirected to the form login page.</p>
+
+      <div class="example"><h3>Basic example</h3><pre class="prettyprint lang-config">AuthFormProvider file
+AuthUserFile "conf/passwd"
+AuthType form
+AuthName realm
+AuthFormLoginRequiredLocation "http://example.com/login.html"
+Session On
+SessionCookieName session path=/
+SessionCryptoPassphrase secret</pre>
+</div>
+
+      <p>The directive <code class="directive"><a href="../mod/mod_authn_core.html#authtype">AuthType</a></code> will enable
+      the <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> authentication when set to the value <var>form</var>.
+      The directives <code class="directive"><a href="#authformprovider">AuthFormProvider</a></code> and
+      <code class="directive"><a href="../mod/mod_authn_file.html#authuserfile">AuthUserFile</a></code> specify that usernames
+      and passwords should be checked against the chosen file.</p>
+
+      <p>The directives <code class="directive"><a href="../mod/mod_session.html#session">Session</a></code>,
+      <code class="directive"><a href="../mod/mod_session_cookie.html#sessioncookiename">SessionCookieName</a></code> and
+      <code class="directive"><a href="../mod/mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase</a></code> create an
+      encrypted session stored within an HTTP cookie on the browser. For more information
+      on the different options for configuring a session, read the documentation for
+      <code class="module"><a href="../mod/mod_session.html">mod_session</a></code>.</p>
+
+      <p>In the simple example above, a URL has been protected by
+      <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code>, but the user has yet to be given an opportunity to
+      enter their username and password. Options for doing so include providing a
+      dedicated standalone login page for this purpose, or for providing the login
+      page inline.</p>
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="standalone" id="standalone">Standalone Login</a></h2>
+
+      <p>The login form can be hosted as a standalone page, or can be provided inline on
+      the same page.</p>
+
+      <p>When configuring the login as a standalone page, unsuccessful authentication
+      attempts should be redirected to a login form created by the website for this purpose,
+      using the <code class="directive"><a href="#authformloginrequiredlocation">AuthFormLoginRequiredLocation</a></code>
+      directive. Typically this login page will contain an HTML form, asking the user to
+      provide their usename and password.</p>
+
+      <div class="example"><h3>Example login form</h3><pre class="prettyprint lang-html">&lt;form method="POST" action="/dologin.html"&gt;
+  Username: &lt;input type="text" name="httpd_username" value="" /&gt;
+  Password: &lt;input type="password" name="httpd_password" value="" /&gt;
+  &lt;input type="submit" name="login" value="Login" /&gt;
+&lt;/form&gt;</pre>
+</div>
+
+      <p>The part that does the actual login is handled by the <var>form-login-handler</var>.
+      The action of the form should point at this handler, which is configured within
+      Apache httpd as follows:</p>
+
+      <div class="example"><h3>Form login handler example</h3><pre class="prettyprint lang-config">&lt;Location "/dologin.html"&gt;
+    SetHandler form-login-handler
+    AuthFormLoginRequiredLocation "http://example.com/login.html"
+    AuthFormLoginSuccessLocation "http://example.com/success.html"
+    AuthFormProvider file
+    AuthUserFile "conf/passwd"
+    AuthType form
+    AuthName realm
+    Session On
+    SessionCookieName session path=/
+    SessionCryptoPassphrase secret
+&lt;/Location&gt;</pre>
+</div>
+
+      <p>The URLs specified by the
+      <code class="directive"><a href="#authformloginrequiredlocation">AuthFormLoginRequiredLocation</a></code> directive will typically
+      point to a page explaining to the user that their login attempt was unsuccessful, and they
+      should try again.  The <code class="directive"><a href="#authformloginsuccesslocation">AuthFormLoginSuccessLocation</a></code>
+      directive specifies the URL the user should be redirected to upon successful login.</p>
+
+      <p>Alternatively, the URL to redirect the user to on success can be embedded within the login
+      form, as in the example below. As a result, the same <var>form-login-handler</var> can be
+      reused for different areas of a website.</p>
+
+      <div class="example"><h3>Example login form with location</h3><pre class="prettyprint lang-html">&lt;form method="POST" action="/dologin.html"&gt;
+  Username: &lt;input type="text" name="httpd_username" value="" /&gt;
+  Password: &lt;input type="password" name="httpd_password" value="" /&gt;
+  &lt;input type="submit" name="login" value="Login" /&gt;
+  &lt;input type="hidden" name="httpd_location" value="http://example.com/success.html" /&gt;
+&lt;/form&gt;</pre>
+</div>
+
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="inline" id="inline">Inline Login</a></h2>
+
+      <div class="warning"><h3>Warning</h3>
+        <p>A risk exists that under certain circumstances, the login form configured
+        using inline login may be submitted more than once, revealing login credentials to
+        the application running underneath. The administrator must ensure that the underlying
+        application is properly secured to prevent abuse. If in doubt, use the
+        standalone login configuration.</p>
+      </div>
+
+      <p>As an alternative to having a dedicated login page for a website, it is possible to
+      configure <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> to authenticate users inline, without being
+      redirected to another page. This allows the state of the current page to be preserved
+      during the login attempt. This can be useful in a situation where a time limited
+      session is in force, and the session times out in the middle of the user request. The
+      user can be re-authenticated in place, and they can continue where they left off.</p>
+
+      <p>If a non-authenticated user attempts to access a page protected by
+      <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> that isn't configured with a
+      <code class="directive"><a href="#authformloginrequiredlocation">AuthFormLoginRequiredLocation</a></code> directive,
+      a <var>HTTP_UNAUTHORIZED</var> status code is returned to the browser indicating to the user
+      that they are not authorized to view the page.</p>
+
+      <p>To configure inline authentication, the administrator overrides the error document
+      returned by the <var>HTTP_UNAUTHORIZED</var> status code with a custom error document
+      containing the login form, as follows:</p>
+
+      <div class="example"><h3>Basic inline example</h3><pre class="prettyprint lang-config">AuthFormProvider file
+ErrorDocument 401 "/login.shtml"
+AuthUserFile "conf/passwd"
+AuthType form
+AuthName realm
+AuthFormLoginRequiredLocation "http://example.com/login.html"
+Session On
+SessionCookieName session path=/
+SessionCryptoPassphrase secret</pre>
+</div>
+
+      <p>The error document page should contain a login form with an empty action property,
+      as per the example below.  This has the effect of submitting the form to
+      the original protected URL, without the page having to know what that
+      URL is.</p>
+
+      <div class="example"><h3>Example inline login form</h3><pre class="prettyprint lang-html">&lt;form method="POST" <strong>action=""</strong>&gt;
+  Username: &lt;input type="text" name="httpd_username" value="" /&gt;
+  Password: &lt;input type="password" name="httpd_password" value="" /&gt;
+  &lt;input type="submit" name="login" value="Login" /&gt;
+&lt;/form&gt;</pre>
+</div>
+
+      <p>When the end user has filled in their login details, the form will make
+      an HTTP POST request to the original password protected URL.
+      <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> will intercept this POST request, and if
+      HTML fields are found present for the username and password, the user
+      will be logged in, and the original password protected URL will be returned
+      to the user as a GET request.</p>
+
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="inlinepreservebody" id="inlinepreservebody">Inline Login with Body Preservation</a></h2>
+
+      <p>A limitation of the inline login technique described above is that should an
+      HTML form POST have resulted in the request to authenticate or
+      reauthenticate, the
+      contents of the original form posted by the browser will be lost. Depending on
+      the function of the website, this could present significant inconvenience for the
+      end user.</p>
+
+      <p><code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> addresses this by allowing the method and body
+      of the original request to be embedded in the login form. If authentication
+      is successful, the original method and body will be retried by Apache httpd, preserving
+      the state of the original request.</p>
+
+      <p>To enable body preservation, add three additional fields to the login form as
+      per the example below.</p>
+
+      <div class="example"><h3>Example with body preservation</h3><pre class="prettyprint lang-html">&lt;form method="POST" action=""&gt;
+  Username: &lt;input type="text" name="httpd_username" value="" /&gt;
+  Password: &lt;input type="password" name="httpd_password" value="" /&gt;
+  &lt;input type="submit" name="login" value="Login" /&gt;
+  <br />  <strong>&lt;input type="hidden" name="httpd_method" value="POST" /&gt;
+  &lt;input type="hidden" name="httpd_mimetype" value="application/x-www-form-urlencoded" /&gt;
+  &lt;input type="hidden" name="httpd_body" value="name1=value1&amp;name2=value2" /&gt;</strong><br />
+&lt;/form&gt;</pre>
+</div>
+
+      <p>How the method, mimetype and body of the original request are embedded within the
+      login form will depend on the platform and technology being used within the website.
+      </p>
+
+      <p>One option is to use the <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> module along with the
+      <code class="directive"><a href="../mod/mod_request.html#keptbodysize">KeptBodySize</a></code> directive, along with a suitable
+      CGI script to embed the variables in the form.</p>
+
+      <p>Another option is to render the login form using a CGI script or other dynamic
+      technology.</p>
+
+      <div class="example"><h3>CGI example</h3><pre class="prettyprint lang-config">        AuthFormProvider file
+        ErrorDocument 401 "/cgi-bin/login.cgi"
+        ...</pre>
+</div>
+
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="loggingout" id="loggingout">Logging Out</a></h2>
+
+      <p>To enable a user to log out of a particular session, configure a page to
+      be handled by the <var>form-logout-handler</var>. Any attempt to access this
+      URL will cause the username and password to be removed from the current
+      session, effectively logging the user out.</p>
+
+      <p>By setting the
+      <code class="directive"><a href="#authformlogoutlocation">AuthFormLogoutLocation</a></code> directive,
+      a URL can be specified that the browser will be redirected to on successful
+      logout. This URL might explain to the user that they have been logged out, and
+      give the user the option to log in again.</p>
+
+      <div class="example"><h3>Basic logout example</h3><pre class="prettyprint lang-config">SetHandler form-logout-handler
+AuthName realm
+AuthFormLogoutLocation "http://example.com/loggedout.html"
+Session On
+SessionCookieName session path=/
+SessionCryptoPassphrase secret</pre>
+</div>
+
+      <p>Note that logging a user out does not delete the session; it merely removes
+      the username and password from the session. If this results in an empty session,
+      the net effect will be the removal of that session, but this is not
+      guaranteed. If you want to guarantee the removal of a session, set the
+      <code class="directive"><a href="../mod/mod_session.html#sessionmaxage">SessionMaxAge</a></code> directive to a small
+      value, like 1 (setting the directive to zero would mean no session age limit).
+      </p>
+
+      <div class="example"><h3>Basic session expiry example</h3><pre class="prettyprint lang-config">SetHandler form-logout-handler
+AuthFormLogoutLocation "http://example.com/loggedout.html"
+Session On
+SessionMaxAge 1
+SessionCookieName session path=/
+SessionCryptoPassphrase secret</pre>
+</div>
+
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="urlencoding" id="urlencoding">Usernames and Passwords</a></h2>
+    <p>Note that form submission involves URLEncoding the form data:
+    in this case the username and password.  You should therefore
+    pick usernames and passwords that avoid characters that are
+    URLencoded in form submission, or you may get unexpected results.</p>
+    </div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="AuthFormAuthoritative" id="AuthFormAuthoritative">AuthFormAuthoritative</a> <a name="authformauthoritative" id="authformauthoritative">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets whether authorization and authentication are passed to
@@ -451,253 +698,6 @@ parser has been added in 2.4.4.</td></tr>
     in.</p>
 
 </div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="basicconfig" id="basicconfig">Basic Configuration</a></h2>
-
-      <p>To protect a particular URL with <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code>, you need to
-      decide where you will store your <var>session</var>, and you will need to
-      decide what method you will use to authenticate. In this simple example, the
-      login details will be stored in a session based on
-      <code class="module"><a href="../mod/mod_session_cookie.html">mod_session_cookie</a></code>, and authentication will be attempted against
-      a file using <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>. If authentication is unsuccessful,
-      the user will be redirected to the form login page.</p>
-
-      <div class="example"><h3>Basic example</h3><pre class="prettyprint lang-config">AuthFormProvider file
-AuthUserFile "conf/passwd"
-AuthType form
-AuthName realm
-AuthFormLoginRequiredLocation "http://example.com/login.html"
-Session On
-SessionCookieName session path=/
-SessionCryptoPassphrase secret</pre>
-</div>
-
-      <p>The directive <code class="directive"><a href="../mod/mod_authn_core.html#authtype">AuthType</a></code> will enable
-      the <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> authentication when set to the value <var>form</var>.
-      The directives <code class="directive"><a href="#authformprovider">AuthFormProvider</a></code> and
-      <code class="directive"><a href="../mod/mod_authn_file.html#authuserfile">AuthUserFile</a></code> specify that usernames
-      and passwords should be checked against the chosen file.</p>
-
-      <p>The directives <code class="directive"><a href="../mod/mod_session.html#session">Session</a></code>,
-      <code class="directive"><a href="../mod/mod_session_cookie.html#sessioncookiename">SessionCookieName</a></code> and
-      <code class="directive"><a href="../mod/mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase</a></code> create an
-      encrypted session stored within an HTTP cookie on the browser. For more information
-      on the different options for configuring a session, read the documentation for
-      <code class="module"><a href="../mod/mod_session.html">mod_session</a></code>.</p>
-
-      <p>In the simple example above, a URL has been protected by
-      <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code>, but the user has yet to be given an opportunity to
-      enter their username and password. Options for doing so include providing a
-      dedicated standalone login page for this purpose, or for providing the login
-      page inline.</p>
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="standalone" id="standalone">Standalone Login</a></h2>
-
-      <p>The login form can be hosted as a standalone page, or can be provided inline on
-      the same page.</p>
-
-      <p>When configuring the login as a standalone page, unsuccessful authentication
-      attempts should be redirected to a login form created by the website for this purpose,
-      using the <code class="directive"><a href="#authformloginrequiredlocation">AuthFormLoginRequiredLocation</a></code>
-      directive. Typically this login page will contain an HTML form, asking the user to
-      provide their usename and password.</p>
-
-      <div class="example"><h3>Example login form</h3><pre class="prettyprint lang-html">&lt;form method="POST" action="/dologin.html"&gt;
-  Username: &lt;input type="text" name="httpd_username" value="" /&gt;
-  Password: &lt;input type="password" name="httpd_password" value="" /&gt;
-  &lt;input type="submit" name="login" value="Login" /&gt;
-&lt;/form&gt;</pre>
-</div>
-
-      <p>The part that does the actual login is handled by the <var>form-login-handler</var>.
-      The action of the form should point at this handler, which is configured within
-      Apache httpd as follows:</p>
-
-      <div class="example"><h3>Form login handler example</h3><pre class="prettyprint lang-config">&lt;Location "/dologin.html"&gt;
-    SetHandler form-login-handler
-    AuthFormLoginRequiredLocation "http://example.com/login.html"
-    AuthFormLoginSuccessLocation "http://example.com/success.html"
-    AuthFormProvider file
-    AuthUserFile "conf/passwd"
-    AuthType form
-    AuthName realm
-    Session On
-    SessionCookieName session path=/
-    SessionCryptoPassphrase secret
-&lt;/Location&gt;</pre>
-</div>
-
-      <p>The URLs specified by the
-      <code class="directive"><a href="#authformloginrequiredlocation">AuthFormLoginRequiredLocation</a></code> directive will typically
-      point to a page explaining to the user that their login attempt was unsuccessful, and they
-      should try again.  The <code class="directive"><a href="#authformloginsuccesslocation">AuthFormLoginSuccessLocation</a></code>
-      directive specifies the URL the user should be redirected to upon successful login.</p>
-
-      <p>Alternatively, the URL to redirect the user to on success can be embedded within the login
-      form, as in the example below. As a result, the same <var>form-login-handler</var> can be
-      reused for different areas of a website.</p>
-
-      <div class="example"><h3>Example login form with location</h3><pre class="prettyprint lang-html">&lt;form method="POST" action="/dologin.html"&gt;
-  Username: &lt;input type="text" name="httpd_username" value="" /&gt;
-  Password: &lt;input type="password" name="httpd_password" value="" /&gt;
-  &lt;input type="submit" name="login" value="Login" /&gt;
-  &lt;input type="hidden" name="httpd_location" value="http://example.com/success.html" /&gt;
-&lt;/form&gt;</pre>
-</div>
-
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="inline" id="inline">Inline Login</a></h2>
-
-      <div class="warning"><h3>Warning</h3>
-        <p>A risk exists that under certain circumstances, the login form configured
-        using inline login may be submitted more than once, revealing login credentials to
-        the application running underneath. The administrator must ensure that the underlying
-        application is properly secured to prevent abuse. If in doubt, use the
-        standalone login configuration.</p>
-      </div>
-
-      <p>As an alternative to having a dedicated login page for a website, it is possible to
-      configure <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> to authenticate users inline, without being
-      redirected to another page. This allows the state of the current page to be preserved
-      during the login attempt. This can be useful in a situation where a time limited
-      session is in force, and the session times out in the middle of the user request. The
-      user can be re-authenticated in place, and they can continue where they left off.</p>
-
-      <p>If a non-authenticated user attempts to access a page protected by
-      <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> that isn't configured with a
-      <code class="directive"><a href="#authformloginrequiredlocation">AuthFormLoginRequiredLocation</a></code> directive,
-      a <var>HTTP_UNAUTHORIZED</var> status code is returned to the browser indicating to the user
-      that they are not authorized to view the page.</p>
-
-      <p>To configure inline authentication, the administrator overrides the error document
-      returned by the <var>HTTP_UNAUTHORIZED</var> status code with a custom error document
-      containing the login form, as follows:</p>
-
-      <div class="example"><h3>Basic inline example</h3><pre class="prettyprint lang-config">AuthFormProvider file
-ErrorDocument 401 "/login.shtml"
-AuthUserFile "conf/passwd"
-AuthType form
-AuthName realm
-AuthFormLoginRequiredLocation "http://example.com/login.html"
-Session On
-SessionCookieName session path=/
-SessionCryptoPassphrase secret</pre>
-</div>
-
-      <p>The error document page should contain a login form with an empty action property,
-      as per the example below.  This has the effect of submitting the form to
-      the original protected URL, without the page having to know what that
-      URL is.</p>
-
-      <div class="example"><h3>Example inline login form</h3><pre class="prettyprint lang-html">&lt;form method="POST" <strong>action=""</strong>&gt;
-  Username: &lt;input type="text" name="httpd_username" value="" /&gt;
-  Password: &lt;input type="password" name="httpd_password" value="" /&gt;
-  &lt;input type="submit" name="login" value="Login" /&gt;
-&lt;/form&gt;</pre>
-</div>
-
-      <p>When the end user has filled in their login details, the form will make
-      an HTTP POST request to the original password protected URL.
-      <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> will intercept this POST request, and if
-      HTML fields are found present for the username and password, the user
-      will be logged in, and the original password protected URL will be returned
-      to the user as a GET request.</p>
-
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="inlinepreservebody" id="inlinepreservebody">Inline Login with Body Preservation</a></h2>
-
-      <p>A limitation of the inline login technique described above is that should an
-      HTML form POST have resulted in the request to authenticate or
-      reauthenticate, the
-      contents of the original form posted by the browser will be lost. Depending on
-      the function of the website, this could present significant inconvenience for the
-      end user.</p>
-
-      <p><code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> addresses this by allowing the method and body
-      of the original request to be embedded in the login form. If authentication
-      is successful, the original method and body will be retried by Apache httpd, preserving
-      the state of the original request.</p>
-
-      <p>To enable body preservation, add three additional fields to the login form as
-      per the example below.</p>
-
-      <div class="example"><h3>Example with body preservation</h3><pre class="prettyprint lang-html">&lt;form method="POST" action=""&gt;
-  Username: &lt;input type="text" name="httpd_username" value="" /&gt;
-  Password: &lt;input type="password" name="httpd_password" value="" /&gt;
-  &lt;input type="submit" name="login" value="Login" /&gt;
-  <br />  <strong>&lt;input type="hidden" name="httpd_method" value="POST" /&gt;
-  &lt;input type="hidden" name="httpd_mimetype" value="application/x-www-form-urlencoded" /&gt;
-  &lt;input type="hidden" name="httpd_body" value="name1=value1&amp;name2=value2" /&gt;</strong><br />
-&lt;/form&gt;</pre>
-</div>
-
-      <p>How the method, mimetype and body of the original request are embedded within the
-      login form will depend on the platform and technology being used within the website.
-      </p>
-
-      <p>One option is to use the <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> module along with the
-      <code class="directive"><a href="../mod/mod_request.html#keptbodysize">KeptBodySize</a></code> directive, along with a suitable
-      CGI script to embed the variables in the form.</p>
-
-      <p>Another option is to render the login form using a CGI script or other dynamic
-      technology.</p>
-
-      <div class="example"><h3>CGI example</h3><pre class="prettyprint lang-config">        AuthFormProvider file
-        ErrorDocument 401 "/cgi-bin/login.cgi"
-        ...</pre>
-</div>
-
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="loggingout" id="loggingout">Logging Out</a></h2>
-
-      <p>To enable a user to log out of a particular session, configure a page to
-      be handled by the <var>form-logout-handler</var>. Any attempt to access this
-      URL will cause the username and password to be removed from the current
-      session, effectively logging the user out.</p>
-
-      <p>By setting the
-      <code class="directive"><a href="#authformlogoutlocation">AuthFormLogoutLocation</a></code> directive,
-      a URL can be specified that the browser will be redirected to on successful
-      logout. This URL might explain to the user that they have been logged out, and
-      give the user the option to log in again.</p>
-
-      <div class="example"><h3>Basic logout example</h3><pre class="prettyprint lang-config">SetHandler form-logout-handler
-AuthName realm
-AuthFormLogoutLocation "http://example.com/loggedout.html"
-Session On
-SessionCookieName session path=/
-SessionCryptoPassphrase secret</pre>
-</div>
-
-      <p>Note that logging a user out does not delete the session; it merely removes
-      the username and password from the session. If this results in an empty session,
-      the net effect will be the removal of that session, but this is not
-      guaranteed. If you want to guarantee the removal of a session, set the
-      <code class="directive"><a href="../mod/mod_session.html#sessionmaxage">SessionMaxAge</a></code> directive to a small
-      value, like 1 (setting the directive to zero would mean no session age limit).
-      </p>
-
-      <div class="example"><h3>Basic session expiry example</h3><pre class="prettyprint lang-config">SetHandler form-logout-handler
-AuthFormLogoutLocation "http://example.com/loggedout.html"
-Session On
-SessionMaxAge 1
-SessionCookieName session path=/
-SessionCryptoPassphrase secret</pre>
-</div>
-
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="urlencoding" id="urlencoding">Usernames and Passwords</a></h2>
-    <p>Note that form submission involves URLEncoding the form data:
-    in this case the username and password.  You should therefore
-    pick usernames and passwords that avoid characters that are
-    URLencoded in form submission, or you may get unexpected results.</p>
-    </div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_auth_form.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_authn_anon.html.en b/docs/manual/mod/mod_authn_anon.html.en
index c023922b9e..6c7bf928c8 100644
--- a/docs/manual/mod/mod_authn_anon.html.en
+++ b/docs/manual/mod/mod_authn_anon.html.en
@@ -55,7 +55,10 @@
     via the <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>
     directive with the <code>anon</code> value.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#example">Example</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#anonymous">Anonymous</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#anonymous_logemail">Anonymous_LogEmail</a></li>
@@ -63,10 +66,50 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#anonymous_nouserid">Anonymous_NoUserID</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#anonymous_verifyemail">Anonymous_VerifyEmail</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#example">Example</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="example" id="example">Example</a></h2>
+    <p>The example below is combined with "normal" htpasswd-file based
+    authentication and allows users in additionally as 'guests' with the
+    following properties:</p>
+
+    <ul>
+      <li>It insists that the user enters a userID.
+      (<code class="directive"><a href="#anonymous_nouserid">Anonymous_NoUserID</a></code>)</li>
+
+      <li>It insists that the user enters a password.
+      (<code class="directive"><a href="#anonymous_mustgiveemail">Anonymous_MustGiveEmail</a></code>)</li>
+
+      <li>The password entered must be a valid email address, <em>i.e.</em>
+      contain at least one '@' and a '.'.
+      (<code class="directive"><a href="#anonymous_verifyemail">Anonymous_VerifyEmail</a></code>)</li>
+
+      <li>The userID must be one of <code>anonymous guest www test
+      welcome</code> and comparison is <strong>not</strong> case
+      sensitive. (<code class="directive"><a href="#anonymous">Anonymous</a></code>)</li>
+
+      <li>And the Email addresses entered in the passwd field are
+      logged to the error log file.
+      (<code class="directive"><a href="#anonymous_logemail">Anonymous_LogEmail</a></code>)</li>
+    </ul>
+
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">&lt;Directory "/var/www/html/private"&gt;
+    AuthName "Use 'anonymous' &amp; Email address for guest entry"
+    AuthType Basic
+    AuthBasicProvider file anon
+    AuthUserFile "/path/to/your/.htpasswd"
+    
+    Anonymous_NoUserID off
+    Anonymous_MustGiveEmail on
+    Anonymous_VerifyEmail on
+    Anonymous_LogEmail on
+    Anonymous anonymous guest www test welcome
+    
+    Require valid-user
+&lt;/Directory&gt;</pre>
+</div>
+</div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="Anonymous" id="Anonymous">Anonymous</a> <a name="anonymous" id="anonymous">Directive</a></h2>
 <table class="directive">
@@ -166,49 +209,6 @@ formatted email address</td></tr>
     at least one '@' and a '.' to encourage users to enter valid email
     addresses (see the above <code class="directive"><a href="#anonymous_logemail">Anonymous_LogEmail</a></code>).</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="example" id="example">Example</a></h2>
-    <p>The example below is combined with "normal" htpasswd-file based
-    authentication and allows users in additionally as 'guests' with the
-    following properties:</p>
-
-    <ul>
-      <li>It insists that the user enters a userID.
-      (<code class="directive"><a href="#anonymous_nouserid">Anonymous_NoUserID</a></code>)</li>
-
-      <li>It insists that the user enters a password.
-      (<code class="directive"><a href="#anonymous_mustgiveemail">Anonymous_MustGiveEmail</a></code>)</li>
-
-      <li>The password entered must be a valid email address, <em>i.e.</em>
-      contain at least one '@' and a '.'.
-      (<code class="directive"><a href="#anonymous_verifyemail">Anonymous_VerifyEmail</a></code>)</li>
-
-      <li>The userID must be one of <code>anonymous guest www test
-      welcome</code> and comparison is <strong>not</strong> case
-      sensitive. (<code class="directive"><a href="#anonymous">Anonymous</a></code>)</li>
-
-      <li>And the Email addresses entered in the passwd field are
-      logged to the error log file.
-      (<code class="directive"><a href="#anonymous_logemail">Anonymous_LogEmail</a></code>)</li>
-    </ul>
-
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">&lt;Directory "/var/www/html/private"&gt;
-    AuthName "Use 'anonymous' &amp; Email address for guest entry"
-    AuthType Basic
-    AuthBasicProvider file anon
-    AuthUserFile "/path/to/your/.htpasswd"
-    
-    Anonymous_NoUserID off
-    Anonymous_MustGiveEmail on
-    Anonymous_VerifyEmail on
-    Anonymous_LogEmail on
-    Anonymous anonymous guest www test welcome
-    
-    Require valid-user
-&lt;/Directory&gt;</pre>
-</div>
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_authn_core.html.en b/docs/manual/mod/mod_authn_core.html.en
index 09d40860b8..1b92677ae0 100644
--- a/docs/manual/mod/mod_authn_core.html.en
+++ b/docs/manual/mod/mod_authn_core.html.en
@@ -39,16 +39,88 @@
     <code class="module"><a href="../mod/mod_authn_core.html">mod_authn_core</a></code> provides directives that are
     common to all authentication providers.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#authnalias">Creating Authentication Provider Aliases</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#authname">AuthName</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#authnprovideralias">&lt;AuthnProviderAlias&gt;</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#authtype">AuthType</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#authnalias">Creating Authentication Provider Aliases</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="authnalias" id="authnalias">Creating Authentication Provider Aliases</a></h2>
+
+    <p>Extended authentication providers can be created
+    within the configuration file and assigned an alias name.  The alias
+    providers can then be referenced through the directives
+    <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> or
+    <code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code> in
+    the same way as a base authentication provider.  Besides the ability
+    to create and alias an extended provider, it also allows the same
+    extended authentication provider to be reference by multiple
+    locations.</p>
+
+    <h3><a name="example" id="example">Examples</a></h3>
+
+        <p>This example checks for passwords in two different text
+        files.</p>
+
+        <div class="example"><h3>Checking multiple text password files</h3><pre class="prettyprint lang-config"># Check here first
+&lt;AuthnProviderAlias file file1&gt;
+    AuthUserFile "/www/conf/passwords1"
+&lt;/AuthnProviderAlias&gt;
+
+# Then check here
+&lt;AuthnProviderAlias file file2&gt;   
+    AuthUserFile "/www/conf/passwords2"
+&lt;/AuthnProviderAlias&gt;
+
+&lt;Directory "/var/web/pages/secure"&gt;
+    AuthBasicProvider file1 file2
+    
+    AuthType Basic
+    AuthName "Protected Area"
+    Require valid-user
+&lt;/Directory&gt;</pre>
+</div>
+
+        <p>The example below creates two different ldap authentication
+        provider aliases based on the ldap provider.  This allows
+        a single authenticated location to be serviced by multiple ldap
+        hosts:</p>
+
+        <div class="example"><h3>Checking multiple LDAP servers</h3><pre class="prettyprint lang-config">&lt;AuthnProviderAlias ldap ldap-alias1&gt;
+    AuthLDAPBindDN cn=youruser,o=ctx
+    AuthLDAPBindPassword yourpassword
+    AuthLDAPURL ldap://ldap.host/o=ctx
+&lt;/AuthnProviderAlias&gt;
+&lt;AuthnProviderAlias ldap ldap-other-alias&gt;
+    AuthLDAPBindDN cn=yourotheruser,o=dev
+    AuthLDAPBindPassword yourotherpassword
+    AuthLDAPURL ldap://other.ldap.host/o=dev?cn
+&lt;/AuthnProviderAlias&gt;
+
+Alias "/secure" "/webpages/secure"
+&lt;Directory "/webpages/secure"&gt;
+    Order deny,allow
+    Allow from all
+    
+    AuthBasicProvider ldap-other-alias  ldap-alias1
+    
+    AuthType Basic
+    AuthName "LDAP Protected Place"
+    Require valid-user
+    # Note that Require ldap-* would not work here, since the 
+    # AuthnProviderAlias does not provide the config to authorization providers
+    # that are implemented in the same module as the authentication provider.
+&lt;/Directory&gt;</pre>
+</div>
+    
+
+</div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="AuthName" id="AuthName">AuthName</a> <a name="authname" id="authname">Directive</a></h2>
 <table class="directive">
@@ -164,78 +236,6 @@ the specified alias</td></tr>
 <li><a href="../howto/auth.html">Authentication, Authorization,
     and Access Control</a></li>
 </ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="authnalias" id="authnalias">Creating Authentication Provider Aliases</a></h2>
-
-    <p>Extended authentication providers can be created
-    within the configuration file and assigned an alias name.  The alias
-    providers can then be referenced through the directives
-    <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> or
-    <code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code> in
-    the same way as a base authentication provider.  Besides the ability
-    to create and alias an extended provider, it also allows the same
-    extended authentication provider to be reference by multiple
-    locations.</p>
-
-    <h3><a name="example" id="example">Examples</a></h3>
-
-        <p>This example checks for passwords in two different text
-        files.</p>
-
-        <div class="example"><h3>Checking multiple text password files</h3><pre class="prettyprint lang-config"># Check here first
-&lt;AuthnProviderAlias file file1&gt;
-    AuthUserFile "/www/conf/passwords1"
-&lt;/AuthnProviderAlias&gt;
-
-# Then check here
-&lt;AuthnProviderAlias file file2&gt;   
-    AuthUserFile "/www/conf/passwords2"
-&lt;/AuthnProviderAlias&gt;
-
-&lt;Directory "/var/web/pages/secure"&gt;
-    AuthBasicProvider file1 file2
-    
-    AuthType Basic
-    AuthName "Protected Area"
-    Require valid-user
-&lt;/Directory&gt;</pre>
-</div>
-
-        <p>The example below creates two different ldap authentication
-        provider aliases based on the ldap provider.  This allows
-        a single authenticated location to be serviced by multiple ldap
-        hosts:</p>
-
-        <div class="example"><h3>Checking multiple LDAP servers</h3><pre class="prettyprint lang-config">&lt;AuthnProviderAlias ldap ldap-alias1&gt;
-    AuthLDAPBindDN cn=youruser,o=ctx
-    AuthLDAPBindPassword yourpassword
-    AuthLDAPURL ldap://ldap.host/o=ctx
-&lt;/AuthnProviderAlias&gt;
-&lt;AuthnProviderAlias ldap ldap-other-alias&gt;
-    AuthLDAPBindDN cn=yourotheruser,o=dev
-    AuthLDAPBindPassword yourotherpassword
-    AuthLDAPURL ldap://other.ldap.host/o=dev?cn
-&lt;/AuthnProviderAlias&gt;
-
-Alias "/secure" "/webpages/secure"
-&lt;Directory "/webpages/secure"&gt;
-    Order deny,allow
-    Allow from all
-    
-    AuthBasicProvider ldap-other-alias  ldap-alias1
-    
-    AuthType Basic
-    AuthName "LDAP Protected Place"
-    Require valid-user
-    # Note that Require ldap-* would not work here, since the 
-    # AuthnProviderAlias does not provide the config to authorization providers
-    # that are implemented in the same module as the authentication provider.
-&lt;/Directory&gt;</pre>
-</div>
-    
-
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_authn_dbd.html.en b/docs/manual/mod/mod_authn_dbd.html.en
index 84a983f0aa..62eabfbabc 100644
--- a/docs/manual/mod/mod_authn_dbd.html.en
+++ b/docs/manual/mod/mod_authn_dbd.html.en
@@ -49,17 +49,17 @@
     <code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code>
     with the <code>dbd</code> value.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#authdbduserpwquery">AuthDBDUserPWQuery</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#authdbduserrealmquery">AuthDBDUserRealmQuery</a></li>
-</ul>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#socache">Performance and Cacheing</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#example">Configuration Example</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#exposed">Exposing Login Information</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<ul id="toc">
+<li><img alt="" src="../images/down.gif" /> <a href="#authdbduserpwquery">AuthDBDUserPWQuery</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#authdbduserrealmquery">AuthDBDUserRealmQuery</a></li>
+</ul>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="directive"><a href="../mod/mod_authn_core.html#authname">AuthName</a></code></li>
 <li><code class="directive"><a href="../mod/mod_authn_core.html#authtype">AuthType</a></code></li>
@@ -74,70 +74,6 @@
 <li><a href="../misc/password_encryptions.html">Password Formats</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthDBDUserPWQuery" id="AuthDBDUserPWQuery">AuthDBDUserPWQuery</a> <a name="authdbduserpwquery" id="authdbduserpwquery">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>SQL query to look up a password for a user</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDBDUserPWQuery <var>query</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authn_dbd</td></tr>
-</table>
-    <p>The <code class="directive">AuthDBDUserPWQuery</code> specifies an
-    SQL query to look up a password for a specified user.  The user's ID
-    will be passed as a single string parameter when the SQL query is
-    executed.  It may be referenced within the query statement using
-    a <code>%s</code> format specifier.</p>
-    <pre class="prettyprint lang-config">AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s"</pre>
-
-    <p>The first column value of the first row returned by the query
-    statement should be a string containing the encrypted password.
-    Subsequent rows will be ignored.  If no rows are returned, the user
-    will not be authenticated through <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>.</p>
-    <p>If httpd was built against <a class="glossarylink" href="../glossary.html#apr" title="see glossary">APR</a> version 1.3.0
-    or higher, any additional column values in the first row returned by
-    the query statement will be stored as environment variables with
-    names of the form <code>AUTHENTICATE_<var>COLUMN</var></code>.
-    </p>
-    <p>The encrypted password format depends on which authentication
-    frontend (e.g. <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> or
-    <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>) is being used.  See <a href="../misc/password_encryptions.html">Password Formats</a> for
-    more information.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthDBDUserRealmQuery" id="AuthDBDUserRealmQuery">AuthDBDUserRealmQuery</a> <a name="authdbduserrealmquery" id="authdbduserrealmquery">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>SQL query to look up a password hash for a user and realm.
-</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDBDUserRealmQuery <var>query</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authn_dbd</td></tr>
-</table>
-    <p>The <code class="directive">AuthDBDUserRealmQuery</code> specifies an
-    SQL query to look up a password for a specified user and realm in a
-    digest authentication process.
-    The user's ID and the realm, in that order, will be passed as string
-    parameters when the SQL query is executed.  They may be referenced
-    within the query statement using <code>%s</code> format specifiers.</p>
-    <pre class="prettyprint lang-config">AuthDBDUserRealmQuery "SELECT password FROM authn WHERE user = %s AND realm = %s"</pre>
-
-    <p>The first column value of the first row returned by the query
-    statement should be a string containing the encrypted password.
-    Subsequent rows will be ignored.  If no rows are returned, the user
-    will not be authenticated through <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>.</p>
-    <p>If httpd was built against <a class="glossarylink" href="../glossary.html#apr" title="see glossary">APR</a> version 1.3.0
-    or higher, any additional column values in the first row returned by
-    the query statement will be stored as environment variables with
-    names of the form <code>AUTHENTICATE_<var>COLUMN</var></code>.
-    </p>
-    <p>The encrypted password format depends on which authentication
-    frontend (e.g. <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> or
-    <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>) is being used.  See <a href="../misc/password_encryptions.html">Password Formats</a> for
-    more information.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="socache" id="socache">Performance and Cacheing</a></h2>
 
@@ -200,6 +136,70 @@ query to gather this additional information.</p>
 <p>This has the potential to dramatically simplify the coding and
 configuration required in some web applications.
 </p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthDBDUserPWQuery" id="AuthDBDUserPWQuery">AuthDBDUserPWQuery</a> <a name="authdbduserpwquery" id="authdbduserpwquery">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>SQL query to look up a password for a user</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDBDUserPWQuery <var>query</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authn_dbd</td></tr>
+</table>
+    <p>The <code class="directive">AuthDBDUserPWQuery</code> specifies an
+    SQL query to look up a password for a specified user.  The user's ID
+    will be passed as a single string parameter when the SQL query is
+    executed.  It may be referenced within the query statement using
+    a <code>%s</code> format specifier.</p>
+    <pre class="prettyprint lang-config">AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s"</pre>
+
+    <p>The first column value of the first row returned by the query
+    statement should be a string containing the encrypted password.
+    Subsequent rows will be ignored.  If no rows are returned, the user
+    will not be authenticated through <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>.</p>
+    <p>If httpd was built against <a class="glossarylink" href="../glossary.html#apr" title="see glossary">APR</a> version 1.3.0
+    or higher, any additional column values in the first row returned by
+    the query statement will be stored as environment variables with
+    names of the form <code>AUTHENTICATE_<var>COLUMN</var></code>.
+    </p>
+    <p>The encrypted password format depends on which authentication
+    frontend (e.g. <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> or
+    <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>) is being used.  See <a href="../misc/password_encryptions.html">Password Formats</a> for
+    more information.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthDBDUserRealmQuery" id="AuthDBDUserRealmQuery">AuthDBDUserRealmQuery</a> <a name="authdbduserrealmquery" id="authdbduserrealmquery">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>SQL query to look up a password hash for a user and realm.
+</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthDBDUserRealmQuery <var>query</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authn_dbd</td></tr>
+</table>
+    <p>The <code class="directive">AuthDBDUserRealmQuery</code> specifies an
+    SQL query to look up a password for a specified user and realm in a
+    digest authentication process.
+    The user's ID and the realm, in that order, will be passed as string
+    parameters when the SQL query is executed.  They may be referenced
+    within the query statement using <code>%s</code> format specifiers.</p>
+    <pre class="prettyprint lang-config">AuthDBDUserRealmQuery "SELECT password FROM authn WHERE user = %s AND realm = %s"</pre>
+
+    <p>The first column value of the first row returned by the query
+    statement should be a string containing the encrypted password.
+    Subsequent rows will be ignored.  If no rows are returned, the user
+    will not be authenticated through <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>.</p>
+    <p>If httpd was built against <a class="glossarylink" href="../glossary.html#apr" title="see glossary">APR</a> version 1.3.0
+    or higher, any additional column values in the first row returned by
+    the query statement will be stored as environment variables with
+    names of the form <code>AUTHENTICATE_<var>COLUMN</var></code>.
+    </p>
+    <p>The encrypted password format depends on which authentication
+    frontend (e.g. <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code> or
+    <code class="module"><a href="../mod/mod_auth_digest.html">mod_auth_digest</a></code>) is being used.  See <a href="../misc/password_encryptions.html">Password Formats</a> for
+    more information.</p>
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_authn_dbm.html.en b/docs/manual/mod/mod_authn_dbm.html.en
index a3de3afda3..b4dd72860a 100644
--- a/docs/manual/mod/mod_authn_dbm.html.en
+++ b/docs/manual/mod/mod_authn_dbm.html.en
@@ -67,6 +67,7 @@
 <li><code class="program"><a href="../programs/htdbm.html">htdbm</a></code></li>
 <li><a href="../misc/password_encryptions.html">Password Formats</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="AuthDBMType" id="AuthDBMType">AuthDBMType</a> <a name="authdbmtype" id="authdbmtype">Directive</a></h2>
 <table class="directive">
@@ -138,7 +139,6 @@ passwords for authentication</td></tr>
     <code class="program"><a href="../programs/htdbm.html">htdbm</a></code>.</p>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_authn_dbm.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_authn_file.html.en b/docs/manual/mod/mod_authn_file.html.en
index b7cd33e83f..58c2220c82 100644
--- a/docs/manual/mod/mod_authn_file.html.en
+++ b/docs/manual/mod/mod_authn_file.html.en
@@ -63,6 +63,7 @@
 <li><code class="program"><a href="../programs/htdigest.html">htdigest</a></code></li>
 <li><a href="../misc/password_encryptions.html">Password Formats</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="AuthUserFile" id="AuthUserFile">AuthUserFile</a> <a name="authuserfile" id="authuserfile">Directive</a></h2>
 <table class="directive">
@@ -128,7 +129,6 @@ passwords for authentication</td></tr>
     </div>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_authn_file.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_authn_socache.html.en b/docs/manual/mod/mod_authn_socache.html.en
index a799f69619..6f7157e2ca 100644
--- a/docs/manual/mod/mod_authn_socache.html.en
+++ b/docs/manual/mod/mod_authn_socache.html.en
@@ -38,7 +38,12 @@ the load on backends</td></tr>
     <p>Maintains a cache of authentication credentials, so that a new backend
     lookup is not required for every authenticated request.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#intro">Authentication Cacheing</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#usage">Usage</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#dev">Cacheing with custom modules</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#authncachecontext">AuthnCacheContext</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#authncacheenable">AuthnCacheEnable</a></li>
@@ -46,12 +51,62 @@ the load on backends</td></tr>
 <li><img alt="" src="../images/down.gif" /> <a href="#authncachesocache">AuthnCacheSOCache</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#authncachetimeout">AuthnCacheTimeout</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#intro">Authentication Cacheing</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#usage">Usage</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#dev">Cacheing with custom modules</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="intro" id="intro">Authentication Cacheing</a></h2>
+    <p>Some users of more heavyweight authentication such as SQL database
+    lookups (<code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>) have reported it putting an
+    unacceptable load on their authentication provider.  A typical case
+    in point is where an HTML page contains hundreds of objects
+    (images, scripts, stylesheets, media, etc), and a request to the page
+    generates hundreds of effectively-immediate requests for authenticated
+    additional contents.</p>
+    <p>mod_authn_socache provides a solution to this problem by
+    maintaining a cache of authentication credentials.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="usage" id="usage">Usage</a></h2>
+    <p>The authentication cache should be used where authentication
+    lookups impose a significant load on the server, or a backend or
+    network.  Authentication by file (<code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>)
+    or dbm (<code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code>) are unlikely to benefit,
+    as these are fast and lightweight in their own right (though in some
+    cases, such as a network-mounted file, cacheing may be worthwhile).
+    Other providers such as SQL or LDAP based authentication are more
+    likely to benefit, particularly where there is an observed
+    performance issue.  Amongst the standard modules, <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> manages its own cache, so only
+    <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code> will usually benefit from this cache.</p>
+    <p>The basic rules to cache for a provider are:</p>
+    <ol><li>Include the provider you're cacheing for in an
+            <code class="directive">AuthnCacheProvideFor</code> directive.</li>
+        <li>List <var>socache</var> ahead of the provider you're
+            cacheing for in your <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> or <code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code> directive.</li>
+    </ol>
+    <p>A simple usage example to accelerate <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>
+    using dbm as a cache engine:</p>
+    <pre class="prettyprint lang-config">#AuthnCacheSOCache is optional.  If specified, it is server-wide
+AuthnCacheSOCache dbm
+&lt;Directory "/usr/www/myhost/private"&gt;
+    AuthType Basic
+    AuthName "Cached Authentication Example"
+    AuthBasicProvider socache dbd
+    AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s"
+    AuthnCacheProvideFor dbd
+    Require valid-user
+    #Optional
+    AuthnCacheContext dbd-authn-example
+&lt;/Directory&gt;</pre>
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="dev" id="dev">Cacheing with custom modules</a></h2>
+    <p>Module developers should note that their modules must be enabled
+    for cacheing with mod_authn_socache.  A single optional API function
+    <var>ap_authn_cache_store</var> is provided to cache credentials
+    a provider has just looked up or generated.  Usage examples are
+    available in <a href="http://svn.eu.apache.org/viewvc?view=revision&amp;revision=957072">r957072</a>, in which three authn providers are enabled for cacheing.</p>
+</div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="AuthnCacheContext" id="AuthnCacheContext">AuthnCacheContext</a> <a name="authncachecontext" id="authncachecontext">Directive</a></h2>
 <table class="directive">
@@ -167,61 +222,6 @@ Apache HTTP Server 2.4.7 and later</td></tr>
     your timeout.</p>
 
 </div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="intro" id="intro">Authentication Cacheing</a></h2>
-    <p>Some users of more heavyweight authentication such as SQL database
-    lookups (<code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>) have reported it putting an
-    unacceptable load on their authentication provider.  A typical case
-    in point is where an HTML page contains hundreds of objects
-    (images, scripts, stylesheets, media, etc), and a request to the page
-    generates hundreds of effectively-immediate requests for authenticated
-    additional contents.</p>
-    <p>mod_authn_socache provides a solution to this problem by
-    maintaining a cache of authentication credentials.</p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="usage" id="usage">Usage</a></h2>
-    <p>The authentication cache should be used where authentication
-    lookups impose a significant load on the server, or a backend or
-    network.  Authentication by file (<code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>)
-    or dbm (<code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code>) are unlikely to benefit,
-    as these are fast and lightweight in their own right (though in some
-    cases, such as a network-mounted file, cacheing may be worthwhile).
-    Other providers such as SQL or LDAP based authentication are more
-    likely to benefit, particularly where there is an observed
-    performance issue.  Amongst the standard modules, <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> manages its own cache, so only
-    <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code> will usually benefit from this cache.</p>
-    <p>The basic rules to cache for a provider are:</p>
-    <ol><li>Include the provider you're cacheing for in an
-            <code class="directive">AuthnCacheProvideFor</code> directive.</li>
-        <li>List <var>socache</var> ahead of the provider you're
-            cacheing for in your <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> or <code class="directive"><a href="../mod/mod_auth_digest.html#authdigestprovider">AuthDigestProvider</a></code> directive.</li>
-    </ol>
-    <p>A simple usage example to accelerate <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>
-    using dbm as a cache engine:</p>
-    <pre class="prettyprint lang-config">#AuthnCacheSOCache is optional.  If specified, it is server-wide
-AuthnCacheSOCache dbm
-&lt;Directory "/usr/www/myhost/private"&gt;
-    AuthType Basic
-    AuthName "Cached Authentication Example"
-    AuthBasicProvider socache dbd
-    AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s"
-    AuthnCacheProvideFor dbd
-    Require valid-user
-    #Optional
-    AuthnCacheContext dbd-authn-example
-&lt;/Directory&gt;</pre>
-
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="dev" id="dev">Cacheing with custom modules</a></h2>
-    <p>Module developers should note that their modules must be enabled
-    for cacheing with mod_authn_socache.  A single optional API function
-    <var>ap_authn_cache_store</var> is provided to cache credentials
-    a provider has just looked up or generated.  Usage examples are
-    available in <a href="http://svn.eu.apache.org/viewvc?view=revision&amp;revision=957072">r957072</a>, in which three authn providers are enabled for cacheing.</p>
-</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_authn_socache.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_authnz_fcgi.html.en b/docs/manual/mod/mod_authnz_fcgi.html.en
index 9c7d8d8f7a..629a2bccb3 100644
--- a/docs/manual/mod/mod_authnz_fcgi.html.en
+++ b/docs/manual/mod/mod_authnz_fcgi.html.en
@@ -45,18 +45,18 @@ httpd authentication and authorization</td></tr>
     such as for Basic authentication, or can authenticate using arbitrary
     mechanisms.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#authnzfcgicheckauthnprovider">AuthnzFcgiCheckAuthnProvider</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#authnzfcgidefineprovider">AuthnzFcgiDefineProvider</a></li>
-</ul>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#invocations">Invocation modes</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#examples">Additional examples</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#limitations">Limitations</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#logging">Logging</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<ul id="toc">
+<li><img alt="" src="../images/down.gif" /> <a href="#authnzfcgicheckauthnprovider">AuthnzFcgiCheckAuthnProvider</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#authnzfcgidefineprovider">AuthnzFcgiDefineProvider</a></li>
+</ul>
+<h3>See also</h3>
 <ul class="seealso">
 <li><a href="../howto/auth.html">Authentication, Authorization,
 and Access Control</a></li>
@@ -65,127 +65,6 @@ and Access Control</a></li>
 <li><code class="module"><a href="../mod/mod_proxy_fcgi.html">mod_proxy_fcgi</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthnzFcgiCheckAuthnProvider" id="AuthnzFcgiCheckAuthnProvider">AuthnzFcgiCheckAuthnProvider</a> <a name="authnzfcgicheckauthnprovider" id="authnzfcgicheckauthnprovider">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enables a FastCGI application to handle the check_authn
-authentication hook.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthnzFcgiCheckAuthnProvider <em>provider-name</em>|<code>None</code>
-<em>option</em> ...</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_fcgi</td></tr>
-</table>
-    <p>This directive is used to enable a FastCGI authorizer to
-    handle a specific processing phase of authentication or
-    authorization.</p>
-
-    <p>Some capabilities of FastCGI authorizers require enablement
-    using this directive instead of
-    <code class="directive">AuthBasicProvider</code>:</p>
-
-    <ul>
-      <li>Non-Basic authentication; generally, determining the user
-      id of the client and returning it from the authorizer; see the
-      <code>UserExpr</code> option below</li>
-      <li>Selecting a custom response code; for a non-200 response
-      from the authorizer, the code from the authorizer will be the
-      status of the response</li>
-      <li>Setting the body of a non-200 response; if the authorizer
-      provides a response body with a non-200 response, that body
-      will be returned to the client; up to 8192 bytes of text are
-      supported</li>
-    </ul>
-
-    <dl>
-      <dt><em>provider-name</em></dt>
-      <dd>This is the name of a provider defined with <code class="directive">
-      AuthnzFcgiDefineProvider</code>.</dd>
-
-      <dt><code>None</code></dt>
-      <dd>Specify <code>None</code> to disable a provider enabled
-      with this directive in an outer scope, such as in a parent
-      directory.</dd>
-
-      <dt><em>option</em></dt>
-      <dd>The following options are supported:
-      
-      <dl>
-         <dt>Authoritative On|Off (default On)</dt>
-         <dd>This controls whether or not other modules are allowed
-         to run when this module has a FastCGI authorizer configured
-         and it fails the request.</dd>
-
-         <dt>DefaultUser <em>userid</em></dt>
-         <dd>When the authorizer returns success and <code>UserExpr</code>
-         is configured and evaluates to an empty string (e.g., authorizer
-         didn't return a variable), this value will be used as the user
-         id.  This is typically used when the authorizer has a concept of
-         guest, or unauthenticated, users and guest users are mapped to
-         some specific user id for logging and other purposes.</dd>
-
-         <dt>RequireBasicAuth On|Off (default Off)</dt>
-         <dd>This controls whether or not Basic auth is required
-         before passing the request to the authorizer.  If required,
-         the authorizer won't be invoked without a user id and
-         password; 401 will be returned for a request without that.</dd>
-
-         <dt>UserExpr <em>expr</em> (no default)</dt>
-         <dd>When Basic authentication isn't provided by the client
-         and the authorizer determines the user, this expression,
-         evaluated after calling the authorizer, determines the
-         user.  The expression follows <a href="../expr.html">
-         ap_expr syntax</a> and must resolve to a string.  A typical
-         use is to reference a <code>Variable-<em>XXX</em></code> 
-         setting returned by the authorizer using an option like
-         <code>UserExpr "%{reqenv:<em>XXX</em>}"</code>.  If
-         this option is specified and the user id can't be retrieved
-         using the expression after a successful authentication, the
-         request will be rejected with a 500 error.</dd>
-
-       </dl>
-      </dd>
-     </dl>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthnzFcgiDefineProvider" id="AuthnzFcgiDefineProvider">AuthnzFcgiDefineProvider</a> <a name="authnzfcgidefineprovider" id="authnzfcgidefineprovider">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Defines a FastCGI application as a provider for
-authentication and/or authorization</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthnzFcgiDefineProvider <em>type</em> <em>provider-name</em>
-<em>backend-address</em></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_fcgi</td></tr>
-</table>
-    <p>This directive is used to define a FastCGI application as
-    a provider for a particular phase of authentication or
-    authorization.</p>
-
-    <dl>
-      <dt><em>type</em></dt>
-      <dd>This must be set to <em>authn</em> for authentication,
-      <em>authz</em> for authorization, or <em>authnz</em> for
-      a generic FastCGI authorizer which performs both checks.</dd>
-
-      <dt><em>provider-name</em></dt>
-      <dd>This is used to assign a name to the provider which is
-      used in other directives such as 
-      <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>
-      and 
-      <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code>.</dd>
-
-      <dt><em>backend-address</em></dt>
-      <dd>This specifies the address of the application, in the form
-      <em>fcgi://hostname:port/</em>.  The application process(es)
-      must be managed independently, such as with
-      <code class="program"><a href="../programs/fcgistarter.html">fcgistarter</a></code>.</dd>
-    </dl>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="invocations" id="invocations">Invocation modes</a></h2>
 
@@ -527,6 +406,127 @@ Require FooAuthnz</pre>
 <pre class="prettyprint lang-config">LogLevel info authnz_fcgi:trace8</pre>
 
 
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthnzFcgiCheckAuthnProvider" id="AuthnzFcgiCheckAuthnProvider">AuthnzFcgiCheckAuthnProvider</a> <a name="authnzfcgicheckauthnprovider" id="authnzfcgicheckauthnprovider">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enables a FastCGI application to handle the check_authn
+authentication hook.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthnzFcgiCheckAuthnProvider <em>provider-name</em>|<code>None</code>
+<em>option</em> ...</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_fcgi</td></tr>
+</table>
+    <p>This directive is used to enable a FastCGI authorizer to
+    handle a specific processing phase of authentication or
+    authorization.</p>
+
+    <p>Some capabilities of FastCGI authorizers require enablement
+    using this directive instead of
+    <code class="directive">AuthBasicProvider</code>:</p>
+
+    <ul>
+      <li>Non-Basic authentication; generally, determining the user
+      id of the client and returning it from the authorizer; see the
+      <code>UserExpr</code> option below</li>
+      <li>Selecting a custom response code; for a non-200 response
+      from the authorizer, the code from the authorizer will be the
+      status of the response</li>
+      <li>Setting the body of a non-200 response; if the authorizer
+      provides a response body with a non-200 response, that body
+      will be returned to the client; up to 8192 bytes of text are
+      supported</li>
+    </ul>
+
+    <dl>
+      <dt><em>provider-name</em></dt>
+      <dd>This is the name of a provider defined with <code class="directive">
+      AuthnzFcgiDefineProvider</code>.</dd>
+
+      <dt><code>None</code></dt>
+      <dd>Specify <code>None</code> to disable a provider enabled
+      with this directive in an outer scope, such as in a parent
+      directory.</dd>
+
+      <dt><em>option</em></dt>
+      <dd>The following options are supported:
+      
+      <dl>
+         <dt>Authoritative On|Off (default On)</dt>
+         <dd>This controls whether or not other modules are allowed
+         to run when this module has a FastCGI authorizer configured
+         and it fails the request.</dd>
+
+         <dt>DefaultUser <em>userid</em></dt>
+         <dd>When the authorizer returns success and <code>UserExpr</code>
+         is configured and evaluates to an empty string (e.g., authorizer
+         didn't return a variable), this value will be used as the user
+         id.  This is typically used when the authorizer has a concept of
+         guest, or unauthenticated, users and guest users are mapped to
+         some specific user id for logging and other purposes.</dd>
+
+         <dt>RequireBasicAuth On|Off (default Off)</dt>
+         <dd>This controls whether or not Basic auth is required
+         before passing the request to the authorizer.  If required,
+         the authorizer won't be invoked without a user id and
+         password; 401 will be returned for a request without that.</dd>
+
+         <dt>UserExpr <em>expr</em> (no default)</dt>
+         <dd>When Basic authentication isn't provided by the client
+         and the authorizer determines the user, this expression,
+         evaluated after calling the authorizer, determines the
+         user.  The expression follows <a href="../expr.html">
+         ap_expr syntax</a> and must resolve to a string.  A typical
+         use is to reference a <code>Variable-<em>XXX</em></code> 
+         setting returned by the authorizer using an option like
+         <code>UserExpr "%{reqenv:<em>XXX</em>}"</code>.  If
+         this option is specified and the user id can't be retrieved
+         using the expression after a successful authentication, the
+         request will be rejected with a 500 error.</dd>
+
+       </dl>
+      </dd>
+     </dl>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthnzFcgiDefineProvider" id="AuthnzFcgiDefineProvider">AuthnzFcgiDefineProvider</a> <a name="authnzfcgidefineprovider" id="authnzfcgidefineprovider">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Defines a FastCGI application as a provider for
+authentication and/or authorization</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthnzFcgiDefineProvider <em>type</em> <em>provider-name</em>
+<em>backend-address</em></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_fcgi</td></tr>
+</table>
+    <p>This directive is used to define a FastCGI application as
+    a provider for a particular phase of authentication or
+    authorization.</p>
+
+    <dl>
+      <dt><em>type</em></dt>
+      <dd>This must be set to <em>authn</em> for authentication,
+      <em>authz</em> for authorization, or <em>authnz</em> for
+      a generic FastCGI authorizer which performs both checks.</dd>
+
+      <dt><em>provider-name</em></dt>
+      <dd>This is used to assign a name to the provider which is
+      used in other directives such as 
+      <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>
+      and 
+      <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code>.</dd>
+
+      <dt><em>backend-address</em></dt>
+      <dd>This specifies the address of the application, in the form
+      <em>fcgi://hostname:port/</em>.  The application process(es)
+      must be managed independently, such as with
+      <code class="program"><a href="../programs/fcgistarter.html">fcgistarter</a></code>.</dd>
+    </dl>
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_authnz_ldap.html.en b/docs/manual/mod/mod_authnz_ldap.html.en
index 37e1c0e8cd..3ba99edab8 100644
--- a/docs/manual/mod/mod_authnz_ldap.html.en
+++ b/docs/manual/mod/mod_authnz_ldap.html.en
@@ -60,7 +60,19 @@ for HTTP Basic authentication.</td></tr>
     via the <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code>
     directive with the <code>ldap</code> value.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#contents">Contents</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#operation">Operation</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#requiredirectives">The Require Directives</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#usingtls">Using TLS</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#usingssl">Using SSL</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#exposed">Exposing Login Information</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#activedirectory">Using Active Directory</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#frontpage">Using Microsoft
+    FrontPage with mod_authnz_ldap</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#authldapauthorizeprefix">AuthLDAPAuthorizePrefix</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#authldapbindauthoritative">AuthLDAPBindAuthoritative</a></li>
@@ -82,19 +94,7 @@ for HTTP Basic authentication.</td></tr>
 <li><img alt="" src="../images/down.gif" /> <a href="#authldapsubgroupclass">AuthLDAPSubGroupClass</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#authldapurl">AuthLDAPUrl</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#contents">Contents</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#operation">Operation</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#requiredirectives">The Require Directives</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#usingtls">Using TLS</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#usingssl">Using SSL</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#exposed">Exposing Login Information</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#activedirectory">Using Active Directory</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#frontpage">Using Microsoft
-    FrontPage with mod_authnz_ldap</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code></li>
 <li><code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code></li>
@@ -102,1283 +102,1283 @@ for HTTP Basic authentication.</td></tr>
 <li><code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPAuthorizePrefix" id="AuthLDAPAuthorizePrefix">AuthLDAPAuthorizePrefix</a> <a name="authldapauthorizeprefix" id="authldapauthorizeprefix">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies the prefix for environment variables set during
-authorization</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPAuthorizePrefix <em>prefix</em></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPAuthorizePrefix AUTHORIZE_</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.6 and later</td></tr>
-</table>
-    <p>This directive allows you to override the prefix used for environment
-    variables set during LDAP authorization.  If <em>AUTHENTICATE_</em> is
-    specified, consumers of these environment variables see the same information
-    whether LDAP has performed authentication, authorization, or both.</p>
+<div class="section">
+<h2><a name="contents" id="contents">Contents</a></h2>
 
-    <div class="note"><h3>Note</h3>
-    No authorization variables are set when a user is authorized on the basis of
-    <code>Require valid-user</code>.
-    </div>
+    <ul>
+      <li>
+        <a href="#operation">Operation</a>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPBindAuthoritative" id="AuthLDAPBindAuthoritative">AuthLDAPBindAuthoritative</a> <a name="authldapbindauthoritative" id="authldapbindauthoritative">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Determines if other authentication providers are used when a user can be mapped to a DN but the server cannot successfully bind with the user's credentials.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPBindAuthoritative<em>off|on</em></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPBindAuthoritative on</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-</table>
-    <p>By default, subsequent authentication providers are only queried if a
-    user cannot be mapped to a DN, but not if the user can be mapped to a DN and their
-    password cannot be verified with an LDAP bind.
-    If <code class="directive"><a href="#authldapbindauthoritative">AuthLDAPBindAuthoritative</a></code>
-    is set to <em>off</em>, other configured authentication modules will have
-    a chance to validate the user if the LDAP bind (with the current user's credentials)
-    fails for any reason.</p>
-    <p> This allows users present in both LDAP and
-    <code class="directive"><a href="../mod/mod_authn_file.html#authuserfile">AuthUserFile</a></code> to authenticate
-    when the LDAP server is available but the user's account is locked or password
-    is otherwise unusable.</p>
+        <ul>
+          <li><a href="#authenphase">The Authentication
+          Phase</a></li>
 
-<h3>See also</h3>
-<ul>
-<li><code class="directive"><a href="../mod/mod_authn_file.html#authuserfile">AuthUserFile</a></code></li>
-<li><code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code></li>
-</ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPBindDN" id="AuthLDAPBindDN">AuthLDAPBindDN</a> <a name="authldapbinddn" id="authldapbinddn">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Optional DN to use in binding to the LDAP server</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPBindDN <em>distinguished-name</em></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-</table>
-    <p>An optional DN used to bind to the server when searching for
-    entries. If not provided, <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> will use
-    an anonymous bind.</p>
+          <li><a href="#authorphase">The Authorization
+          Phase</a></li>
+        </ul>
+      </li>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPBindPassword" id="AuthLDAPBindPassword">AuthLDAPBindPassword</a> <a name="authldapbindpassword" id="authldapbindpassword">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Password used in conjuction with the bind DN</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPBindPassword <em>password</em></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td><em>exec:</em> was added in 2.4.5.</td></tr>
-</table>
-    <p>A bind password to use in conjunction with the bind DN. Note
-    that the bind password is probably sensitive data, and should be
-    properly protected. You should only use the <code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code> and <code class="directive"><a href="#authldapbindpassword">AuthLDAPBindPassword</a></code> if you
-    absolutely need them to search the directory.</p>
+      <li>
+        <a href="#requiredirectives">The Require Directives</a>
 
-    <p>If the value begins with exec: the resulting command will be
-    executed and the first line returned to standard output by the
-    program will be used as the password.</p>
-<pre class="prettyprint lang-config">#Password used as-is
-AuthLDAPBindPassword secret
+        <ul>
+          <li><a href="#requser">Require ldap-user</a></li>
+          <li><a href="#reqgroup">Require ldap-group</a></li>
+          <li><a href="#reqdn">Require ldap-dn</a></li>
+          <li><a href="#reqattribute">Require ldap-attribute</a></li>
+          <li><a href="#reqfilter">Require ldap-filter</a></li>
+        </ul>
+      </li>
 
-#Run /path/to/program to get my password
-AuthLDAPBindPassword exec:/path/to/program
+      <li><a href="#examples">Examples</a></li>
+      <li><a href="#usingtls">Using TLS</a></li>
+      <li><a href="#usingssl">Using SSL</a></li>
+      <li><a href="#exposed">Exposing Login Information</a></li>
+      <li><a href="#activedirectory">Using Active Directory</a></li>
+      <li>
+        <a href="#frontpage">Using Microsoft FrontPage with
+        <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code></a>
 
-#Run /path/to/otherProgram and provide arguments
-AuthLDAPBindPassword "exec:/path/to/otherProgram argument1"</pre>
+        <ul>
+          <li><a href="#howitworks">How It Works</a></li>
+          <li><a href="#fpcaveats">Caveats</a></li>
+        </ul>
+      </li>
+    </ul>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="operation" id="operation">Operation</a></h2>
 
+    <p>There are two phases in granting access to a user. The first
+    phase is authentication, in which the <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code>
+    authentication provider verifies that the user's credentials are valid.
+    This is also called the <em>search/bind</em> phase. The second phase is
+    authorization, in which <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> determines
+    if the authenticated user is allowed access to the resource in
+    question. This is also known as the <em>compare</em>
+    phase.</p>
 
+    <p><code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> registers both an authn_ldap authentication
+    provider and an authz_ldap authorization handler.  The authn_ldap
+    authentication provider can be enabled through the
+    <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> directive
+    using the <code>ldap</code> value. The authz_ldap handler extends the
+    <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> directive's authorization types
+    by adding <code>ldap-user</code>, <code>ldap-dn</code> and <code>ldap-group</code>
+    values.</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPCharsetConfig" id="AuthLDAPCharsetConfig">AuthLDAPCharsetConfig</a> <a name="authldapcharsetconfig" id="authldapcharsetconfig">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Language to charset conversion configuration file</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPCharsetConfig <em>file-path</em></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-</table>
-    <p>The <code class="directive">AuthLDAPCharsetConfig</code> directive sets the location
-    of the language to charset conversion configuration file. <var>File-path</var> is relative
-    to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>. This file specifies
-    the list of language extensions to character sets.
-    Most administrators use the provided <code>charset.conv</code>
-    file, which associates common language extensions to character sets.</p>
+<h3><a name="authenphase" id="authenphase">The Authentication
+    Phase</a></h3>
 
-    <p>The file contains lines in the following format:</p>
+    <p>During the authentication phase, <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code>
+    searches for an entry in the directory that matches the username
+    that the HTTP client passes. If a single unique match is found,
+    then <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> attempts to bind to the
+    directory server using the DN of the entry plus the password
+    provided by the HTTP client. Because it does a search, then a
+    bind, it is often referred to as the search/bind phase. Here are
+    the steps taken during the search/bind phase.</p>
 
-    <div class="example"><p><code>
-      <var>Language-Extension</var> <var>charset</var> [<var>Language-String</var>] ...
-    </code></p></div>
+    <ol>
+      <li>Generate a search filter by combining the attribute and
+      filter provided in the <code class="directive"><a href="#authldapurl">AuthLDAPURL</a></code> directive with
+      the username passed by the HTTP client.</li>
 
-    <p>The case of the extension does not matter. Blank lines, and lines
-    beginning with a hash character (<code>#</code>) are ignored.</p>
+      <li>Search the directory using the generated filter. If the
+      search does not return exactly one entry, deny or decline
+      access.</li>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPCompareAsUser" id="AuthLDAPCompareAsUser">AuthLDAPCompareAsUser</a> <a name="authldapcompareasuser" id="authldapcompareasuser">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use the authenticated user's credentials to perform authorization comparisons</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPCompareAsUser on|off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPCompareAsUser off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.6 and later</td></tr>
-</table>
-    <p>When set, and <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> has authenticated the
-    user, LDAP comparisons for authorization use the queried distinguished name (DN)
-    and HTTP basic authentication password of the authenticated user instead of
-    the servers configured credentials.</p>
+      <li>Fetch the distinguished name of the entry retrieved from
+      the search and attempt to bind to the LDAP server using that
+      DN and the password passed by the HTTP client. If the bind is
+      unsuccessful, deny or decline access.</li>
+    </ol>
 
-    <p> The <em>ldap-attribute</em>, <em>ldap-user</em>, and <em>ldap-group</em> (single-level only)
-    authorization checks use comparisons.</p>
+    <p>The following directives are used during the search/bind
+    phase</p>
 
-    <p>This directive only has effect on the comparisons performed during
-    nested group processing when <code class="directive"><a href="#authldapsearchasuser">
-    AuthLDAPSearchAsUser</a></code> is also enabled.</p>
+    <table>
+      
+      <tr>
+        <td><code class="directive"><a href="#authldapurl">AuthLDAPURL</a></code></td>
 
-    <p> This directive should only be used when your LDAP server doesn't
-        accept anonymous comparisons and you cannot use a dedicated
-        <code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code>.
-    </p>
+        <td>Specifies the LDAP server, the
+        base DN, the attribute to use in the search, as well as the
+        extra search filter to use.</td>
+      </tr>
 
-<h3>See also</h3>
-<ul>
-<li><code class="directive"><a href="#authldapinitialbindasuser">AuthLDAPInitialBindAsUser</a></code></li>
-<li><code class="directive"><a href="#authldapsearchasuser">AuthLDAPSearchAsUser</a></code></li>
-</ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPCompareDNOnServer" id="AuthLDAPCompareDNOnServer">AuthLDAPCompareDNOnServer</a> <a name="authldapcomparednonserver" id="authldapcomparednonserver">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use the LDAP server to compare the DNs</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPCompareDNOnServer on|off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPCompareDNOnServer on</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-</table>
-    <p>When set, <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> will use the LDAP
-    server to compare the DNs. This is the only foolproof way to
-    compare DNs.  <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> will search the
-    directory for the DN specified with the <a href="#reqdn"><code>Require dn</code></a> directive, then,
-    retrieve the DN and compare it with the DN retrieved from the user
-    entry. If this directive is not set,
-    <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> simply does a string comparison. It
-    is possible to get false negatives with this approach, but it is
-    much faster. Note the <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> cache can speed up
-    DN comparison in most situations.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPDereferenceAliases" id="AuthLDAPDereferenceAliases">AuthLDAPDereferenceAliases</a> <a name="authldapdereferencealiases" id="authldapdereferencealiases">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>When will the module de-reference aliases</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPDereferenceAliases never|searching|finding|always</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPDereferenceAliases always</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-</table>
-    <p>This directive specifies when <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> will
-    de-reference aliases during LDAP operations. The default is
-    <code>always</code>.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPGroupAttribute" id="AuthLDAPGroupAttribute">AuthLDAPGroupAttribute</a> <a name="authldapgroupattribute" id="authldapgroupattribute">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>LDAP attributes used to identify the user members of
-groups.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPGroupAttribute <em>attribute</em></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPGroupAttribute member uniquemember</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-</table>
-    <p>This directive specifies which LDAP attributes are used to
-    check for user members within groups. Multiple attributes can be used
-    by specifying this directive multiple times. If not specified,
-    then <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> uses the <code>member</code> and
-    <code>uniquemember</code> attributes.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPGroupAttributeIsDN" id="AuthLDAPGroupAttributeIsDN">AuthLDAPGroupAttributeIsDN</a> <a name="authldapgroupattributeisdn" id="authldapgroupattributeisdn">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use the DN of the client username when checking for
-group membership</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPGroupAttributeIsDN on|off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPGroupAttributeIsDN on</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-</table>
-    <p>When set <code>on</code>, this directive says to use the
-    distinguished name of the client username when checking for group
-    membership.  Otherwise, the username will be used. For example,
-    assume that the client sent the username <code>bjenson</code>,
-    which corresponds to the LDAP DN <code>cn=Babs Jenson,
-    o=Example</code>. If this directive is set,
-    <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> will check if the group has
-    <code>cn=Babs Jenson, o=Example</code> as a member. If this
-    directive is not set, then <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> will
-    check if the group has <code>bjenson</code> as a member.</p>
+      <tr>
+        <td><code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code></td>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPInitialBindAsUser" id="AuthLDAPInitialBindAsUser">AuthLDAPInitialBindAsUser</a> <a name="authldapinitialbindasuser" id="authldapinitialbindasuser">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Determines if the server does the initial DN lookup using the basic authentication users'
-own username, instead of anonymously or with hard-coded credentials for the server</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPInitialBindAsUser <em>off|on</em></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPInitialBindAsUser off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.6 and later</td></tr>
-</table>
-    <p>By default, the server either anonymously, or with a dedicated user and
-     password, converts the basic authentication username into an LDAP
-     distinguished name (DN).  This directive forces the server to use the verbatim username
-     and password provided by the incoming user to perform the initial DN
-     search.</p>
+        <td>An optional DN to bind with
+        during the search phase.</td>
+      </tr>
 
-     <p> If the verbatim username can't directly bind, but needs some
-     cosmetic transformation, see <code class="directive"><a href="#authldapinitialbindpattern">
-     AuthLDAPInitialBindPattern</a></code>.</p>
+      <tr>
+        <td><code class="directive"><a href="#authldapbindpassword">AuthLDAPBindPassword</a></code></td>
 
-     <p> This directive should only be used when your LDAP server doesn't
-         accept anonymous searches and you cannot use a dedicated
-         <code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code>.
-     </p>
+        <td>An optional password to bind
+        with during the search phase.</td>
+      </tr>
+    </table>
 
-     <div class="note"><h3>Not available with authorization-only</h3>
-         This directive can only be used if this module authenticates the user, and
-         has no effect when this module is used exclusively for authorization.
-     </div>
 
-<h3>See also</h3>
-<ul>
-<li><code class="directive"><a href="#authldapinitialbindpattern">AuthLDAPInitialBindPattern</a></code></li>
-<li><code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code></li>
-<li><code class="directive"><a href="#authldapcompareasuser">AuthLDAPCompareAsUser</a></code></li>
-<li><code class="directive"><a href="#authldapsearchasuser">AuthLDAPSearchAsUser</a></code></li>
-</ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPInitialBindPattern" id="AuthLDAPInitialBindPattern">AuthLDAPInitialBindPattern</a> <a name="authldapinitialbindpattern" id="authldapinitialbindpattern">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies the transformation of the basic authentication username to be used when binding to the LDAP server
-to perform a DN lookup</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPInitialBindPattern<em><var>regex</var> <var>substitution</var></em></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPInitialBindPattern (.*) $1 (remote username used verbatim)</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.6 and later</td></tr>
-</table>
-    <p>If <code class="directive"><a href="#authldapinitialbindasuser">AuthLDAPInitialBindAsUser</a></code> is set to
-       <em>ON</em>, the basic authentication username will be transformed according to the
-       regular expression and substituion arguments.</p>
+<h3><a name="authorphase" id="authorphase">The Authorization Phase</a></h3>
 
-    <p> The regular expression argument is compared against the current basic authentication username.
-        The substitution argument may contain backreferences, but has no other variable interpolation.</p>
+    <p>During the authorization phase, <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code>
+    attempts to determine if the user is authorized to access the
+    resource.  Many of these checks require
+    <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> to do a compare operation on the
+    LDAP server. This is why this phase is often referred to as the
+    compare phase. <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> accepts the
+    following <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code>
+    directives to determine if the credentials are acceptable:</p>
 
-    <p> This directive should only be used when your LDAP server doesn't
-        accept anonymous searches and you cannot use a dedicated
-        <code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code>.
-    </p>
+    <ul>
+      <li>Grant access if there is a <a href="#reqgroup"><code>Require ldap-user</code></a> directive, and the
+      username in the directive matches the username passed by the
+      client.</li>
 
-    <pre class="prettyprint lang-config">AuthLDAPInitialBindPattern (.+) $1@example.com</pre>
+      <li>Grant access if there is a <a href="#reqdn"><code>Require
+      ldap-dn</code></a> directive, and the DN in the directive matches
+      the DN fetched from the LDAP directory.</li>
 
-    <pre class="prettyprint lang-config">AuthLDAPInitialBindPattern (.+) cn=$1,dc=example,dc=com</pre>
+      <li>Grant access if there is a <a href="#reqgroup"><code>Require ldap-group</code></a> directive, and
+      the DN fetched from the LDAP directory (or the username
+      passed by the client) occurs in the LDAP group or, potentially, in
+      one of its sub-groups.</li>
 
+      <li>Grant access if there is a <a href="#reqattribute">
+      <code>Require ldap-attribute</code></a>
+      directive, and the attribute fetched from the LDAP directory
+      matches the given value.</li>
 
-    <div class="note"><h3>Not available with authorization-only</h3>
-        This directive can only be used if this module authenticates the user, and
-        has no effect when this module is used exclusively for authorization.
-    </div>
-    <div class="note"><h3>debugging</h3>
-        The substituted DN is recorded in the environment variable
-        <em>LDAP_BINDASUSER</em>.  If the regular expression does not match the input,
-        the verbatim username is used.
-    </div>
+      <li>Grant access if there is a <a href="#reqfilter">
+      <code>Require ldap-filter</code></a>
+      directive, and the search filter successfully finds a single user
+      object that matches the dn of the authenticated user.</li>
 
-<h3>See also</h3>
-<ul>
-<li><code class="directive"><a href="#authldapinitialbindasuser">AuthLDAPInitialBindAsUser</a></code></li>
-<li><code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code></li>
-</ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPMaxSubGroupDepth" id="AuthLDAPMaxSubGroupDepth">AuthLDAPMaxSubGroupDepth</a> <a name="authldapmaxsubgroupdepth" id="authldapmaxsubgroupdepth">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies the maximum sub-group nesting depth that will be
-evaluated before the user search is discontinued.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPMaxSubGroupDepth <var>Number</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPMaxSubGroupDepth 10</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.0 and later</td></tr>
-</table>
-   <p>When this directive is set to a non-zero value <code>X</code>
-   combined with use of the <code>Require ldap-group someGroupDN</code>
-   directive, the provided user credentials will be searched for
-   as a member of the <code>someGroupDN</code> directory object or of
-   any group member of the current group up to the maximum nesting
-   level <code>X</code> specified by this directive.</p>
-   <p>See the <a href="#reqgroup"><code>Require ldap-group</code></a>
-   section for a more detailed example.</p>
+      <li>otherwise, deny or decline access</li>
+    </ul>
 
-   <div class="note"><h3>Nested groups performance</h3>
-   <p> When <code class="directive">AuthLDAPSubGroupAttribute</code> overlaps with
-   <code class="directive">AuthLDAPGroupAttribute</code> (as it does by default and
-   as required by common LDAP schemas), uncached searching for subgroups in 
-   large groups can be very slow. If you use large, non-nested groups, set 
-   <code class="directive">AuthLDAPMaxSubGroupDepth</code> to zero.</p>
-   </div>
+    <p>Other <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> values may also
+    be used which may require loading additional authorization modules.</p>
 
+    <ul>
+        <li>Grant access to all successfully authenticated users if
+        there is a <a href="#requser"><code>Require valid-user</code></a>
+        directive. (requires <code class="module"><a href="../mod/mod_authz_user.html">mod_authz_user</a></code>)</li>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPRemoteUserAttribute" id="AuthLDAPRemoteUserAttribute">AuthLDAPRemoteUserAttribute</a> <a name="authldapremoteuserattribute" id="authldapremoteuserattribute">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use the value of the attribute returned during the user
-query to set the REMOTE_USER environment variable</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPRemoteUserAttribute uid</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-</table>
-    <p>If this directive is set, the value of the
-    <code>REMOTE_USER</code> environment variable will be set to the
-    value of the attribute specified. Make sure that this attribute is
-    included in the list of attributes in the AuthLDAPUrl definition,
-    otherwise this directive will have no effect. This directive, if
-    present, takes precedence over AuthLDAPRemoteUserIsDN. This
-    directive is useful should you want people to log into a website
-    using an email address, but a backend application expects the
-    username as a userid.</p>
+        <li>Grant access if there is a <a href="#reqgroup"><code>Require group</code></a> directive, and
+        <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code> has been loaded with the
+        <code class="directive"><a href="../mod/mod_authz_groupfile.html#authgroupfile">AuthGroupFile</a></code>
+        directive set.</li>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPRemoteUserIsDN" id="AuthLDAPRemoteUserIsDN">AuthLDAPRemoteUserIsDN</a> <a name="authldapremoteuserisdn" id="authldapremoteuserisdn">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use the DN of the client username to set the REMOTE_USER
-environment variable</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPRemoteUserIsDN on|off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPRemoteUserIsDN off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-</table>
-    <p>If this directive is set to on, the value of the
-    <code>REMOTE_USER</code> environment variable will be set to the full
-    distinguished name of the authenticated user, rather than just
-    the username that was passed by the client. It is turned off by
-    default.</p>
+        <li>others...</li>
+     </ul>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPSearchAsUser" id="AuthLDAPSearchAsUser">AuthLDAPSearchAsUser</a> <a name="authldapsearchasuser" id="authldapsearchasuser">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use the authenticated user's credentials to perform authorization searches</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPSearchAsUser on|off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPSearchAsUser off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.6 and later</td></tr>
-</table>
-    <p>When set, and <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> has authenticated the
-    user, LDAP searches for authorization use the queried distinguished name (DN)
-    and HTTP basic authentication password of the authenticated user instead of
-    the servers configured credentials.</p>
 
-    <p> The <em>ldap-filter</em> and <em>ldap-dn</em> authorization
-    checks use searches.</p>
+    <p><code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> uses the following directives during the
+    compare phase:</p>
 
-    <p>This directive only has effect on the comparisons performed during
-    nested group processing when <code class="directive"><a href="#authldapcompareasuser">
-    AuthLDAPCompareAsUser</a></code> is also enabled.</p>
+    <table>
+      
+      <tr>
+        <td><code class="directive"><a href="#authldapurl">AuthLDAPURL</a></code> </td>
 
-    <p> This directive should only be used when your LDAP server doesn't
-        accept anonymous searches and you cannot use a dedicated
-        <code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code>.
-    </p>
+        <td>The attribute specified in the
+        URL is used in compare operations for the <code>Require
+        ldap-user</code> operation.</td>
+      </tr>
 
-<h3>See also</h3>
-<ul>
-<li><code class="directive"><a href="#authldapinitialbindasuser">AuthLDAPInitialBindAsUser</a></code></li>
-<li><code class="directive"><a href="#authldapcompareasuser">AuthLDAPCompareAsUser</a></code></li>
-</ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPSubGroupAttribute" id="AuthLDAPSubGroupAttribute">AuthLDAPSubGroupAttribute</a> <a name="authldapsubgroupattribute" id="authldapsubgroupattribute">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies the attribute labels, one value per
-directive line, used to distinguish the members of the current group that
-are groups.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPSubGroupAttribute <em>attribute</em></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPSubgroupAttribute member uniquemember</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.0 and later</td></tr>
-</table>
-    <p>An LDAP group object may contain members that are users and
-    members that are groups (called nested or sub groups). The
-    <code>AuthLDAPSubGroupAttribute</code> directive identifies the
-    labels of group members and the <code>AuthLDAPGroupAttribute</code>
-    directive identifies the labels of the user members. Multiple
-    attributes can be used by specifying this directive multiple times.
-    If not specified, then <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> uses the
-    <code>member</code> and <code>uniqueMember</code> attributes.</p>
+      <tr>
+        <td><code class="directive"><a href="#authldapcomparednonserver">AuthLDAPCompareDNOnServer</a></code></td>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPSubGroupClass" id="AuthLDAPSubGroupClass">AuthLDAPSubGroupClass</a> <a name="authldapsubgroupclass" id="authldapsubgroupclass">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies which LDAP objectClass values identify directory
-objects that are groups during sub-group processing.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPSubGroupClass <em>LdapObjectClass</em></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPSubGroupClass groupOfNames groupOfUniqueNames</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.0 and later</td></tr>
-</table>
-    <p>An LDAP group object may contain members that are users and
-    members that are groups (called nested or sub groups). The
-    <code>AuthLDAPSubGroupAttribute</code> directive identifies the
-    labels of members that may be sub-groups of the current group
-    (as opposed to user members). The <code>AuthLDAPSubGroupClass</code>
-    directive specifies the LDAP objectClass values used in verifying that
-    these potential sub-groups are in fact group objects. Verified sub-groups
-    can then be searched for more user or sub-group members. Multiple
-    attributes can be used by specifying this directive multiple times.
-    If not specified, then <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> uses the
-    <code>groupOfNames</code> and <code>groupOfUniqueNames</code> values.</p>
+        <td>Determines the behavior of the
+        <code>Require ldap-dn</code> directive.</td>
+      </tr>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthLDAPUrl" id="AuthLDAPUrl">AuthLDAPUrl</a> <a name="authldapurl" id="authldapurl">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>URL specifying the LDAP search parameters</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPUrl <em>url [NONE|SSL|TLS|STARTTLS]</em></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
-</table>
-    <p>An RFC 2255 URL which specifies the LDAP search parameters
-    to use. The syntax of the URL is</p>
-<div class="example"><p><code>ldap://host:port/basedn?attribute?scope?filter</code></p></div>
-    <p>If you want to specify more than one LDAP URL that Apache should try in turn, the syntax is:</p>
-<pre class="prettyprint lang-config">AuthLDAPUrl "ldap://ldap1.example.com ldap2.example.com/dc=..."</pre>
+      <tr>
+        <td><code class="directive"><a href="#authldapgroupattribute">AuthLDAPGroupAttribute</a></code></td>
 
-<p><em><strong>Caveat: </strong>If you specify multiple servers, you need to enclose the entire URL string in quotes;
-otherwise you will get an error: "AuthLDAPURL takes one argument, URL to define LDAP connection.." </em>
-You can of course use search parameters on each of these.</p>
+        <td>Determines the attribute to
+        use for comparisons in the <code>Require ldap-group</code>
+        directive.</td>
+      </tr>
 
-<dl>
-<dt>ldap</dt>
+      <tr>
+        <td><code class="directive"><a href="#authldapgroupattributeisdn">AuthLDAPGroupAttributeIsDN</a></code></td>
 
-        <dd>For regular ldap, use the
-        string <code>ldap</code>. For secure LDAP, use <code>ldaps</code>
-        instead. Secure LDAP is only available if Apache was linked
-        to an LDAP library with SSL support.</dd>
+        <td>Specifies whether to use the
+        user DN or the username when doing comparisons for the
+        <code>Require ldap-group</code> directive.</td>
+      </tr>
 
-<dt>host:port</dt>
+      <tr>
+        <td><code class="directive"><a href="#authldapmaxsubgroupdepth">AuthLDAPMaxSubGroupDepth</a></code></td>
 
-        <dd>
-          <p>The name/port of the ldap server (defaults to
-          <code>localhost:389</code> for <code>ldap</code>, and
-          <code>localhost:636</code> for <code>ldaps</code>). To
-          specify multiple, redundant LDAP servers, just list all
-          servers, separated by spaces. <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code>
-          will try connecting to each server in turn, until it makes a
-          successful connection. If multiple ldap servers are specified,
-          then entire LDAP URL must be encapsulated in double quotes.</p>
+        <td>Determines the maximum depth of sub-groups that will be evaluated
+        during comparisons in the <code>Require ldap-group</code> directive.</td>
+      </tr>
 
-          <p>Once a connection has been made to a server, that
-          connection remains active for the life of the
-          <code class="program"><a href="../programs/httpd.html">httpd</a></code> process, or until the LDAP server goes
-          down.</p>
+      <tr>
+        <td><code class="directive"><a href="#authldapsubgroupattribute">AuthLDAPSubGroupAttribute</a></code></td>
 
-          <p>If the LDAP server goes down and breaks an existing
-          connection, <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> will attempt to
-          re-connect, starting with the primary server, and trying
-          each redundant server in turn. Note that this is different
-          than a true round-robin search.</p>
-        </dd>
+        <td>Determines the attribute to use when obtaining sub-group members
+        of the current group during comparisons in the <code>Require ldap-group</code>
+        directive.</td>
+      </tr>
 
-<dt>basedn</dt>
+      <tr>
+        <td><code class="directive"><a href="#authldapsubgroupclass">AuthLDAPSubGroupClass</a></code></td>
 
-        <dd>The DN of the branch of the
-        directory where all searches should start from. At the very
-        least, this must be the top of your directory tree, but
-        could also specify a subtree in the directory.</dd>
+        <td>Specifies the LDAP objectClass values used to identify if queried directory
+        objects really are group objects (as opposed to user objects) during the
+        <code>Require ldap-group</code> directive's sub-group processing.</td>
+      </tr>
+    </table>
 
-<dt>attribute</dt>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="requiredirectives" id="requiredirectives">The Require Directives</a></h2>
 
-        <dd>The attribute to search for.
-        Although RFC 2255 allows a comma-separated list of
-        attributes, only the first attribute will be used, no
-        matter how many are provided. If no attributes are
-        provided, the default is to use <code>uid</code>. It's a good
-        idea to choose an attribute that will be unique across all
-        entries in the subtree you will be using.  All attributes
-        listed will be put into the environment with an AUTHENTICATE_ prefix
-        for use by other modules.</dd>
+    <p>Apache's <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code>
+    directives are used during the authorization phase to ensure that
+    a user is allowed to access a resource.  mod_authnz_ldap extends the
+    authorization types with <code>ldap-user</code>, <code>ldap-dn</code>,
+    <code>ldap-group</code>, <code>ldap-attribute</code> and
+    <code>ldap-filter</code>.  Other authorization types may also be
+    used but may require that additional authorization modules be loaded.</p>
 
-<dt>scope</dt>
+    <p>Since v2.4.8, <a href="../expr.html">expressions</a> are supported
+    within the LDAP require directives.</p>
 
-        <dd>The scope of the search. Can be either <code>one</code> or
-        <code>sub</code>. Note that a scope of <code>base</code> is
-        also supported by RFC 2255, but is not supported by this
-        module. If the scope is not provided, or if <code>base</code> scope
-        is specified, the default is to use a scope of
-        <code>sub</code>.</dd>
+<h3><a name="requser" id="requser">Require ldap-user</a></h3>
 
-<dt>filter</dt>
+    <p>The <code>Require ldap-user</code> directive specifies what
+    usernames can access the resource. Once
+    <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> has retrieved a unique DN from the
+    directory, it does an LDAP compare operation using the username
+    specified in the <code>Require ldap-user</code> to see if that username
+    is part of the just-fetched LDAP entry.  Multiple users can be
+    granted access by putting multiple usernames on the line,
+    separated with spaces. If a username has a space in it, then it
+    must be surrounded with double quotes. Multiple users can also be
+    granted access by using multiple <code>Require ldap-user</code>
+    directives, with one user per line. For example, with a <code class="directive"><a href="#authldapurl">AuthLDAPURL</a></code> of
+    <code>ldap://ldap/o=Example?cn</code> (i.e., <code>cn</code> is
+    used for searches), the following Require directives could be used
+    to restrict access:</p>
+<pre class="prettyprint lang-config">Require ldap-user "Barbara Jenson"
+Require ldap-user "Fred User"
+Require ldap-user "Joe Manager"</pre>
 
-        <dd>A valid LDAP search filter. If
-        not provided, defaults to <code>(objectClass=*)</code>, which
-        will search for all objects in the tree. Filters are
-        limited to approximately 8000 characters (the definition of
-        <code>MAX_STRING_LEN</code> in the Apache source code). This
-        should be more than sufficient for any application. In 2.4.10 and later,
-        The word "none" may be used to not use any filter, which may be 
-        required by some primitive LDAP servers.</dd>
-</dl>
 
-    <p>When doing searches, the attribute, filter and username passed
-    by the HTTP client are combined to create a search filter that
-    looks like
-    <code>(&amp;(<em>filter</em>)(<em>attribute</em>=<em>username</em>))</code>.</p>
+    <p>Because of the way that <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> handles this
+    directive, Barbara Jenson could sign on as <em>Barbara
+    Jenson</em>, <em>Babs Jenson</em> or any other <code>cn</code> that
+    she has in her LDAP entry. Only the single <code>Require
+    ldap-user</code> line is needed to support all values of the attribute
+    in the user's entry.</p>
 
-    <p>For example, consider an URL of
-    <code>ldap://ldap.example.com/o=Example?cn?sub?(posixid=*)</code>. When
-    a client attempts to connect using a username of <code>Babs
-    Jenson</code>, the resulting search filter will be
-    <code>(&amp;(posixid=*)(cn=Babs Jenson))</code>.</p>
+    <p>If the <code>uid</code> attribute was used instead of the
+    <code>cn</code> attribute in the URL above, the above three lines
+    could be condensed to</p>
+<pre class="prettyprint lang-config">Require ldap-user bjenson fuser jmanager</pre>
 
-    <p>An optional parameter can be added to allow the LDAP Url to override
-    the connection type.  This parameter can be one of the following:</p>
 
-<dl>
-    <dt>NONE</dt>
-        <dd>Establish an unsecure connection on the default LDAP port. This
-        is the same as <code>ldap://</code> on port 389.</dd>
-    <dt>SSL</dt>
-        <dd>Establish a secure connection on the default secure LDAP port.
-        This is the same as <code>ldaps://</code></dd>
-    <dt>TLS | STARTTLS</dt>
-        <dd>Establish an upgraded secure connection on the default LDAP port.
-        This connection will be initiated on port 389 by default and then
-        upgraded to a secure connection on the same port.</dd>
-</dl>
 
-    <p>See above for examples of <code class="directive"><a href="#authldapurl">AuthLDAPURL</a></code> URLs.</p>
+<h3><a name="reqgroup" id="reqgroup">Require ldap-group</a></h3>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="contents" id="contents">Contents</a></h2>
+    <p>This directive specifies an LDAP group whose members are
+    allowed access. It takes the distinguished name of the LDAP
+    group. Note: Do not surround the group name with quotes.
+    For example, assume that the following entry existed in
+    the LDAP directory:</p>
+<div class="example"><pre>dn: cn=Administrators, o=Example
+objectClass: groupOfUniqueNames
+uniqueMember: cn=Barbara Jenson, o=Example
+uniqueMember: cn=Fred User, o=Example</pre></div>
 
-    <ul>
-      <li>
-        <a href="#operation">Operation</a>
+    <p>The following directive would grant access to both Fred and
+    Barbara:</p>
+<pre class="prettyprint lang-config">Require ldap-group cn=Administrators, o=Example</pre>
 
-        <ul>
-          <li><a href="#authenphase">The Authentication
-          Phase</a></li>
 
-          <li><a href="#authorphase">The Authorization
-          Phase</a></li>
-        </ul>
-      </li>
+    <p>Members can also be found within sub-groups of a specified LDAP group
+    if <code class="directive"><a href="#authldapmaxsubgroupdepth">AuthLDAPMaxSubGroupDepth</a></code>
+    is set to a value greater than 0. For example, assume the following entries
+    exist in the LDAP directory:</p>
+<div class="example"><pre>dn: cn=Employees, o=Example
+objectClass: groupOfUniqueNames
+uniqueMember: cn=Managers, o=Example
+uniqueMember: cn=Administrators, o=Example
+uniqueMember: cn=Users, o=Example
 
-      <li>
-        <a href="#requiredirectives">The Require Directives</a>
+dn: cn=Managers, o=Example
+objectClass: groupOfUniqueNames
+uniqueMember: cn=Bob Ellis, o=Example
+uniqueMember: cn=Tom Jackson, o=Example
 
-        <ul>
-          <li><a href="#requser">Require ldap-user</a></li>
-          <li><a href="#reqgroup">Require ldap-group</a></li>
-          <li><a href="#reqdn">Require ldap-dn</a></li>
-          <li><a href="#reqattribute">Require ldap-attribute</a></li>
-          <li><a href="#reqfilter">Require ldap-filter</a></li>
-        </ul>
-      </li>
+dn: cn=Administrators, o=Example
+objectClass: groupOfUniqueNames
+uniqueMember: cn=Barbara Jenson, o=Example
+uniqueMember: cn=Fred User, o=Example
 
-      <li><a href="#examples">Examples</a></li>
-      <li><a href="#usingtls">Using TLS</a></li>
-      <li><a href="#usingssl">Using SSL</a></li>
-      <li><a href="#exposed">Exposing Login Information</a></li>
-      <li><a href="#activedirectory">Using Active Directory</a></li>
-      <li>
-        <a href="#frontpage">Using Microsoft FrontPage with
-        <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code></a>
+dn: cn=Users, o=Example
+objectClass: groupOfUniqueNames
+uniqueMember: cn=Allan Jefferson, o=Example
+uniqueMember: cn=Paul Tilley, o=Example
+uniqueMember: cn=Temporary Employees, o=Example
+
+dn: cn=Temporary Employees, o=Example
+objectClass: groupOfUniqueNames
+uniqueMember: cn=Jim Swenson, o=Example
+uniqueMember: cn=Elliot Rhodes, o=Example</pre></div>
+
+    <p>The following directives would allow access for Bob Ellis, Tom Jackson,
+    Barbara Jenson, Fred User, Allan Jefferson, and Paul Tilley but would not
+    allow access for Jim Swenson, or Elliot Rhodes (since they are at a
+    sub-group depth of 2):</p>
+<pre class="prettyprint lang-config">Require ldap-group cn=Employees, o=Example
+AuthLDAPMaxSubGroupDepth 1</pre>
+
+
+    <p>Behavior of this directive is modified by the <code class="directive"><a href="#authldapgroupattribute">AuthLDAPGroupAttribute</a></code>, <code class="directive"><a href="#authldapgroupattributeisdn">AuthLDAPGroupAttributeIsDN</a></code>, <code class="directive"><a href="#authldapmaxsubgroupdepth">AuthLDAPMaxSubGroupDepth</a></code>, <code class="directive"><a href="#authldapsubgroupattribute">AuthLDAPSubGroupAttribute</a></code>, and <code class="directive"><a href="#authldapsubgroupclass">AuthLDAPSubGroupClass</a></code>
+    directives.</p>
+
+
+<h3><a name="reqdn" id="reqdn">Require ldap-dn</a></h3>
 
-        <ul>
-          <li><a href="#howitworks">How It Works</a></li>
-          <li><a href="#fpcaveats">Caveats</a></li>
-        </ul>
-      </li>
-    </ul>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="operation" id="operation">Operation</a></h2>
+    <p>The <code>Require ldap-dn</code> directive allows the administrator
+    to grant access based on distinguished names. It specifies a DN
+    that must match for access to be granted. If the distinguished
+    name that was retrieved from the directory server matches the
+    distinguished name in the <code>Require ldap-dn</code>, then
+    authorization is granted. Note: do not surround the distinguished
+    name with quotes.</p>
 
-    <p>There are two phases in granting access to a user. The first
-    phase is authentication, in which the <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code>
-    authentication provider verifies that the user's credentials are valid.
-    This is also called the <em>search/bind</em> phase. The second phase is
-    authorization, in which <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> determines
-    if the authenticated user is allowed access to the resource in
-    question. This is also known as the <em>compare</em>
-    phase.</p>
+    <p>The following directive would grant access to a specific
+    DN:</p>
+<pre class="prettyprint lang-config">Require ldap-dn cn=Barbara Jenson, o=Example</pre>
 
-    <p><code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> registers both an authn_ldap authentication
-    provider and an authz_ldap authorization handler.  The authn_ldap
-    authentication provider can be enabled through the
-    <code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code> directive
-    using the <code>ldap</code> value. The authz_ldap handler extends the
-    <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> directive's authorization types
-    by adding <code>ldap-user</code>, <code>ldap-dn</code> and <code>ldap-group</code>
-    values.</p>
 
-<h3><a name="authenphase" id="authenphase">The Authentication
-    Phase</a></h3>
+    <p>Behavior of this directive is modified by the <code class="directive"><a href="#authldapcomparednonserver">AuthLDAPCompareDNOnServer</a></code>
+    directive.</p>
 
-    <p>During the authentication phase, <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code>
-    searches for an entry in the directory that matches the username
-    that the HTTP client passes. If a single unique match is found,
-    then <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> attempts to bind to the
-    directory server using the DN of the entry plus the password
-    provided by the HTTP client. Because it does a search, then a
-    bind, it is often referred to as the search/bind phase. Here are
-    the steps taken during the search/bind phase.</p>
 
-    <ol>
-      <li>Generate a search filter by combining the attribute and
-      filter provided in the <code class="directive"><a href="#authldapurl">AuthLDAPURL</a></code> directive with
-      the username passed by the HTTP client.</li>
+<h3><a name="reqattribute" id="reqattribute">Require ldap-attribute</a></h3>
 
-      <li>Search the directory using the generated filter. If the
-      search does not return exactly one entry, deny or decline
-      access.</li>
+    <p>The <code>Require ldap-attribute</code> directive allows the
+    administrator to grant access based on attributes of the authenticated
+    user in the LDAP directory.  If the attribute in the directory
+    matches the value given in the configuration, access is granted.</p>
 
-      <li>Fetch the distinguished name of the entry retrieved from
-      the search and attempt to bind to the LDAP server using that
-      DN and the password passed by the HTTP client. If the bind is
-      unsuccessful, deny or decline access.</li>
-    </ol>
+    <p>The following directive would grant access to anyone with
+    the attribute employeeType = active</p>
 
-    <p>The following directives are used during the search/bind
-    phase</p>
+    <pre class="prettyprint lang-config">Require ldap-attribute employeeType=active</pre>
 
-    <table>
-      
-      <tr>
-        <td><code class="directive"><a href="#authldapurl">AuthLDAPURL</a></code></td>
 
-        <td>Specifies the LDAP server, the
-        base DN, the attribute to use in the search, as well as the
-        extra search filter to use.</td>
-      </tr>
+    <p>Multiple attribute/value pairs can be specified on the same line
+    separated by spaces or they can be specified in multiple
+    <code>Require ldap-attribute</code> directives. The effect of listing
+    multiple attribute/values pairs is an OR operation. Access will be
+    granted if any of the listed attribute values match the value of the
+    corresponding attribute in the user object. If the value of the
+    attribute contains a space, only the value must be within double quotes.</p>
 
-      <tr>
-        <td><code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code></td>
+    <p>The following directive would grant access to anyone with
+    the city attribute equal to "San Jose" or status equal to "Active"</p>
 
-        <td>An optional DN to bind with
-        during the search phase.</td>
-      </tr>
+    <pre class="prettyprint lang-config">Require ldap-attribute city="San Jose" status=active</pre>
 
-      <tr>
-        <td><code class="directive"><a href="#authldapbindpassword">AuthLDAPBindPassword</a></code></td>
 
-        <td>An optional password to bind
-        with during the search phase.</td>
-      </tr>
-    </table>
 
 
-<h3><a name="authorphase" id="authorphase">The Authorization Phase</a></h3>
+<h3><a name="reqfilter" id="reqfilter">Require ldap-filter</a></h3>
 
-    <p>During the authorization phase, <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code>
-    attempts to determine if the user is authorized to access the
-    resource.  Many of these checks require
-    <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> to do a compare operation on the
-    LDAP server. This is why this phase is often referred to as the
-    compare phase. <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> accepts the
-    following <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code>
-    directives to determine if the credentials are acceptable:</p>
+    <p>The <code>Require ldap-filter</code> directive allows the
+    administrator to grant access based on a complex LDAP search filter.
+    If the dn returned by the filter search matches the authenticated user
+    dn, access is granted.</p>
 
-    <ul>
-      <li>Grant access if there is a <a href="#reqgroup"><code>Require ldap-user</code></a> directive, and the
-      username in the directive matches the username passed by the
-      client.</li>
+    <p>The following directive would grant access to anyone having a cell phone
+    and is in the marketing department</p>
 
-      <li>Grant access if there is a <a href="#reqdn"><code>Require
-      ldap-dn</code></a> directive, and the DN in the directive matches
-      the DN fetched from the LDAP directory.</li>
+    <pre class="prettyprint lang-config">Require ldap-filter &amp;(cell=*)(department=marketing)</pre>
 
-      <li>Grant access if there is a <a href="#reqgroup"><code>Require ldap-group</code></a> directive, and
-      the DN fetched from the LDAP directory (or the username
-      passed by the client) occurs in the LDAP group or, potentially, in
-      one of its sub-groups.</li>
 
-      <li>Grant access if there is a <a href="#reqattribute">
-      <code>Require ldap-attribute</code></a>
-      directive, and the attribute fetched from the LDAP directory
-      matches the given value.</li>
+    <p>The difference between the <code>Require ldap-filter</code> directive and the
+    <code>Require ldap-attribute</code> directive is that <code>ldap-filter</code>
+    performs a search operation on the LDAP directory using the specified search
+    filter rather than a simple attribute comparison. If a simple attribute
+    comparison is all that is required, the comparison operation performed by
+    <code>ldap-attribute</code> will be faster than the search operation
+    used by <code>ldap-filter</code> especially within a large directory.</p>
 
-      <li>Grant access if there is a <a href="#reqfilter">
-      <code>Require ldap-filter</code></a>
-      directive, and the search filter successfully finds a single user
-      object that matches the dn of the authenticated user.</li>
 
-      <li>otherwise, deny or decline access</li>
-    </ul>
 
-    <p>Other <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> values may also
-    be used which may require loading additional authorization modules.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="examples" id="examples">Examples</a></h2>
 
     <ul>
-        <li>Grant access to all successfully authenticated users if
-        there is a <a href="#requser"><code>Require valid-user</code></a>
-        directive. (requires <code class="module"><a href="../mod/mod_authz_user.html">mod_authz_user</a></code>)</li>
-
-        <li>Grant access if there is a <a href="#reqgroup"><code>Require group</code></a> directive, and
-        <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code> has been loaded with the
-        <code class="directive"><a href="../mod/mod_authz_groupfile.html#authgroupfile">AuthGroupFile</a></code>
-        directive set.</li>
+      <li>
+        Grant access to anyone who exists in the LDAP directory,
+        using their UID for searches.
+<pre class="prettyprint lang-config">AuthLDAPURL "ldap://ldap1.example.com:389/ou=People, o=Example?uid?sub?(objectClass=*)"
+Require valid-user</pre>
 
-        <li>others...</li>
-     </ul>
+      </li>
 
+      <li>
+        The next example is the same as above; but with the fields
+        that have useful defaults omitted. Also, note the use of a
+        redundant LDAP server.
+<pre class="prettyprint lang-config">AuthLDAPURL "ldap://ldap1.example.com ldap2.example.com/ou=People, o=Example"
+Require valid-user</pre>
 
-    <p><code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> uses the following directives during the
-    compare phase:</p>
+      </li>
 
-    <table>
-      
-      <tr>
-        <td><code class="directive"><a href="#authldapurl">AuthLDAPURL</a></code> </td>
+      <li>
+        The next example is similar to the previous one, but it
+        uses the common name instead of the UID. Note that this
+        could be problematical if multiple people in the directory
+        share the same <code>cn</code>, because a search on <code>cn</code>
+        <strong>must</strong> return exactly one entry. That's why
+        this approach is not recommended: it's a better idea to
+        choose an attribute that is guaranteed unique in your
+        directory, such as <code>uid</code>.
+<pre class="prettyprint lang-config">AuthLDAPURL "ldap://ldap.example.com/ou=People, o=Example?cn"
+Require valid-user</pre>
 
-        <td>The attribute specified in the
-        URL is used in compare operations for the <code>Require
-        ldap-user</code> operation.</td>
-      </tr>
+      </li>
 
-      <tr>
-        <td><code class="directive"><a href="#authldapcomparednonserver">AuthLDAPCompareDNOnServer</a></code></td>
+      <li>
+        Grant access to anybody in the Administrators group. The
+        users must authenticate using their UID.
+<pre class="prettyprint lang-config">AuthLDAPURL ldap://ldap.example.com/o=Example?uid
+Require ldap-group cn=Administrators, o=Example</pre>
 
-        <td>Determines the behavior of the
-        <code>Require ldap-dn</code> directive.</td>
-      </tr>
+      </li>
 
-      <tr>
-        <td><code class="directive"><a href="#authldapgroupattribute">AuthLDAPGroupAttribute</a></code></td>
+      <li>
+        Grant access to anybody in the group whose name matches the
+        hostname of the virtual host. In this example an
+        <a href="../expr.html">expression</a> is used to build the filter.
+<pre class="prettyprint lang-config">AuthLDAPURL ldap://ldap.example.com/o=Example?uid
+Require ldap-group cn=%{SERVER_NAME}, o=Example</pre>
 
-        <td>Determines the attribute to
-        use for comparisons in the <code>Require ldap-group</code>
-        directive.</td>
-      </tr>
+      </li>
 
-      <tr>
-        <td><code class="directive"><a href="#authldapgroupattributeisdn">AuthLDAPGroupAttributeIsDN</a></code></td>
+      <li>
+        The next example assumes that everyone at Example who
+        carries an alphanumeric pager will have an LDAP attribute
+        of <code>qpagePagerID</code>. The example will grant access
+        only to people (authenticated via their UID) who have
+        alphanumeric pagers:
+<pre class="prettyprint lang-config">AuthLDAPURL ldap://ldap.example.com/o=Example?uid??(qpagePagerID=*)
+Require valid-user</pre>
 
-        <td>Specifies whether to use the
-        user DN or the username when doing comparisons for the
-        <code>Require ldap-group</code> directive.</td>
-      </tr>
+      </li>
 
-      <tr>
-        <td><code class="directive"><a href="#authldapmaxsubgroupdepth">AuthLDAPMaxSubGroupDepth</a></code></td>
+      <li>
+        <p>The next example demonstrates the power of using filters
+        to accomplish complicated administrative requirements.
+        Without filters, it would have been necessary to create a
+        new LDAP group and ensure that the group's members remain
+        synchronized with the pager users. This becomes trivial
+        with filters. The goal is to grant access to anyone who has
+        a pager, plus grant access to Joe Manager, who doesn't
+        have a pager, but does need to access the same
+        resource:</p>
+<pre class="prettyprint lang-config">AuthLDAPURL ldap://ldap.example.com/o=Example?uid??(|(qpagePagerID=*)(uid=jmanager))
+Require valid-user</pre>
 
-        <td>Determines the maximum depth of sub-groups that will be evaluated
-        during comparisons in the <code>Require ldap-group</code> directive.</td>
-      </tr>
 
-      <tr>
-        <td><code class="directive"><a href="#authldapsubgroupattribute">AuthLDAPSubGroupAttribute</a></code></td>
+        <p>This last may look confusing at first, so it helps to
+        evaluate what the search filter will look like based on who
+        connects, as shown below.  If
+        Fred User connects as <code>fuser</code>, the filter would look
+        like</p>
 
-        <td>Determines the attribute to use when obtaining sub-group members
-        of the current group during comparisons in the <code>Require ldap-group</code>
-        directive.</td>
-      </tr>
+        <div class="example"><p><code>(&amp;(|(qpagePagerID=*)(uid=jmanager))(uid=fuser))</code></p></div>
 
-      <tr>
-        <td><code class="directive"><a href="#authldapsubgroupclass">AuthLDAPSubGroupClass</a></code></td>
+        <p>The above search will only succeed if <em>fuser</em> has a
+        pager. When Joe Manager connects as <em>jmanager</em>, the
+        filter looks like</p>
 
-        <td>Specifies the LDAP objectClass values used to identify if queried directory
-        objects really are group objects (as opposed to user objects) during the
-        <code>Require ldap-group</code> directive's sub-group processing.</td>
-      </tr>
-    </table>
+        <div class="example"><p><code>(&amp;(|(qpagePagerID=*)(uid=jmanager))(uid=jmanager))</code></p></div>
 
+        <p>The above search will succeed whether <em>jmanager</em>
+        has a pager or not.</p>
+      </li>
+    </ul>
 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
-<h2><a name="requiredirectives" id="requiredirectives">The Require Directives</a></h2>
-
-    <p>Apache's <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code>
-    directives are used during the authorization phase to ensure that
-    a user is allowed to access a resource.  mod_authnz_ldap extends the
-    authorization types with <code>ldap-user</code>, <code>ldap-dn</code>,
-    <code>ldap-group</code>, <code>ldap-attribute</code> and
-    <code>ldap-filter</code>.  Other authorization types may also be
-    used but may require that additional authorization modules be loaded.</p>
-
-    <p>Since v2.4.8, <a href="../expr.html">expressions</a> are supported
-    within the LDAP require directives.</p>
+<h2><a name="usingtls" id="usingtls">Using TLS</a></h2>
 
-<h3><a name="requser" id="requser">Require ldap-user</a></h3>
+    <p>To use TLS, see the <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> directives <code class="directive"><a href="../mod/mod_ldap.html#ldaptrustedclientcert">LDAPTrustedClientCert</a></code>, <code class="directive"><a href="../mod/mod_ldap.html#ldaptrustedglobalcert">LDAPTrustedGlobalCert</a></code> and <code class="directive"><a href="../mod/mod_ldap.html#ldaptrustedmode">LDAPTrustedMode</a></code>.</p>
 
-    <p>The <code>Require ldap-user</code> directive specifies what
-    usernames can access the resource. Once
-    <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> has retrieved a unique DN from the
-    directory, it does an LDAP compare operation using the username
-    specified in the <code>Require ldap-user</code> to see if that username
-    is part of the just-fetched LDAP entry.  Multiple users can be
-    granted access by putting multiple usernames on the line,
-    separated with spaces. If a username has a space in it, then it
-    must be surrounded with double quotes. Multiple users can also be
-    granted access by using multiple <code>Require ldap-user</code>
-    directives, with one user per line. For example, with a <code class="directive"><a href="#authldapurl">AuthLDAPURL</a></code> of
-    <code>ldap://ldap/o=Example?cn</code> (i.e., <code>cn</code> is
-    used for searches), the following Require directives could be used
-    to restrict access:</p>
-<pre class="prettyprint lang-config">Require ldap-user "Barbara Jenson"
-Require ldap-user "Fred User"
-Require ldap-user "Joe Manager"</pre>
+    <p>An optional second parameter can be added to the
+    <code class="directive"><a href="#authldapurl">AuthLDAPURL</a></code> to override
+    the default connection type set by <code class="directive"><a href="../mod/mod_ldap.html#ldaptrustedmode">LDAPTrustedMode</a></code>.
+    This will allow the connection established by an <em>ldap://</em> Url
+    to be upgraded to a secure connection on the same port.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="usingssl" id="usingssl">Using SSL</a></h2>
 
+    <p>To use SSL, see the <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> directives <code class="directive"><a href="../mod/mod_ldap.html#ldaptrustedclientcert">LDAPTrustedClientCert</a></code>, <code class="directive"><a href="../mod/mod_ldap.html#ldaptrustedglobalcert">LDAPTrustedGlobalCert</a></code> and <code class="directive"><a href="../mod/mod_ldap.html#ldaptrustedmode">LDAPTrustedMode</a></code>.</p>
 
-    <p>Because of the way that <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> handles this
-    directive, Barbara Jenson could sign on as <em>Barbara
-    Jenson</em>, <em>Babs Jenson</em> or any other <code>cn</code> that
-    she has in her LDAP entry. Only the single <code>Require
-    ldap-user</code> line is needed to support all values of the attribute
-    in the user's entry.</p>
+    <p>To specify a secure LDAP server, use <em>ldaps://</em> in the
+    <code class="directive"><a href="#authldapurl">AuthLDAPURL</a></code>
+    directive, instead of <em>ldap://</em>.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="exposed" id="exposed">Exposing Login Information</a></h2>
 
-    <p>If the <code>uid</code> attribute was used instead of the
-    <code>cn</code> attribute in the URL above, the above three lines
-    could be condensed to</p>
-<pre class="prettyprint lang-config">Require ldap-user bjenson fuser jmanager</pre>
+    <p>when this module performs <em>authentication</em>, ldap attributes specified
+    in the <code class="directive"><a href="#authldapurl">authldapurl</a></code>
+    directive are placed in environment variables with the prefix "AUTHENTICATE_".</p>
 
+    <p>when this module performs <em>authorization</em>, ldap attributes specified
+    in the <code class="directive"><a href="#authldapurl">authldapurl</a></code>
+    directive are placed in environment variables with the prefix "AUTHORIZE_".</p>
 
+    <p>If the attribute field contains the username, common name
+    and telephone number of a user, a CGI program will have access to
+    this information without the need to make a second independent LDAP
+    query to gather this additional information.</p>
 
-<h3><a name="reqgroup" id="reqgroup">Require ldap-group</a></h3>
+    <p>This has the potential to dramatically simplify the coding and
+    configuration required in some web applications.</p>
 
-    <p>This directive specifies an LDAP group whose members are
-    allowed access. It takes the distinguished name of the LDAP
-    group. Note: Do not surround the group name with quotes.
-    For example, assume that the following entry existed in
-    the LDAP directory:</p>
-<div class="example"><pre>dn: cn=Administrators, o=Example
-objectClass: groupOfUniqueNames
-uniqueMember: cn=Barbara Jenson, o=Example
-uniqueMember: cn=Fred User, o=Example</pre></div>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="activedirectory" id="activedirectory">Using Active Directory</a></h2>
 
-    <p>The following directive would grant access to both Fred and
-    Barbara:</p>
-<pre class="prettyprint lang-config">Require ldap-group cn=Administrators, o=Example</pre>
+    <p>An Active Directory installation may support multiple domains at the
+    same time. To distinguish users between domains, an identifier called
+    a User Principle Name (UPN) can be added to a user's entry in the
+    directory. This UPN usually takes the form of the user's account
+    name, followed by the domain components of the particular domain,
+    for example <em>somebody@nz.example.com</em>.</p>
 
+    <p>You may wish to configure the <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code>
+    module to authenticate users present in any of the domains making up
+    the Active Directory forest. In this way both
+    <em>somebody@nz.example.com</em> and <em>someone@au.example.com</em>
+    can be authenticated using the same query at the same time.</p>
 
-    <p>Members can also be found within sub-groups of a specified LDAP group
-    if <code class="directive"><a href="#authldapmaxsubgroupdepth">AuthLDAPMaxSubGroupDepth</a></code>
-    is set to a value greater than 0. For example, assume the following entries
-    exist in the LDAP directory:</p>
-<div class="example"><pre>dn: cn=Employees, o=Example
-objectClass: groupOfUniqueNames
-uniqueMember: cn=Managers, o=Example
-uniqueMember: cn=Administrators, o=Example
-uniqueMember: cn=Users, o=Example
+    <p>To make this practical, Active Directory supports the concept of
+    a Global Catalog. This Global Catalog is a read only copy of selected
+    attributes of all the Active Directory servers within the Active
+    Directory forest. Querying the Global Catalog allows all the domains
+    to be queried in a single query, without the query spanning servers
+    over potentially slow links.</p>
 
-dn: cn=Managers, o=Example
-objectClass: groupOfUniqueNames
-uniqueMember: cn=Bob Ellis, o=Example
-uniqueMember: cn=Tom Jackson, o=Example
+    <p>If enabled, the Global Catalog is an independent directory server
+    that runs on port 3268 (3269 for SSL). To search for a user, do a
+    subtree search for the attribute <em>userPrincipalName</em>, with
+    an empty search root, like so:</p>
 
-dn: cn=Administrators, o=Example
-objectClass: groupOfUniqueNames
-uniqueMember: cn=Barbara Jenson, o=Example
-uniqueMember: cn=Fred User, o=Example
+<pre class="prettyprint lang-config">AuthLDAPBindDN apache@example.com
+AuthLDAPBindPassword password
+AuthLDAPURL ldap://10.0.0.1:3268/?userPrincipalName?sub</pre>
 
-dn: cn=Users, o=Example
-objectClass: groupOfUniqueNames
-uniqueMember: cn=Allan Jefferson, o=Example
-uniqueMember: cn=Paul Tilley, o=Example
-uniqueMember: cn=Temporary Employees, o=Example
 
-dn: cn=Temporary Employees, o=Example
-objectClass: groupOfUniqueNames
-uniqueMember: cn=Jim Swenson, o=Example
-uniqueMember: cn=Elliot Rhodes, o=Example</pre></div>
+    <p>Users will need to enter their User Principal Name as a login, in
+    the form <em>somebody@nz.example.com</em>.</p>
 
-    <p>The following directives would allow access for Bob Ellis, Tom Jackson,
-    Barbara Jenson, Fred User, Allan Jefferson, and Paul Tilley but would not
-    allow access for Jim Swenson, or Elliot Rhodes (since they are at a
-    sub-group depth of 2):</p>
-<pre class="prettyprint lang-config">Require ldap-group cn=Employees, o=Example
-AuthLDAPMaxSubGroupDepth 1</pre>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="frontpage" id="frontpage">Using Microsoft
+    FrontPage with mod_authnz_ldap</a></h2>
 
+    <p>Normally, FrontPage uses FrontPage-web-specific user/group
+    files (i.e., the <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code> and
+    <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code> modules) to handle all
+    authentication. Unfortunately, it is not possible to just
+    change to LDAP authentication by adding the proper directives,
+    because it will break the <em>Permissions</em> forms in
+    the FrontPage client, which attempt to modify the standard
+    text-based authorization files.</p>
 
-    <p>Behavior of this directive is modified by the <code class="directive"><a href="#authldapgroupattribute">AuthLDAPGroupAttribute</a></code>, <code class="directive"><a href="#authldapgroupattributeisdn">AuthLDAPGroupAttributeIsDN</a></code>, <code class="directive"><a href="#authldapmaxsubgroupdepth">AuthLDAPMaxSubGroupDepth</a></code>, <code class="directive"><a href="#authldapsubgroupattribute">AuthLDAPSubGroupAttribute</a></code>, and <code class="directive"><a href="#authldapsubgroupclass">AuthLDAPSubGroupClass</a></code>
-    directives.</p>
+    <p>Once a FrontPage web has been created, adding LDAP
+    authentication to it is a matter of adding the following
+    directives to <em>every</em> <code>.htaccess</code> file
+    that gets created in the web</p>
+<pre class="prettyprint lang-config">AuthLDAPURL       "the url"
+AuthGroupFile     "mygroupfile"
+Require group     "mygroupfile"</pre>
 
 
-<h3><a name="reqdn" id="reqdn">Require ldap-dn</a></h3>
+<h3><a name="howitworks" id="howitworks">How It Works</a></h3>
 
-    <p>The <code>Require ldap-dn</code> directive allows the administrator
-    to grant access based on distinguished names. It specifies a DN
-    that must match for access to be granted. If the distinguished
-    name that was retrieved from the directory server matches the
-    distinguished name in the <code>Require ldap-dn</code>, then
-    authorization is granted. Note: do not surround the distinguished
-    name with quotes.</p>
+    <p>FrontPage restricts access to a web by adding the <code>Require
+    valid-user</code> directive to the <code>.htaccess</code>
+    files. The <code>Require valid-user</code> directive will succeed for
+    any user who is valid <em>as far as LDAP is
+    concerned</em>. This means that anybody who has an entry in
+    the LDAP directory is considered a valid user, whereas FrontPage
+    considers only those people in the local user file to be
+    valid. By substituting the ldap-group with group file authorization,
+    Apache is allowed to consult the local user file (which is managed by
+    FrontPage) - instead of LDAP - when handling authorizing the user.</p>
 
-    <p>The following directive would grant access to a specific
-    DN:</p>
-<pre class="prettyprint lang-config">Require ldap-dn cn=Barbara Jenson, o=Example</pre>
+    <p>Once directives have been added as specified above,
+    FrontPage users will be able to perform all management
+    operations from the FrontPage client.</p>
 
 
-    <p>Behavior of this directive is modified by the <code class="directive"><a href="#authldapcomparednonserver">AuthLDAPCompareDNOnServer</a></code>
-    directive.</p>
+<h3><a name="fpcaveats" id="fpcaveats">Caveats</a></h3>
 
+    <ul>
+      <li>When choosing the LDAP URL, the attribute to use for
+      authentication should be something that will also be valid
+      for putting into a <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code> user file.
+      The user ID is ideal for this.</li>
 
-<h3><a name="reqattribute" id="reqattribute">Require ldap-attribute</a></h3>
+      <li>When adding users via FrontPage, FrontPage administrators
+      should choose usernames that already exist in the LDAP
+      directory (for obvious reasons). Also, the password that the
+      administrator enters into the form is ignored, since Apache
+      will actually be authenticating against the password in the
+      LDAP database, and not against the password in the local user
+      file. This could cause confusion for web administrators.</li>
 
-    <p>The <code>Require ldap-attribute</code> directive allows the
-    administrator to grant access based on attributes of the authenticated
-    user in the LDAP directory.  If the attribute in the directory
-    matches the value given in the configuration, access is granted.</p>
+      
+      <li>Apache must be compiled with <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>,
+      <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code> and
+      <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code> in order to
+      use FrontPage support. This is because Apache will still use
+      the <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code> group file for determine
+      the extent of a user's access to the FrontPage web.</li>
 
-    <p>The following directive would grant access to anyone with
-    the attribute employeeType = active</p>
+      <li>The directives must be put in the <code>.htaccess</code>
+      files. Attempting to put them inside <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code> or <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code> directives won't work. This
+      is because <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> has to be able to grab
+      the <code class="directive"><a href="../mod/mod_authz_groupfile.html#authgroupfile">AuthGroupFile</a></code>
+      directive that is found in FrontPage <code>.htaccess</code>
+      files so that it knows where to look for the valid user list. If
+      the <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> directives aren't in the same
+      <code>.htaccess</code> file as the FrontPage directives, then
+      the hack won't work, because <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> will
+      never get a chance to process the <code>.htaccess</code> file,
+      and won't be able to find the FrontPage-managed user file.</li>
+    </ul>
 
-    <pre class="prettyprint lang-config">Require ldap-attribute employeeType=active</pre>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPAuthorizePrefix" id="AuthLDAPAuthorizePrefix">AuthLDAPAuthorizePrefix</a> <a name="authldapauthorizeprefix" id="authldapauthorizeprefix">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies the prefix for environment variables set during
+authorization</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPAuthorizePrefix <em>prefix</em></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPAuthorizePrefix AUTHORIZE_</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.6 and later</td></tr>
+</table>
+    <p>This directive allows you to override the prefix used for environment
+    variables set during LDAP authorization.  If <em>AUTHENTICATE_</em> is
+    specified, consumers of these environment variables see the same information
+    whether LDAP has performed authentication, authorization, or both.</p>
 
+    <div class="note"><h3>Note</h3>
+    No authorization variables are set when a user is authorized on the basis of
+    <code>Require valid-user</code>.
+    </div>
 
-    <p>Multiple attribute/value pairs can be specified on the same line
-    separated by spaces or they can be specified in multiple
-    <code>Require ldap-attribute</code> directives. The effect of listing
-    multiple attribute/values pairs is an OR operation. Access will be
-    granted if any of the listed attribute values match the value of the
-    corresponding attribute in the user object. If the value of the
-    attribute contains a space, only the value must be within double quotes.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPBindAuthoritative" id="AuthLDAPBindAuthoritative">AuthLDAPBindAuthoritative</a> <a name="authldapbindauthoritative" id="authldapbindauthoritative">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Determines if other authentication providers are used when a user can be mapped to a DN but the server cannot successfully bind with the user's credentials.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPBindAuthoritative<em>off|on</em></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPBindAuthoritative on</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+</table>
+    <p>By default, subsequent authentication providers are only queried if a
+    user cannot be mapped to a DN, but not if the user can be mapped to a DN and their
+    password cannot be verified with an LDAP bind.
+    If <code class="directive"><a href="#authldapbindauthoritative">AuthLDAPBindAuthoritative</a></code>
+    is set to <em>off</em>, other configured authentication modules will have
+    a chance to validate the user if the LDAP bind (with the current user's credentials)
+    fails for any reason.</p>
+    <p> This allows users present in both LDAP and
+    <code class="directive"><a href="../mod/mod_authn_file.html#authuserfile">AuthUserFile</a></code> to authenticate
+    when the LDAP server is available but the user's account is locked or password
+    is otherwise unusable.</p>
 
-    <p>The following directive would grant access to anyone with
-    the city attribute equal to "San Jose" or status equal to "Active"</p>
+<h3>See also</h3>
+<ul>
+<li><code class="directive"><a href="../mod/mod_authn_file.html#authuserfile">AuthUserFile</a></code></li>
+<li><code class="directive"><a href="../mod/mod_auth_basic.html#authbasicprovider">AuthBasicProvider</a></code></li>
+</ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPBindDN" id="AuthLDAPBindDN">AuthLDAPBindDN</a> <a name="authldapbinddn" id="authldapbinddn">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Optional DN to use in binding to the LDAP server</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPBindDN <em>distinguished-name</em></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+</table>
+    <p>An optional DN used to bind to the server when searching for
+    entries. If not provided, <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> will use
+    an anonymous bind.</p>
 
-    <pre class="prettyprint lang-config">Require ldap-attribute city="San Jose" status=active</pre>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPBindPassword" id="AuthLDAPBindPassword">AuthLDAPBindPassword</a> <a name="authldapbindpassword" id="authldapbindpassword">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Password used in conjuction with the bind DN</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPBindPassword <em>password</em></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td><em>exec:</em> was added in 2.4.5.</td></tr>
+</table>
+    <p>A bind password to use in conjunction with the bind DN. Note
+    that the bind password is probably sensitive data, and should be
+    properly protected. You should only use the <code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code> and <code class="directive"><a href="#authldapbindpassword">AuthLDAPBindPassword</a></code> if you
+    absolutely need them to search the directory.</p>
 
+    <p>If the value begins with exec: the resulting command will be
+    executed and the first line returned to standard output by the
+    program will be used as the password.</p>
+<pre class="prettyprint lang-config">#Password used as-is
+AuthLDAPBindPassword secret
 
+#Run /path/to/program to get my password
+AuthLDAPBindPassword exec:/path/to/program
 
+#Run /path/to/otherProgram and provide arguments
+AuthLDAPBindPassword "exec:/path/to/otherProgram argument1"</pre>
 
-<h3><a name="reqfilter" id="reqfilter">Require ldap-filter</a></h3>
 
-    <p>The <code>Require ldap-filter</code> directive allows the
-    administrator to grant access based on a complex LDAP search filter.
-    If the dn returned by the filter search matches the authenticated user
-    dn, access is granted.</p>
 
-    <p>The following directive would grant access to anyone having a cell phone
-    and is in the marketing department</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPCharsetConfig" id="AuthLDAPCharsetConfig">AuthLDAPCharsetConfig</a> <a name="authldapcharsetconfig" id="authldapcharsetconfig">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Language to charset conversion configuration file</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPCharsetConfig <em>file-path</em></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+</table>
+    <p>The <code class="directive">AuthLDAPCharsetConfig</code> directive sets the location
+    of the language to charset conversion configuration file. <var>File-path</var> is relative
+    to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>. This file specifies
+    the list of language extensions to character sets.
+    Most administrators use the provided <code>charset.conv</code>
+    file, which associates common language extensions to character sets.</p>
 
-    <pre class="prettyprint lang-config">Require ldap-filter &amp;(cell=*)(department=marketing)</pre>
+    <p>The file contains lines in the following format:</p>
 
+    <div class="example"><p><code>
+      <var>Language-Extension</var> <var>charset</var> [<var>Language-String</var>] ...
+    </code></p></div>
 
-    <p>The difference between the <code>Require ldap-filter</code> directive and the
-    <code>Require ldap-attribute</code> directive is that <code>ldap-filter</code>
-    performs a search operation on the LDAP directory using the specified search
-    filter rather than a simple attribute comparison. If a simple attribute
-    comparison is all that is required, the comparison operation performed by
-    <code>ldap-attribute</code> will be faster than the search operation
-    used by <code>ldap-filter</code> especially within a large directory.</p>
+    <p>The case of the extension does not matter. Blank lines, and lines
+    beginning with a hash character (<code>#</code>) are ignored.</p>
 
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPCompareAsUser" id="AuthLDAPCompareAsUser">AuthLDAPCompareAsUser</a> <a name="authldapcompareasuser" id="authldapcompareasuser">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use the authenticated user's credentials to perform authorization comparisons</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPCompareAsUser on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPCompareAsUser off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.6 and later</td></tr>
+</table>
+    <p>When set, and <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> has authenticated the
+    user, LDAP comparisons for authorization use the queried distinguished name (DN)
+    and HTTP basic authentication password of the authenticated user instead of
+    the servers configured credentials.</p>
 
+    <p> The <em>ldap-attribute</em>, <em>ldap-user</em>, and <em>ldap-group</em> (single-level only)
+    authorization checks use comparisons.</p>
 
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="examples" id="examples">Examples</a></h2>
+    <p>This directive only has effect on the comparisons performed during
+    nested group processing when <code class="directive"><a href="#authldapsearchasuser">
+    AuthLDAPSearchAsUser</a></code> is also enabled.</p>
 
-    <ul>
-      <li>
-        Grant access to anyone who exists in the LDAP directory,
-        using their UID for searches.
-<pre class="prettyprint lang-config">AuthLDAPURL "ldap://ldap1.example.com:389/ou=People, o=Example?uid?sub?(objectClass=*)"
-Require valid-user</pre>
+    <p> This directive should only be used when your LDAP server doesn't
+        accept anonymous comparisons and you cannot use a dedicated
+        <code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code>.
+    </p>
 
-      </li>
+<h3>See also</h3>
+<ul>
+<li><code class="directive"><a href="#authldapinitialbindasuser">AuthLDAPInitialBindAsUser</a></code></li>
+<li><code class="directive"><a href="#authldapsearchasuser">AuthLDAPSearchAsUser</a></code></li>
+</ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPCompareDNOnServer" id="AuthLDAPCompareDNOnServer">AuthLDAPCompareDNOnServer</a> <a name="authldapcomparednonserver" id="authldapcomparednonserver">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use the LDAP server to compare the DNs</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPCompareDNOnServer on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPCompareDNOnServer on</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+</table>
+    <p>When set, <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> will use the LDAP
+    server to compare the DNs. This is the only foolproof way to
+    compare DNs.  <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> will search the
+    directory for the DN specified with the <a href="#reqdn"><code>Require dn</code></a> directive, then,
+    retrieve the DN and compare it with the DN retrieved from the user
+    entry. If this directive is not set,
+    <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> simply does a string comparison. It
+    is possible to get false negatives with this approach, but it is
+    much faster. Note the <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> cache can speed up
+    DN comparison in most situations.</p>
 
-      <li>
-        The next example is the same as above; but with the fields
-        that have useful defaults omitted. Also, note the use of a
-        redundant LDAP server.
-<pre class="prettyprint lang-config">AuthLDAPURL "ldap://ldap1.example.com ldap2.example.com/ou=People, o=Example"
-Require valid-user</pre>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPDereferenceAliases" id="AuthLDAPDereferenceAliases">AuthLDAPDereferenceAliases</a> <a name="authldapdereferencealiases" id="authldapdereferencealiases">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>When will the module de-reference aliases</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPDereferenceAliases never|searching|finding|always</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPDereferenceAliases always</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+</table>
+    <p>This directive specifies when <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> will
+    de-reference aliases during LDAP operations. The default is
+    <code>always</code>.</p>
 
-      </li>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPGroupAttribute" id="AuthLDAPGroupAttribute">AuthLDAPGroupAttribute</a> <a name="authldapgroupattribute" id="authldapgroupattribute">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>LDAP attributes used to identify the user members of
+groups.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPGroupAttribute <em>attribute</em></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPGroupAttribute member uniquemember</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+</table>
+    <p>This directive specifies which LDAP attributes are used to
+    check for user members within groups. Multiple attributes can be used
+    by specifying this directive multiple times. If not specified,
+    then <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> uses the <code>member</code> and
+    <code>uniquemember</code> attributes.</p>
 
-      <li>
-        The next example is similar to the previous one, but it
-        uses the common name instead of the UID. Note that this
-        could be problematical if multiple people in the directory
-        share the same <code>cn</code>, because a search on <code>cn</code>
-        <strong>must</strong> return exactly one entry. That's why
-        this approach is not recommended: it's a better idea to
-        choose an attribute that is guaranteed unique in your
-        directory, such as <code>uid</code>.
-<pre class="prettyprint lang-config">AuthLDAPURL "ldap://ldap.example.com/ou=People, o=Example?cn"
-Require valid-user</pre>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPGroupAttributeIsDN" id="AuthLDAPGroupAttributeIsDN">AuthLDAPGroupAttributeIsDN</a> <a name="authldapgroupattributeisdn" id="authldapgroupattributeisdn">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use the DN of the client username when checking for
+group membership</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPGroupAttributeIsDN on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPGroupAttributeIsDN on</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+</table>
+    <p>When set <code>on</code>, this directive says to use the
+    distinguished name of the client username when checking for group
+    membership.  Otherwise, the username will be used. For example,
+    assume that the client sent the username <code>bjenson</code>,
+    which corresponds to the LDAP DN <code>cn=Babs Jenson,
+    o=Example</code>. If this directive is set,
+    <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> will check if the group has
+    <code>cn=Babs Jenson, o=Example</code> as a member. If this
+    directive is not set, then <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> will
+    check if the group has <code>bjenson</code> as a member.</p>
 
-      </li>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPInitialBindAsUser" id="AuthLDAPInitialBindAsUser">AuthLDAPInitialBindAsUser</a> <a name="authldapinitialbindasuser" id="authldapinitialbindasuser">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Determines if the server does the initial DN lookup using the basic authentication users'
+own username, instead of anonymously or with hard-coded credentials for the server</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPInitialBindAsUser <em>off|on</em></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPInitialBindAsUser off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.6 and later</td></tr>
+</table>
+    <p>By default, the server either anonymously, or with a dedicated user and
+     password, converts the basic authentication username into an LDAP
+     distinguished name (DN).  This directive forces the server to use the verbatim username
+     and password provided by the incoming user to perform the initial DN
+     search.</p>
 
-      <li>
-        Grant access to anybody in the Administrators group. The
-        users must authenticate using their UID.
-<pre class="prettyprint lang-config">AuthLDAPURL ldap://ldap.example.com/o=Example?uid
-Require ldap-group cn=Administrators, o=Example</pre>
+     <p> If the verbatim username can't directly bind, but needs some
+     cosmetic transformation, see <code class="directive"><a href="#authldapinitialbindpattern">
+     AuthLDAPInitialBindPattern</a></code>.</p>
 
-      </li>
+     <p> This directive should only be used when your LDAP server doesn't
+         accept anonymous searches and you cannot use a dedicated
+         <code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code>.
+     </p>
 
-      <li>
-        Grant access to anybody in the group whose name matches the
-        hostname of the virtual host. In this example an
-        <a href="../expr.html">expression</a> is used to build the filter.
-<pre class="prettyprint lang-config">AuthLDAPURL ldap://ldap.example.com/o=Example?uid
-Require ldap-group cn=%{SERVER_NAME}, o=Example</pre>
+     <div class="note"><h3>Not available with authorization-only</h3>
+         This directive can only be used if this module authenticates the user, and
+         has no effect when this module is used exclusively for authorization.
+     </div>
 
-      </li>
+<h3>See also</h3>
+<ul>
+<li><code class="directive"><a href="#authldapinitialbindpattern">AuthLDAPInitialBindPattern</a></code></li>
+<li><code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code></li>
+<li><code class="directive"><a href="#authldapcompareasuser">AuthLDAPCompareAsUser</a></code></li>
+<li><code class="directive"><a href="#authldapsearchasuser">AuthLDAPSearchAsUser</a></code></li>
+</ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPInitialBindPattern" id="AuthLDAPInitialBindPattern">AuthLDAPInitialBindPattern</a> <a name="authldapinitialbindpattern" id="authldapinitialbindpattern">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies the transformation of the basic authentication username to be used when binding to the LDAP server
+to perform a DN lookup</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPInitialBindPattern<em><var>regex</var> <var>substitution</var></em></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPInitialBindPattern (.*) $1 (remote username used verbatim)</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.6 and later</td></tr>
+</table>
+    <p>If <code class="directive"><a href="#authldapinitialbindasuser">AuthLDAPInitialBindAsUser</a></code> is set to
+       <em>ON</em>, the basic authentication username will be transformed according to the
+       regular expression and substituion arguments.</p>
 
-      <li>
-        The next example assumes that everyone at Example who
-        carries an alphanumeric pager will have an LDAP attribute
-        of <code>qpagePagerID</code>. The example will grant access
-        only to people (authenticated via their UID) who have
-        alphanumeric pagers:
-<pre class="prettyprint lang-config">AuthLDAPURL ldap://ldap.example.com/o=Example?uid??(qpagePagerID=*)
-Require valid-user</pre>
+    <p> The regular expression argument is compared against the current basic authentication username.
+        The substitution argument may contain backreferences, but has no other variable interpolation.</p>
 
-      </li>
+    <p> This directive should only be used when your LDAP server doesn't
+        accept anonymous searches and you cannot use a dedicated
+        <code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code>.
+    </p>
 
-      <li>
-        <p>The next example demonstrates the power of using filters
-        to accomplish complicated administrative requirements.
-        Without filters, it would have been necessary to create a
-        new LDAP group and ensure that the group's members remain
-        synchronized with the pager users. This becomes trivial
-        with filters. The goal is to grant access to anyone who has
-        a pager, plus grant access to Joe Manager, who doesn't
-        have a pager, but does need to access the same
-        resource:</p>
-<pre class="prettyprint lang-config">AuthLDAPURL ldap://ldap.example.com/o=Example?uid??(|(qpagePagerID=*)(uid=jmanager))
-Require valid-user</pre>
+    <pre class="prettyprint lang-config">AuthLDAPInitialBindPattern (.+) $1@example.com</pre>
 
+    <pre class="prettyprint lang-config">AuthLDAPInitialBindPattern (.+) cn=$1,dc=example,dc=com</pre>
 
-        <p>This last may look confusing at first, so it helps to
-        evaluate what the search filter will look like based on who
-        connects, as shown below.  If
-        Fred User connects as <code>fuser</code>, the filter would look
-        like</p>
 
-        <div class="example"><p><code>(&amp;(|(qpagePagerID=*)(uid=jmanager))(uid=fuser))</code></p></div>
+    <div class="note"><h3>Not available with authorization-only</h3>
+        This directive can only be used if this module authenticates the user, and
+        has no effect when this module is used exclusively for authorization.
+    </div>
+    <div class="note"><h3>debugging</h3>
+        The substituted DN is recorded in the environment variable
+        <em>LDAP_BINDASUSER</em>.  If the regular expression does not match the input,
+        the verbatim username is used.
+    </div>
 
-        <p>The above search will only succeed if <em>fuser</em> has a
-        pager. When Joe Manager connects as <em>jmanager</em>, the
-        filter looks like</p>
+<h3>See also</h3>
+<ul>
+<li><code class="directive"><a href="#authldapinitialbindasuser">AuthLDAPInitialBindAsUser</a></code></li>
+<li><code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code></li>
+</ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPMaxSubGroupDepth" id="AuthLDAPMaxSubGroupDepth">AuthLDAPMaxSubGroupDepth</a> <a name="authldapmaxsubgroupdepth" id="authldapmaxsubgroupdepth">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies the maximum sub-group nesting depth that will be
+evaluated before the user search is discontinued.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPMaxSubGroupDepth <var>Number</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPMaxSubGroupDepth 10</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.0 and later</td></tr>
+</table>
+   <p>When this directive is set to a non-zero value <code>X</code>
+   combined with use of the <code>Require ldap-group someGroupDN</code>
+   directive, the provided user credentials will be searched for
+   as a member of the <code>someGroupDN</code> directory object or of
+   any group member of the current group up to the maximum nesting
+   level <code>X</code> specified by this directive.</p>
+   <p>See the <a href="#reqgroup"><code>Require ldap-group</code></a>
+   section for a more detailed example.</p>
 
-        <div class="example"><p><code>(&amp;(|(qpagePagerID=*)(uid=jmanager))(uid=jmanager))</code></p></div>
+   <div class="note"><h3>Nested groups performance</h3>
+   <p> When <code class="directive">AuthLDAPSubGroupAttribute</code> overlaps with
+   <code class="directive">AuthLDAPGroupAttribute</code> (as it does by default and
+   as required by common LDAP schemas), uncached searching for subgroups in 
+   large groups can be very slow. If you use large, non-nested groups, set 
+   <code class="directive">AuthLDAPMaxSubGroupDepth</code> to zero.</p>
+   </div>
 
-        <p>The above search will succeed whether <em>jmanager</em>
-        has a pager or not.</p>
-      </li>
-    </ul>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="usingtls" id="usingtls">Using TLS</a></h2>
 
-    <p>To use TLS, see the <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> directives <code class="directive"><a href="../mod/mod_ldap.html#ldaptrustedclientcert">LDAPTrustedClientCert</a></code>, <code class="directive"><a href="../mod/mod_ldap.html#ldaptrustedglobalcert">LDAPTrustedGlobalCert</a></code> and <code class="directive"><a href="../mod/mod_ldap.html#ldaptrustedmode">LDAPTrustedMode</a></code>.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPRemoteUserAttribute" id="AuthLDAPRemoteUserAttribute">AuthLDAPRemoteUserAttribute</a> <a name="authldapremoteuserattribute" id="authldapremoteuserattribute">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use the value of the attribute returned during the user
+query to set the REMOTE_USER environment variable</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPRemoteUserAttribute uid</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+</table>
+    <p>If this directive is set, the value of the
+    <code>REMOTE_USER</code> environment variable will be set to the
+    value of the attribute specified. Make sure that this attribute is
+    included in the list of attributes in the AuthLDAPUrl definition,
+    otherwise this directive will have no effect. This directive, if
+    present, takes precedence over AuthLDAPRemoteUserIsDN. This
+    directive is useful should you want people to log into a website
+    using an email address, but a backend application expects the
+    username as a userid.</p>
 
-    <p>An optional second parameter can be added to the
-    <code class="directive"><a href="#authldapurl">AuthLDAPURL</a></code> to override
-    the default connection type set by <code class="directive"><a href="../mod/mod_ldap.html#ldaptrustedmode">LDAPTrustedMode</a></code>.
-    This will allow the connection established by an <em>ldap://</em> Url
-    to be upgraded to a secure connection on the same port.</p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="usingssl" id="usingssl">Using SSL</a></h2>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPRemoteUserIsDN" id="AuthLDAPRemoteUserIsDN">AuthLDAPRemoteUserIsDN</a> <a name="authldapremoteuserisdn" id="authldapremoteuserisdn">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use the DN of the client username to set the REMOTE_USER
+environment variable</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPRemoteUserIsDN on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPRemoteUserIsDN off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+</table>
+    <p>If this directive is set to on, the value of the
+    <code>REMOTE_USER</code> environment variable will be set to the full
+    distinguished name of the authenticated user, rather than just
+    the username that was passed by the client. It is turned off by
+    default.</p>
 
-    <p>To use SSL, see the <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> directives <code class="directive"><a href="../mod/mod_ldap.html#ldaptrustedclientcert">LDAPTrustedClientCert</a></code>, <code class="directive"><a href="../mod/mod_ldap.html#ldaptrustedglobalcert">LDAPTrustedGlobalCert</a></code> and <code class="directive"><a href="../mod/mod_ldap.html#ldaptrustedmode">LDAPTrustedMode</a></code>.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPSearchAsUser" id="AuthLDAPSearchAsUser">AuthLDAPSearchAsUser</a> <a name="authldapsearchasuser" id="authldapsearchasuser">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use the authenticated user's credentials to perform authorization searches</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPSearchAsUser on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPSearchAsUser off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.6 and later</td></tr>
+</table>
+    <p>When set, and <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> has authenticated the
+    user, LDAP searches for authorization use the queried distinguished name (DN)
+    and HTTP basic authentication password of the authenticated user instead of
+    the servers configured credentials.</p>
 
-    <p>To specify a secure LDAP server, use <em>ldaps://</em> in the
-    <code class="directive"><a href="#authldapurl">AuthLDAPURL</a></code>
-    directive, instead of <em>ldap://</em>.</p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="exposed" id="exposed">Exposing Login Information</a></h2>
+    <p> The <em>ldap-filter</em> and <em>ldap-dn</em> authorization
+    checks use searches.</p>
 
-    <p>when this module performs <em>authentication</em>, ldap attributes specified
-    in the <code class="directive"><a href="#authldapurl">authldapurl</a></code>
-    directive are placed in environment variables with the prefix "AUTHENTICATE_".</p>
+    <p>This directive only has effect on the comparisons performed during
+    nested group processing when <code class="directive"><a href="#authldapcompareasuser">
+    AuthLDAPCompareAsUser</a></code> is also enabled.</p>
 
-    <p>when this module performs <em>authorization</em>, ldap attributes specified
-    in the <code class="directive"><a href="#authldapurl">authldapurl</a></code>
-    directive are placed in environment variables with the prefix "AUTHORIZE_".</p>
+    <p> This directive should only be used when your LDAP server doesn't
+        accept anonymous searches and you cannot use a dedicated
+        <code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code>.
+    </p>
 
-    <p>If the attribute field contains the username, common name
-    and telephone number of a user, a CGI program will have access to
-    this information without the need to make a second independent LDAP
-    query to gather this additional information.</p>
+<h3>See also</h3>
+<ul>
+<li><code class="directive"><a href="#authldapinitialbindasuser">AuthLDAPInitialBindAsUser</a></code></li>
+<li><code class="directive"><a href="#authldapcompareasuser">AuthLDAPCompareAsUser</a></code></li>
+</ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPSubGroupAttribute" id="AuthLDAPSubGroupAttribute">AuthLDAPSubGroupAttribute</a> <a name="authldapsubgroupattribute" id="authldapsubgroupattribute">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies the attribute labels, one value per
+directive line, used to distinguish the members of the current group that
+are groups.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPSubGroupAttribute <em>attribute</em></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPSubgroupAttribute member uniquemember</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.0 and later</td></tr>
+</table>
+    <p>An LDAP group object may contain members that are users and
+    members that are groups (called nested or sub groups). The
+    <code>AuthLDAPSubGroupAttribute</code> directive identifies the
+    labels of group members and the <code>AuthLDAPGroupAttribute</code>
+    directive identifies the labels of the user members. Multiple
+    attributes can be used by specifying this directive multiple times.
+    If not specified, then <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> uses the
+    <code>member</code> and <code>uniqueMember</code> attributes.</p>
 
-    <p>This has the potential to dramatically simplify the coding and
-    configuration required in some web applications.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPSubGroupClass" id="AuthLDAPSubGroupClass">AuthLDAPSubGroupClass</a> <a name="authldapsubgroupclass" id="authldapsubgroupclass">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies which LDAP objectClass values identify directory
+objects that are groups during sub-group processing.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPSubGroupClass <em>LdapObjectClass</em></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthLDAPSubGroupClass groupOfNames groupOfUniqueNames</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.0 and later</td></tr>
+</table>
+    <p>An LDAP group object may contain members that are users and
+    members that are groups (called nested or sub groups). The
+    <code>AuthLDAPSubGroupAttribute</code> directive identifies the
+    labels of members that may be sub-groups of the current group
+    (as opposed to user members). The <code>AuthLDAPSubGroupClass</code>
+    directive specifies the LDAP objectClass values used in verifying that
+    these potential sub-groups are in fact group objects. Verified sub-groups
+    can then be searched for more user or sub-group members. Multiple
+    attributes can be used by specifying this directive multiple times.
+    If not specified, then <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> uses the
+    <code>groupOfNames</code> and <code>groupOfUniqueNames</code> values.</p>
 
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="activedirectory" id="activedirectory">Using Active Directory</a></h2>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthLDAPUrl" id="AuthLDAPUrl">AuthLDAPUrl</a> <a name="authldapurl" id="authldapurl">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>URL specifying the LDAP search parameters</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthLDAPUrl <em>url [NONE|SSL|TLS|STARTTLS]</em></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authnz_ldap</td></tr>
+</table>
+    <p>An RFC 2255 URL which specifies the LDAP search parameters
+    to use. The syntax of the URL is</p>
+<div class="example"><p><code>ldap://host:port/basedn?attribute?scope?filter</code></p></div>
+    <p>If you want to specify more than one LDAP URL that Apache should try in turn, the syntax is:</p>
+<pre class="prettyprint lang-config">AuthLDAPUrl "ldap://ldap1.example.com ldap2.example.com/dc=..."</pre>
 
-    <p>An Active Directory installation may support multiple domains at the
-    same time. To distinguish users between domains, an identifier called
-    a User Principle Name (UPN) can be added to a user's entry in the
-    directory. This UPN usually takes the form of the user's account
-    name, followed by the domain components of the particular domain,
-    for example <em>somebody@nz.example.com</em>.</p>
+<p><em><strong>Caveat: </strong>If you specify multiple servers, you need to enclose the entire URL string in quotes;
+otherwise you will get an error: "AuthLDAPURL takes one argument, URL to define LDAP connection.." </em>
+You can of course use search parameters on each of these.</p>
 
-    <p>You may wish to configure the <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code>
-    module to authenticate users present in any of the domains making up
-    the Active Directory forest. In this way both
-    <em>somebody@nz.example.com</em> and <em>someone@au.example.com</em>
-    can be authenticated using the same query at the same time.</p>
+<dl>
+<dt>ldap</dt>
 
-    <p>To make this practical, Active Directory supports the concept of
-    a Global Catalog. This Global Catalog is a read only copy of selected
-    attributes of all the Active Directory servers within the Active
-    Directory forest. Querying the Global Catalog allows all the domains
-    to be queried in a single query, without the query spanning servers
-    over potentially slow links.</p>
+        <dd>For regular ldap, use the
+        string <code>ldap</code>. For secure LDAP, use <code>ldaps</code>
+        instead. Secure LDAP is only available if Apache was linked
+        to an LDAP library with SSL support.</dd>
 
-    <p>If enabled, the Global Catalog is an independent directory server
-    that runs on port 3268 (3269 for SSL). To search for a user, do a
-    subtree search for the attribute <em>userPrincipalName</em>, with
-    an empty search root, like so:</p>
+<dt>host:port</dt>
 
-<pre class="prettyprint lang-config">AuthLDAPBindDN apache@example.com
-AuthLDAPBindPassword password
-AuthLDAPURL ldap://10.0.0.1:3268/?userPrincipalName?sub</pre>
+        <dd>
+          <p>The name/port of the ldap server (defaults to
+          <code>localhost:389</code> for <code>ldap</code>, and
+          <code>localhost:636</code> for <code>ldaps</code>). To
+          specify multiple, redundant LDAP servers, just list all
+          servers, separated by spaces. <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code>
+          will try connecting to each server in turn, until it makes a
+          successful connection. If multiple ldap servers are specified,
+          then entire LDAP URL must be encapsulated in double quotes.</p>
 
+          <p>Once a connection has been made to a server, that
+          connection remains active for the life of the
+          <code class="program"><a href="../programs/httpd.html">httpd</a></code> process, or until the LDAP server goes
+          down.</p>
 
-    <p>Users will need to enter their User Principal Name as a login, in
-    the form <em>somebody@nz.example.com</em>.</p>
+          <p>If the LDAP server goes down and breaks an existing
+          connection, <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> will attempt to
+          re-connect, starting with the primary server, and trying
+          each redundant server in turn. Note that this is different
+          than a true round-robin search.</p>
+        </dd>
 
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="frontpage" id="frontpage">Using Microsoft
-    FrontPage with mod_authnz_ldap</a></h2>
+<dt>basedn</dt>
 
-    <p>Normally, FrontPage uses FrontPage-web-specific user/group
-    files (i.e., the <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code> and
-    <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code> modules) to handle all
-    authentication. Unfortunately, it is not possible to just
-    change to LDAP authentication by adding the proper directives,
-    because it will break the <em>Permissions</em> forms in
-    the FrontPage client, which attempt to modify the standard
-    text-based authorization files.</p>
+        <dd>The DN of the branch of the
+        directory where all searches should start from. At the very
+        least, this must be the top of your directory tree, but
+        could also specify a subtree in the directory.</dd>
 
-    <p>Once a FrontPage web has been created, adding LDAP
-    authentication to it is a matter of adding the following
-    directives to <em>every</em> <code>.htaccess</code> file
-    that gets created in the web</p>
-<pre class="prettyprint lang-config">AuthLDAPURL       "the url"
-AuthGroupFile     "mygroupfile"
-Require group     "mygroupfile"</pre>
+<dt>attribute</dt>
 
+        <dd>The attribute to search for.
+        Although RFC 2255 allows a comma-separated list of
+        attributes, only the first attribute will be used, no
+        matter how many are provided. If no attributes are
+        provided, the default is to use <code>uid</code>. It's a good
+        idea to choose an attribute that will be unique across all
+        entries in the subtree you will be using.  All attributes
+        listed will be put into the environment with an AUTHENTICATE_ prefix
+        for use by other modules.</dd>
 
-<h3><a name="howitworks" id="howitworks">How It Works</a></h3>
+<dt>scope</dt>
 
-    <p>FrontPage restricts access to a web by adding the <code>Require
-    valid-user</code> directive to the <code>.htaccess</code>
-    files. The <code>Require valid-user</code> directive will succeed for
-    any user who is valid <em>as far as LDAP is
-    concerned</em>. This means that anybody who has an entry in
-    the LDAP directory is considered a valid user, whereas FrontPage
-    considers only those people in the local user file to be
-    valid. By substituting the ldap-group with group file authorization,
-    Apache is allowed to consult the local user file (which is managed by
-    FrontPage) - instead of LDAP - when handling authorizing the user.</p>
+        <dd>The scope of the search. Can be either <code>one</code> or
+        <code>sub</code>. Note that a scope of <code>base</code> is
+        also supported by RFC 2255, but is not supported by this
+        module. If the scope is not provided, or if <code>base</code> scope
+        is specified, the default is to use a scope of
+        <code>sub</code>.</dd>
 
-    <p>Once directives have been added as specified above,
-    FrontPage users will be able to perform all management
-    operations from the FrontPage client.</p>
+<dt>filter</dt>
 
+        <dd>A valid LDAP search filter. If
+        not provided, defaults to <code>(objectClass=*)</code>, which
+        will search for all objects in the tree. Filters are
+        limited to approximately 8000 characters (the definition of
+        <code>MAX_STRING_LEN</code> in the Apache source code). This
+        should be more than sufficient for any application. In 2.4.10 and later,
+        The word "none" may be used to not use any filter, which may be 
+        required by some primitive LDAP servers.</dd>
+</dl>
 
-<h3><a name="fpcaveats" id="fpcaveats">Caveats</a></h3>
+    <p>When doing searches, the attribute, filter and username passed
+    by the HTTP client are combined to create a search filter that
+    looks like
+    <code>(&amp;(<em>filter</em>)(<em>attribute</em>=<em>username</em>))</code>.</p>
 
-    <ul>
-      <li>When choosing the LDAP URL, the attribute to use for
-      authentication should be something that will also be valid
-      for putting into a <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code> user file.
-      The user ID is ideal for this.</li>
+    <p>For example, consider an URL of
+    <code>ldap://ldap.example.com/o=Example?cn?sub?(posixid=*)</code>. When
+    a client attempts to connect using a username of <code>Babs
+    Jenson</code>, the resulting search filter will be
+    <code>(&amp;(posixid=*)(cn=Babs Jenson))</code>.</p>
 
-      <li>When adding users via FrontPage, FrontPage administrators
-      should choose usernames that already exist in the LDAP
-      directory (for obvious reasons). Also, the password that the
-      administrator enters into the form is ignored, since Apache
-      will actually be authenticating against the password in the
-      LDAP database, and not against the password in the local user
-      file. This could cause confusion for web administrators.</li>
+    <p>An optional parameter can be added to allow the LDAP Url to override
+    the connection type.  This parameter can be one of the following:</p>
 
-      
-      <li>Apache must be compiled with <code class="module"><a href="../mod/mod_auth_basic.html">mod_auth_basic</a></code>,
-      <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code> and
-      <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code> in order to
-      use FrontPage support. This is because Apache will still use
-      the <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code> group file for determine
-      the extent of a user's access to the FrontPage web.</li>
+<dl>
+    <dt>NONE</dt>
+        <dd>Establish an unsecure connection on the default LDAP port. This
+        is the same as <code>ldap://</code> on port 389.</dd>
+    <dt>SSL</dt>
+        <dd>Establish a secure connection on the default secure LDAP port.
+        This is the same as <code>ldaps://</code></dd>
+    <dt>TLS | STARTTLS</dt>
+        <dd>Establish an upgraded secure connection on the default LDAP port.
+        This connection will be initiated on port 389 by default and then
+        upgraded to a secure connection on the same port.</dd>
+</dl>
 
-      <li>The directives must be put in the <code>.htaccess</code>
-      files. Attempting to put them inside <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code> or <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code> directives won't work. This
-      is because <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> has to be able to grab
-      the <code class="directive"><a href="../mod/mod_authz_groupfile.html#authgroupfile">AuthGroupFile</a></code>
-      directive that is found in FrontPage <code>.htaccess</code>
-      files so that it knows where to look for the valid user list. If
-      the <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> directives aren't in the same
-      <code>.htaccess</code> file as the FrontPage directives, then
-      the hack won't work, because <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> will
-      never get a chance to process the <code>.htaccess</code> file,
-      and won't be able to find the FrontPage-managed user file.</li>
-    </ul>
+    <p>See above for examples of <code class="directive"><a href="#authldapurl">AuthLDAPURL</a></code> URLs.</p>
 
 </div>
 </div>
diff --git a/docs/manual/mod/mod_authz_core.html.en b/docs/manual/mod/mod_authz_core.html.en
index 3f06a42208..56f00202a9 100644
--- a/docs/manual/mod/mod_authz_core.html.en
+++ b/docs/manual/mod/mod_authz_core.html.en
@@ -44,7 +44,12 @@
     also allows for advanced logic to be applied to the
     authorization processing.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#authzalias">Creating Authorization Provider Aliases</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#logic">Authorization Containers</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#requiredirectives">The Require Directives</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#authmerging">AuthMerging</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#authzprovideralias">&lt;AuthzProviderAlias&gt;</a></li>
@@ -54,12 +59,211 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#requireany">&lt;RequireAny&gt;</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#requirenone">&lt;RequireNone&gt;</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#authzalias">Creating Authorization Provider Aliases</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#logic">Authorization Containers</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#requiredirectives">The Require Directives</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="authzalias" id="authzalias">Creating Authorization Provider Aliases</a></h2>
+
+    <p>Extended authorization providers can be created within the configuration
+    file and assigned an alias name.  The alias providers can then be referenced
+    through the <code class="directive"><a href="#require">Require</a></code> directive
+    in the same way as a base authorization provider.  Besides the ability to
+    create and alias an extended provider, it also allows the same extended
+    authorization provider to be referenced by multiple locations.
+    </p>
+
+    <h3><a name="example" id="example">Example</a></h3>
+        <p>The example below creates two different ldap authorization provider
+        aliases based on the ldap-group authorization provider.  This example
+        allows a single authorization location to check group membership within
+        multiple ldap hosts:
+        </p>
+
+        <pre class="prettyprint lang-config">&lt;AuthzProviderAlias ldap-group ldap-group-alias1 cn=my-group,o=ctx&gt;
+    AuthLDAPBindDN cn=youruser,o=ctx
+    AuthLDAPBindPassword yourpassword
+    AuthLDAPURL ldap://ldap.host/o=ctx
+&lt;/AuthzProviderAlias&gt;
+
+&lt;AuthzProviderAlias ldap-group ldap-group-alias2 cn=my-other-group,o=dev&gt;
+    AuthLDAPBindDN cn=yourotheruser,o=dev
+    AuthLDAPBindPassword yourotherpassword
+    AuthLDAPURL ldap://other.ldap.host/o=dev?cn
+&lt;/AuthzProviderAlias&gt;
+
+Alias "/secure" "/webpages/secure"
+&lt;Directory "/webpages/secure"&gt;
+    Require all granted
+    
+    AuthBasicProvider file
+    
+    AuthType Basic
+    AuthName LDAP_Protected_Place
+    
+    #implied OR operation
+    Require ldap-group-alias1
+    Require ldap-group-alias2
+&lt;/Directory&gt;</pre>
+
+    
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="logic" id="logic">Authorization Containers</a></h2>
+
+    <p>The authorization container directives
+    <code class="directive"><a href="#requireall">&lt;RequireAll&gt;</a></code>,
+    <code class="directive"><a href="#requireany">&lt;RequireAny&gt;</a></code>
+    and
+    <code class="directive"><a href="#requirenone">&lt;RequireNone&gt;</a></code>
+    may be combined with each other and with the
+    <code class="directive"><a href="#require">Require</a></code>
+    directive to express complex authorization logic.</p>
+
+    <p>The example below expresses the following authorization logic.
+    In order to access the resource, the user must either be the
+    <code>superadmin</code> user, or belong to both the
+    <code>admins</code> group and the <code>Administrators</code> LDAP
+    group and either belong to the <code>sales</code> group or
+    have the LDAP <code>dept</code> attribute <code>sales</code>.
+    Furthermore, in order to access the resource, the user must
+    not belong to either the <code>temps</code> group or the
+    LDAP group <code>Temporary Employees</code>.</p>
+
+    <pre class="prettyprint lang-config">&lt;Directory "/www/mydocs"&gt;
+    &lt;RequireAll&gt;
+        &lt;RequireAny&gt;
+            Require user superadmin
+            &lt;RequireAll&gt;
+                Require group admins
+                Require ldap-group cn=Administrators,o=Airius
+                &lt;RequireAny&gt;
+                    Require group sales
+                    Require ldap-attribute dept="sales"
+                &lt;/RequireAny&gt;
+            &lt;/RequireAll&gt;
+        &lt;/RequireAny&gt;
+        &lt;RequireNone&gt;
+            Require group temps
+            Require ldap-group cn=Temporary Employees,o=Airius
+        &lt;/RequireNone&gt;
+    &lt;/RequireAll&gt;
+&lt;/Directory&gt;</pre>
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="requiredirectives" id="requiredirectives">The Require Directives</a></h2>
+
+  <p><code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code> provides some generic authorization
+  providers which can be used with the
+  <code class="directive"><a href="#require">Require</a></code> directive.</p>
+
+  <h3><a name="reqenv" id="reqenv">Require env</a></h3>
+
+    <p>The <code>env</code> provider allows access to the server
+    to be controlled based on the existence of an <a href="../env.html">environment variable</a>. When <code>Require
+    env <var>env-variable</var></code> is specified, then the request is
+    allowed access if the environment variable <var>env-variable</var>
+    exists. The server provides the ability to set environment
+    variables in a flexible way based on characteristics of the client
+    request using the directives provided by
+    <code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code>. Therefore, this directive can be
+    used to allow access based on such factors as the clients
+    <code>User-Agent</code> (browser type), <code>Referer</code>, or
+    other HTTP request header fields.</p>
+
+    <pre class="prettyprint lang-config">SetEnvIf User-Agent ^KnockKnock/2\.0 let_me_in
+&lt;Directory "/docroot"&gt;
+    Require env let_me_in
+&lt;/Directory&gt;</pre>
+
+
+    <p>In this case, browsers with a user-agent string beginning
+    with <code>KnockKnock/2.0</code> will be allowed access, and all
+    others will be denied.</p>
+
+    <p>When the server looks up a path via an internal 
+    <a class="glossarylink" href="../glossary.html#subrequest" title="see glossary">subrequest</a> such as looking 
+    for a <code class="directive"><a href="../mod/mod_dir.html#directoryindex">DirectoryIndex</a></code> 
+    or generating a directory listing with <code class="module"><a href="../mod/mod_autoindex.html">mod_autoindex</a></code>,
+    per-request environment variables are <em>not</em> inherited in the 
+    subrequest. Additionally, 
+    <code class="directive"><a href="../mod/mod_setenvif.html#setenvif">SetEnvIf</a></code> directives
+    are not separately evaluated in the subrequest due to the API phases
+    <code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code> takes action in.</p>
+
+  
+
+  <h3><a name="reqall" id="reqall">Require all</a></h3>
+
+    <p>The <code>all</code> provider mimics the functionality that
+    was previously provided by the 'Allow from all' and 'Deny from all'
+    directives.  This provider can take one of two arguments which are
+    'granted' or 'denied'.  The following examples will grant or deny
+    access to all requests.</p>
+
+    <pre class="prettyprint lang-config">Require all granted</pre>
+
+
+    <pre class="prettyprint lang-config">Require all denied</pre>
+
+
+  
+
+  <h3><a name="reqmethod" id="reqmethod">Require method</a></h3>
+
+    <p>The <code>method</code> provider allows using the HTTP method in
+    authorization decisions. The GET and HEAD methods are treated as
+    equivalent. The TRACE method is not available to this provider,
+    use <code class="directive"><a href="../mod/core.html#traceenable">TraceEnable</a></code> instead.</p>
+
+    <p>The following example will only allow GET, HEAD, POST, and OPTIONS
+    requests:</p>
+
+    <pre class="prettyprint lang-config">Require method GET POST OPTIONS</pre>
+
+
+    <p>The following example will allow GET, HEAD, POST, and OPTIONS
+    requests without authentication, and require a valid user for all other
+    methods:</p>
+
+    <pre class="prettyprint lang-config">&lt;RequireAny&gt;
+     Require method GET POST OPTIONS
+     Require valid-user
+&lt;/RequireAny&gt;</pre>
+
+
+  
+
+  <h3><a name="reqexpr" id="reqexpr">Require expr</a></h3>
+
+  <p>The <code>expr</code> provider allows basing authorization
+  decisions on arbitrary expressions.</p>
+
+    <pre class="prettyprint lang-config">Require expr "%{TIME_HOUR} -ge 9 &amp;&amp; %{TIME_HOUR} -le 17"</pre>
+
+
+    <pre class="prettyprint lang-config">&lt;RequireAll&gt;
+    Require expr "!(%{QUERY_STRING} =~ /secret/)"
+    Require expr "%{REQUEST_URI} in { '/example.cgi', '/other.cgi' }" 
+&lt;/RequireAll&gt;</pre>
+
+
+    <pre class="prettyprint lang-config">Require expr "!(%{QUERY_STRING} =~ /secret/) &amp;&amp; %{REQUEST_URI} in { '/example.cgi', '/other.cgi' }"</pre>
+
+
+  <p>The syntax is described in the <a href="../expr.html">ap_expr</a>
+  documentation.</p>
+
+  <p>Normally, the expression is evaluated before authentication. However, if
+  the expression returns false and references the variable
+  <code>%{REMOTE_USER}</code>, authentication will be performed and
+  the expression will be re-evaluated.</p>
+
+  
+
+
+</div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="AuthMerging" id="AuthMerging">AuthMerging</a> <a name="authmerging" id="authmerging">Directive</a></h2>
 <table class="directive">
@@ -427,210 +631,6 @@ must succeed for the enclosing directive to not fail.</td></tr>
 <li><a href="../howto/auth.html">Authentication, Authorization,
     and Access Control</a></li>
 </ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="authzalias" id="authzalias">Creating Authorization Provider Aliases</a></h2>
-
-    <p>Extended authorization providers can be created within the configuration
-    file and assigned an alias name.  The alias providers can then be referenced
-    through the <code class="directive"><a href="#require">Require</a></code> directive
-    in the same way as a base authorization provider.  Besides the ability to
-    create and alias an extended provider, it also allows the same extended
-    authorization provider to be referenced by multiple locations.
-    </p>
-
-    <h3><a name="example" id="example">Example</a></h3>
-        <p>The example below creates two different ldap authorization provider
-        aliases based on the ldap-group authorization provider.  This example
-        allows a single authorization location to check group membership within
-        multiple ldap hosts:
-        </p>
-
-        <pre class="prettyprint lang-config">&lt;AuthzProviderAlias ldap-group ldap-group-alias1 cn=my-group,o=ctx&gt;
-    AuthLDAPBindDN cn=youruser,o=ctx
-    AuthLDAPBindPassword yourpassword
-    AuthLDAPURL ldap://ldap.host/o=ctx
-&lt;/AuthzProviderAlias&gt;
-
-&lt;AuthzProviderAlias ldap-group ldap-group-alias2 cn=my-other-group,o=dev&gt;
-    AuthLDAPBindDN cn=yourotheruser,o=dev
-    AuthLDAPBindPassword yourotherpassword
-    AuthLDAPURL ldap://other.ldap.host/o=dev?cn
-&lt;/AuthzProviderAlias&gt;
-
-Alias "/secure" "/webpages/secure"
-&lt;Directory "/webpages/secure"&gt;
-    Require all granted
-    
-    AuthBasicProvider file
-    
-    AuthType Basic
-    AuthName LDAP_Protected_Place
-    
-    #implied OR operation
-    Require ldap-group-alias1
-    Require ldap-group-alias2
-&lt;/Directory&gt;</pre>
-
-    
-
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="logic" id="logic">Authorization Containers</a></h2>
-
-    <p>The authorization container directives
-    <code class="directive"><a href="#requireall">&lt;RequireAll&gt;</a></code>,
-    <code class="directive"><a href="#requireany">&lt;RequireAny&gt;</a></code>
-    and
-    <code class="directive"><a href="#requirenone">&lt;RequireNone&gt;</a></code>
-    may be combined with each other and with the
-    <code class="directive"><a href="#require">Require</a></code>
-    directive to express complex authorization logic.</p>
-
-    <p>The example below expresses the following authorization logic.
-    In order to access the resource, the user must either be the
-    <code>superadmin</code> user, or belong to both the
-    <code>admins</code> group and the <code>Administrators</code> LDAP
-    group and either belong to the <code>sales</code> group or
-    have the LDAP <code>dept</code> attribute <code>sales</code>.
-    Furthermore, in order to access the resource, the user must
-    not belong to either the <code>temps</code> group or the
-    LDAP group <code>Temporary Employees</code>.</p>
-
-    <pre class="prettyprint lang-config">&lt;Directory "/www/mydocs"&gt;
-    &lt;RequireAll&gt;
-        &lt;RequireAny&gt;
-            Require user superadmin
-            &lt;RequireAll&gt;
-                Require group admins
-                Require ldap-group cn=Administrators,o=Airius
-                &lt;RequireAny&gt;
-                    Require group sales
-                    Require ldap-attribute dept="sales"
-                &lt;/RequireAny&gt;
-            &lt;/RequireAll&gt;
-        &lt;/RequireAny&gt;
-        &lt;RequireNone&gt;
-            Require group temps
-            Require ldap-group cn=Temporary Employees,o=Airius
-        &lt;/RequireNone&gt;
-    &lt;/RequireAll&gt;
-&lt;/Directory&gt;</pre>
-
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="requiredirectives" id="requiredirectives">The Require Directives</a></h2>
-
-  <p><code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code> provides some generic authorization
-  providers which can be used with the
-  <code class="directive"><a href="#require">Require</a></code> directive.</p>
-
-  <h3><a name="reqenv" id="reqenv">Require env</a></h3>
-
-    <p>The <code>env</code> provider allows access to the server
-    to be controlled based on the existence of an <a href="../env.html">environment variable</a>. When <code>Require
-    env <var>env-variable</var></code> is specified, then the request is
-    allowed access if the environment variable <var>env-variable</var>
-    exists. The server provides the ability to set environment
-    variables in a flexible way based on characteristics of the client
-    request using the directives provided by
-    <code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code>. Therefore, this directive can be
-    used to allow access based on such factors as the clients
-    <code>User-Agent</code> (browser type), <code>Referer</code>, or
-    other HTTP request header fields.</p>
-
-    <pre class="prettyprint lang-config">SetEnvIf User-Agent ^KnockKnock/2\.0 let_me_in
-&lt;Directory "/docroot"&gt;
-    Require env let_me_in
-&lt;/Directory&gt;</pre>
-
-
-    <p>In this case, browsers with a user-agent string beginning
-    with <code>KnockKnock/2.0</code> will be allowed access, and all
-    others will be denied.</p>
-
-    <p>When the server looks up a path via an internal 
-    <a class="glossarylink" href="../glossary.html#subrequest" title="see glossary">subrequest</a> such as looking 
-    for a <code class="directive"><a href="../mod/mod_dir.html#directoryindex">DirectoryIndex</a></code> 
-    or generating a directory listing with <code class="module"><a href="../mod/mod_autoindex.html">mod_autoindex</a></code>,
-    per-request environment variables are <em>not</em> inherited in the 
-    subrequest. Additionally, 
-    <code class="directive"><a href="../mod/mod_setenvif.html#setenvif">SetEnvIf</a></code> directives
-    are not separately evaluated in the subrequest due to the API phases
-    <code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code> takes action in.</p>
-
-  
-
-  <h3><a name="reqall" id="reqall">Require all</a></h3>
-
-    <p>The <code>all</code> provider mimics the functionality that
-    was previously provided by the 'Allow from all' and 'Deny from all'
-    directives.  This provider can take one of two arguments which are
-    'granted' or 'denied'.  The following examples will grant or deny
-    access to all requests.</p>
-
-    <pre class="prettyprint lang-config">Require all granted</pre>
-
-
-    <pre class="prettyprint lang-config">Require all denied</pre>
-
-
-  
-
-  <h3><a name="reqmethod" id="reqmethod">Require method</a></h3>
-
-    <p>The <code>method</code> provider allows using the HTTP method in
-    authorization decisions. The GET and HEAD methods are treated as
-    equivalent. The TRACE method is not available to this provider,
-    use <code class="directive"><a href="../mod/core.html#traceenable">TraceEnable</a></code> instead.</p>
-
-    <p>The following example will only allow GET, HEAD, POST, and OPTIONS
-    requests:</p>
-
-    <pre class="prettyprint lang-config">Require method GET POST OPTIONS</pre>
-
-
-    <p>The following example will allow GET, HEAD, POST, and OPTIONS
-    requests without authentication, and require a valid user for all other
-    methods:</p>
-
-    <pre class="prettyprint lang-config">&lt;RequireAny&gt;
-     Require method GET POST OPTIONS
-     Require valid-user
-&lt;/RequireAny&gt;</pre>
-
-
-  
-
-  <h3><a name="reqexpr" id="reqexpr">Require expr</a></h3>
-
-  <p>The <code>expr</code> provider allows basing authorization
-  decisions on arbitrary expressions.</p>
-
-    <pre class="prettyprint lang-config">Require expr "%{TIME_HOUR} -ge 9 &amp;&amp; %{TIME_HOUR} -le 17"</pre>
-
-
-    <pre class="prettyprint lang-config">&lt;RequireAll&gt;
-    Require expr "!(%{QUERY_STRING} =~ /secret/)"
-    Require expr "%{REQUEST_URI} in { '/example.cgi', '/other.cgi' }" 
-&lt;/RequireAll&gt;</pre>
-
-
-    <pre class="prettyprint lang-config">Require expr "!(%{QUERY_STRING} =~ /secret/) &amp;&amp; %{REQUEST_URI} in { '/example.cgi', '/other.cgi' }"</pre>
-
-
-  <p>The syntax is described in the <a href="../expr.html">ap_expr</a>
-  documentation.</p>
-
-  <p>Normally, the expression is evaluated before authentication. However, if
-  the expression returns false and references the variable
-  <code>%{REMOTE_USER}</code>, authentication will be performed and
-  the expression will be re-evaluated.</p>
-
-  
-
-
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_authz_dbd.html.en b/docs/manual/mod/mod_authz_dbd.html.en
index a3f016e33f..a6093ec2b9 100644
--- a/docs/manual/mod/mod_authz_dbd.html.en
+++ b/docs/manual/mod/mod_authz_dbd.html.en
@@ -48,19 +48,19 @@
        the backend database driver and connection parameters, and
        manage the database connections.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#authzdbdlogintoreferer">AuthzDBDLoginToReferer</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#authzdbdquery">AuthzDBDQuery</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#authzdbdredirectquery">AuthzDBDRedirectQuery</a></li>
-</ul>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#requiredirectives">The Require Directives</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#login">Database Login</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#client">Client Login integration</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#example">Configuration example</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<ul id="toc">
+<li><img alt="" src="../images/down.gif" /> <a href="#authzdbdlogintoreferer">AuthzDBDLoginToReferer</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#authzdbdquery">AuthzDBDQuery</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#authzdbdredirectquery">AuthzDBDRedirectQuery</a></li>
+</ul>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code></li>
 <li>
@@ -70,90 +70,6 @@
 <li><code class="directive"><a href="../mod/mod_dbd.html#dbdparams">DBDParams</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthzDBDLoginToReferer" id="AuthzDBDLoginToReferer">AuthzDBDLoginToReferer</a> <a name="authzdbdlogintoreferer" id="authzdbdlogintoreferer">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Determines whether to redirect the Client to the Referring
-page on successful login or logout if a <code>Referer</code> request
-header is present</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthzDBDLoginToReferer On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthzDBDLoginToReferer Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_dbd</td></tr>
-</table>
-    <p>In conjunction with <code>Require dbd-login</code> or
-    <code>Require dbd-logout</code>, this provides the option to
-    redirect the client back to the Referring page (the URL in
-    the <code>Referer</code> HTTP request header, if present).
-    When there is no <code>Referer</code> header,
-    <code>AuthzDBDLoginToReferer On</code> will be ignored.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthzDBDQuery" id="AuthzDBDQuery">AuthzDBDQuery</a> <a name="authzdbdquery" id="authzdbdquery">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specify the SQL Query for the required operation</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthzDBDQuery <var>query</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_dbd</td></tr>
-</table>
-    <p>The <code class="directive">AuthzDBDQuery</code> specifies an SQL
-    query to run.  The purpose of the query depends on the
-    <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> directive in
-    effect.</p>
-    <ul>
-    <li>When used with a <code>Require dbd-group</code> directive,
-    it specifies a query to look up groups for the current user.  This is
-    the standard functionality of other authorization modules such as
-    <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code> and <code class="module"><a href="../mod/mod_authz_dbm.html">mod_authz_dbm</a></code>.
-    The first column value of each row returned by the query statement
-    should be a string containing a group name.  Zero, one, or more rows
-    may be returned.
-    <pre class="prettyprint lang-config">Require dbd-group
-AuthzDBDQuery "SELECT group FROM groups WHERE user = %s"</pre>
-
-    </li>
-    <li>When used with a <code>Require dbd-login</code> or
-    <code>Require dbd-logout</code> directive, it will never deny access,
-    but will instead execute a SQL statement designed to log the user
-    in or out.  The user must already be authenticated with
-    <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>.
-    <pre class="prettyprint lang-config">Require dbd-login
-AuthzDBDQuery "UPDATE authn SET login = 'true' WHERE user = %s"</pre>
-
-    </li>
-    </ul>
-    <p>In all cases, the user's ID will be passed as a single string
-    parameter when the SQL query is executed.  It may be referenced within
-    the query statement using a <code>%s</code> format specifier.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthzDBDRedirectQuery" id="AuthzDBDRedirectQuery">AuthzDBDRedirectQuery</a> <a name="authzdbdredirectquery" id="authzdbdredirectquery">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specify a query to look up a login page for the user</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthzDBDRedirectQuery <var>query</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_dbd</td></tr>
-</table>
-    <p>Specifies an optional SQL query to use after successful login
-    (or logout) to redirect the user to a URL, which may be
-    specific to the user.  The user's ID will be passed as a single string
-    parameter when the SQL query is executed.  It may be referenced within
-    the query statement using a <code>%s</code> format specifier.</p>
-    <pre class="prettyprint lang-config">AuthzDBDRedirectQuery "SELECT userpage FROM userpages WHERE user = %s"</pre>
-
-    <p>The first column value of the first row returned by the query
-    statement should be a string containing a URL to which to redirect
-    the client.  Subsequent rows will be ignored.  If no rows are returned,
-    the client will not be redirected.</p>
-    <p>Note that <code class="directive">AuthzDBDLoginToReferer</code> takes
-    precedence if both are set.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="requiredirectives" id="requiredirectives">The Require Directives</a></h2>
 
@@ -281,6 +197,90 @@ DBDExptime 300
   &lt;/Files&gt;
 &lt;/Directory&gt;</pre>
 
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthzDBDLoginToReferer" id="AuthzDBDLoginToReferer">AuthzDBDLoginToReferer</a> <a name="authzdbdlogintoreferer" id="authzdbdlogintoreferer">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Determines whether to redirect the Client to the Referring
+page on successful login or logout if a <code>Referer</code> request
+header is present</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthzDBDLoginToReferer On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthzDBDLoginToReferer Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_dbd</td></tr>
+</table>
+    <p>In conjunction with <code>Require dbd-login</code> or
+    <code>Require dbd-logout</code>, this provides the option to
+    redirect the client back to the Referring page (the URL in
+    the <code>Referer</code> HTTP request header, if present).
+    When there is no <code>Referer</code> header,
+    <code>AuthzDBDLoginToReferer On</code> will be ignored.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthzDBDQuery" id="AuthzDBDQuery">AuthzDBDQuery</a> <a name="authzdbdquery" id="authzdbdquery">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specify the SQL Query for the required operation</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthzDBDQuery <var>query</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_dbd</td></tr>
+</table>
+    <p>The <code class="directive">AuthzDBDQuery</code> specifies an SQL
+    query to run.  The purpose of the query depends on the
+    <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> directive in
+    effect.</p>
+    <ul>
+    <li>When used with a <code>Require dbd-group</code> directive,
+    it specifies a query to look up groups for the current user.  This is
+    the standard functionality of other authorization modules such as
+    <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code> and <code class="module"><a href="../mod/mod_authz_dbm.html">mod_authz_dbm</a></code>.
+    The first column value of each row returned by the query statement
+    should be a string containing a group name.  Zero, one, or more rows
+    may be returned.
+    <pre class="prettyprint lang-config">Require dbd-group
+AuthzDBDQuery "SELECT group FROM groups WHERE user = %s"</pre>
+
+    </li>
+    <li>When used with a <code>Require dbd-login</code> or
+    <code>Require dbd-logout</code> directive, it will never deny access,
+    but will instead execute a SQL statement designed to log the user
+    in or out.  The user must already be authenticated with
+    <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>.
+    <pre class="prettyprint lang-config">Require dbd-login
+AuthzDBDQuery "UPDATE authn SET login = 'true' WHERE user = %s"</pre>
+
+    </li>
+    </ul>
+    <p>In all cases, the user's ID will be passed as a single string
+    parameter when the SQL query is executed.  It may be referenced within
+    the query statement using a <code>%s</code> format specifier.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthzDBDRedirectQuery" id="AuthzDBDRedirectQuery">AuthzDBDRedirectQuery</a> <a name="authzdbdredirectquery" id="authzdbdredirectquery">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specify a query to look up a login page for the user</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthzDBDRedirectQuery <var>query</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_dbd</td></tr>
+</table>
+    <p>Specifies an optional SQL query to use after successful login
+    (or logout) to redirect the user to a URL, which may be
+    specific to the user.  The user's ID will be passed as a single string
+    parameter when the SQL query is executed.  It may be referenced within
+    the query statement using a <code>%s</code> format specifier.</p>
+    <pre class="prettyprint lang-config">AuthzDBDRedirectQuery "SELECT userpage FROM userpages WHERE user = %s"</pre>
+
+    <p>The first column value of the first row returned by the query
+    statement should be a string containing a URL to which to redirect
+    the client.  Subsequent rows will be ignored.  If no rows are returned,
+    the client will not be redirected.</p>
+    <p>Note that <code class="directive">AuthzDBDLoginToReferer</code> takes
+    precedence if both are set.</p>
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_authz_dbm.html.en b/docs/manual/mod/mod_authz_dbm.html.en
index 481d330afe..3099e99637 100644
--- a/docs/manual/mod/mod_authz_dbm.html.en
+++ b/docs/manual/mod/mod_authz_dbm.html.en
@@ -40,20 +40,69 @@
        of the web site by group membership. Similar functionality is
        provided by <code class="module"><a href="../mod/mod_authz_groupfile.html">mod_authz_groupfile</a></code>.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#requiredirectives">The Require Directives</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#examples">Example usage</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#authdbmgroupfile">AuthDBMGroupFile</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#authzdbmtype">AuthzDBMType</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#requiredirectives">The Require Directives</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#examples">Example usage</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="requiredirectives" id="requiredirectives">The Require Directives</a></h2>
+
+    <p>Apache's <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code>
+    directives are used during the authorization phase to ensure that
+    a user is allowed to access a resource.  mod_authz_dbm extends the
+    authorization types with <code>dbm-group</code>.</p>
+
+    <p>Since v2.4.8, <a href="../expr.html">expressions</a> are supported
+    within the DBM require directives.</p>
+
+<h3><a name="reqgroup" id="reqgroup">Require dbm-group</a></h3>
+
+    <p>This directive specifies group membership that is required for the
+    user to gain access.</p>
+
+    <pre class="prettyprint lang-config">Require dbm-group admin</pre>
+
+
+
+
+<h3><a name="reqfilegroup" id="reqfilegroup">Require dbm-file-group</a></h3>
+
+    <p>When this directive is specified, the user must be a member of the group
+    assigned to the file being accessed.</p>
+
+    <pre class="prettyprint lang-config">Require dbm-file-group</pre>
+
+
+
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="examples" id="examples">Example usage</a></h2>
+
+<p><em>Note that using mod_authz_dbm requires you to require <code>dbm-group</code>
+instead of <code>group</code>:</em>
+</p>
+<pre class="prettyprint lang-config">&lt;Directory "/foo/bar"&gt;
+  AuthType Basic
+  AuthName "Secure Area"
+  AuthBasicProvider dbm
+  AuthDBMUserFile "site/data/users"
+  AuthDBMGroupFile "site/data/users"
+  Require dbm-group admin
+&lt;/Directory&gt;</pre>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="AuthDBMGroupFile" id="AuthDBMGroupFile">AuthDBMGroupFile</a> <a name="authdbmgroupfile" id="authdbmgroupfile">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets the name of the database file containing the list
@@ -131,55 +180,6 @@ store list of user groups</td></tr>
     <p>It is crucial that whatever program you use to create your group
     files is configured to use the same type of database.</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="requiredirectives" id="requiredirectives">The Require Directives</a></h2>
-
-    <p>Apache's <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code>
-    directives are used during the authorization phase to ensure that
-    a user is allowed to access a resource.  mod_authz_dbm extends the
-    authorization types with <code>dbm-group</code>.</p>
-
-    <p>Since v2.4.8, <a href="../expr.html">expressions</a> are supported
-    within the DBM require directives.</p>
-
-<h3><a name="reqgroup" id="reqgroup">Require dbm-group</a></h3>
-
-    <p>This directive specifies group membership that is required for the
-    user to gain access.</p>
-
-    <pre class="prettyprint lang-config">Require dbm-group admin</pre>
-
-
-
-
-<h3><a name="reqfilegroup" id="reqfilegroup">Require dbm-file-group</a></h3>
-
-    <p>When this directive is specified, the user must be a member of the group
-    assigned to the file being accessed.</p>
-
-    <pre class="prettyprint lang-config">Require dbm-file-group</pre>
-
-
-
-
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="examples" id="examples">Example usage</a></h2>
-
-<p><em>Note that using mod_authz_dbm requires you to require <code>dbm-group</code>
-instead of <code>group</code>:</em>
-</p>
-<pre class="prettyprint lang-config">&lt;Directory "/foo/bar"&gt;
-  AuthType Basic
-  AuthName "Secure Area"
-  AuthBasicProvider dbm
-  AuthDBMUserFile "site/data/users"
-  AuthDBMGroupFile "site/data/users"
-  Require dbm-group admin
-&lt;/Directory&gt;</pre>
-
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_authz_groupfile.html.en b/docs/manual/mod/mod_authz_groupfile.html.en
index fc7388a760..a8f2b04f71 100644
--- a/docs/manual/mod/mod_authz_groupfile.html.en
+++ b/docs/manual/mod/mod_authz_groupfile.html.en
@@ -41,52 +41,18 @@
     of the web site by group membership. Similar functionality is
     provided by <code class="module"><a href="../mod/mod_authz_dbm.html">mod_authz_dbm</a></code>.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#requiredirectives">The Require Directives</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#authgroupfile">AuthGroupFile</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#requiredirectives">The Require Directives</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AuthGroupFile" id="AuthGroupFile">AuthGroupFile</a> <a name="authgroupfile" id="authgroupfile">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets the name of a text file containing the list
-of user groups for authorization</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthGroupFile <var>file-path</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_groupfile</td></tr>
-</table>
-    <p>The <code class="directive">AuthGroupFile</code> directive sets the
-    name of a textual file containing the list of user groups for user
-    authorization. <var>File-path</var> is the path to the group
-    file. If it is not absolute, it is treated as relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</p>
-
-    <p>Each line of the group file contains a groupname followed by a
-    colon, followed by the member usernames separated by spaces.</p>
-
-    <div class="example"><h3>Example:</h3><p><code>
-      mygroup: bob joe anne
-    </code></p></div>
-
-    <p>Note that searching large text files is <em>very</em>
-    inefficient; <code class="directive"><a href="../mod/mod_authz_dbm.html#authdbmgroupfile">AuthDBMGroupFile</a></code> provides a much better performance.</p>
-
-    <div class="warning"><h3>Security</h3>
-      <p>Make sure that the <code class="directive">AuthGroupFile</code> is
-      stored outside the document tree of the web-server; do <em>not</em>
-      put it in the directory that it protects. Otherwise, clients may
-      be able to download the <code class="directive">AuthGroupFile</code>.</p>
-    </div>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="requiredirectives" id="requiredirectives">The Require Directives</a></h2>
 
@@ -119,6 +85,40 @@ of user groups for authorization</td></tr>
 
 
 
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AuthGroupFile" id="AuthGroupFile">AuthGroupFile</a> <a name="authgroupfile" id="authgroupfile">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets the name of a text file containing the list
+of user groups for authorization</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthGroupFile <var>file-path</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authz_groupfile</td></tr>
+</table>
+    <p>The <code class="directive">AuthGroupFile</code> directive sets the
+    name of a textual file containing the list of user groups for user
+    authorization. <var>File-path</var> is the path to the group
+    file. If it is not absolute, it is treated as relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</p>
+
+    <p>Each line of the group file contains a groupname followed by a
+    colon, followed by the member usernames separated by spaces.</p>
+
+    <div class="example"><h3>Example:</h3><p><code>
+      mygroup: bob joe anne
+    </code></p></div>
+
+    <p>Note that searching large text files is <em>very</em>
+    inefficient; <code class="directive"><a href="../mod/mod_authz_dbm.html#authdbmgroupfile">AuthDBMGroupFile</a></code> provides a much better performance.</p>
+
+    <div class="warning"><h3>Security</h3>
+      <p>Make sure that the <code class="directive">AuthGroupFile</code> is
+      stored outside the document tree of the web-server; do <em>not</em>
+      put it in the directory that it protects. Otherwise, clients may
+      be able to download the <code class="directive">AuthGroupFile</code>.</p>
+    </div>
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_authz_host.html.en b/docs/manual/mod/mod_authz_host.html.en
index 286e858a9f..222b696eff 100644
--- a/docs/manual/mod/mod_authz_host.html.en
+++ b/docs/manual/mod/mod_authz_host.html.en
@@ -52,13 +52,13 @@ address)</td></tr>
     leaving other methods unrestricted, by enclosing the directives
     in a <code class="directive"><a href="../mod/core.html#limit">&lt;Limit&gt;</a></code> section.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<p>This module provides no
-            directives.</p>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#requiredirectives">The Require Directives</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<p>This module provides no
+            directives.</p>
+<h3>See also</h3>
 <ul class="seealso">
 <li><a href="../howto/auth.html">Authentication, Authorization,
     and Access Control</a></li>
diff --git a/docs/manual/mod/mod_authz_owner.html.en b/docs/manual/mod/mod_authz_owner.html.en
index 737154bf06..8243d5623d 100644
--- a/docs/manual/mod/mod_authz_owner.html.en
+++ b/docs/manual/mod/mod_authz_owner.html.en
@@ -72,13 +72,13 @@
       "MultiViews"</a> resources.</p>
     </div>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<p>This module provides no
-            directives.</p>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#examples">Configuration Examples</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<p>This module provides no
+            directives.</p>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
diff --git a/docs/manual/mod/mod_authz_user.html.en b/docs/manual/mod/mod_authz_user.html.en
index 9af8b6eb65..3e801a86ef 100644
--- a/docs/manual/mod/mod_authz_user.html.en
+++ b/docs/manual/mod/mod_authz_user.html.en
@@ -43,13 +43,13 @@
     directive. Alternatively <code>Require valid-user</code> can be used to
     grant access to all successfully authenticated users.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<p>This module provides no
-            directives.</p>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#requiredirectives">The Require Directives</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<p>This module provides no
+            directives.</p>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
diff --git a/docs/manual/mod/mod_autoindex.html.en b/docs/manual/mod/mod_autoindex.html.en
index 9864dce3c3..3ed2483390 100644
--- a/docs/manual/mod/mod_autoindex.html.en
+++ b/docs/manual/mod/mod_autoindex.html.en
@@ -80,7 +80,10 @@
     before a 1011-byte file (if in ascending order) even though
     they both are shown as "1K".</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#query">Autoindex Request Query Arguments</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#addalt">AddAlt</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#addaltbyencoding">AddAltByEncoding</a></li>
@@ -99,10 +102,109 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#indexstylesheet">IndexStyleSheet</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#readmename">ReadmeName</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#query">Autoindex Request Query Arguments</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="query" id="query">Autoindex Request Query Arguments</a></h2>
+    
+
+    <p>Various query string arguments are available to give the client
+    some control over the ordering of the directory listing, as well as
+    what files are listed. If you do not wish to give the client this
+    control, the <code><a href="#indexoptions.ignoreclient">IndexOptions
+    IgnoreClient</a></code> option disables that functionality.</p>
+
+    <p>The column sorting headers themselves are self-referencing
+    hyperlinks that add the sort query options shown below. Any
+    option below may be added to any request for the directory
+    resource.</p>
+
+    <ul>
+      <li><code>C=N</code> sorts the directory by file name</li>
+
+      <li><code>C=M</code> sorts the directory by last-modified
+      date, then file name</li>
+
+      <li><code>C=S</code> sorts the directory by size, then file
+      name</li>
+
+      <li class="separate"><code>C=D</code> sorts the directory by description, then
+      file name</li>
+
+      <li><code>O=A</code> sorts the listing in Ascending
+      Order</li>
+
+      <li class="separate"><code>O=D</code> sorts the listing in Descending
+      Order</li>
+
+      <li><code>F=0</code> formats the listing as a simple list
+      (not FancyIndexed)</li>
+
+      <li><code>F=1</code> formats the listing as a FancyIndexed
+      list</li>
+
+      <li class="separate"><code>F=2</code> formats the listing as an
+      HTMLTable FancyIndexed list</li>
+
+      <li><code>V=0</code> disables version sorting</li>
+
+      <li class="separate"><code>V=1</code> enables version sorting</li>
+
+      <li><code>P=<var>pattern</var></code> lists only files matching
+      the given <var>pattern</var></li>
+    </ul>
+
+    <p>Note that the 'P'attern query argument is tested
+    <em>after</em> the usual <code class="directive"><a href="#indexignore">IndexIgnore</a></code> directives are processed,
+    and all file names are still subjected to the same criteria as
+    any other autoindex listing. The Query Arguments parser in
+    <code class="module"><a href="../mod/mod_autoindex.html">mod_autoindex</a></code> will stop abruptly when an unrecognized
+    option is encountered. The Query Arguments must be well formed,
+    according to the table above.</p>
+
+    <p>The simple example below, which can be clipped and saved in
+    a header.html file, illustrates these query options. Note that
+    the unknown "X" argument, for the submit button, is listed last
+    to assure the arguments are all parsed before mod_autoindex
+    encounters the X=Go input.</p>
+
+    <div class="example"><p><code>
+      &lt;form action="" method="get"&gt;<br />
+      <span class="indent">
+        Show me a &lt;select name="F"&gt;<br />
+        <span class="indent">
+          &lt;option value="0"&gt; Plain list&lt;/option&gt;<br />
+          &lt;option value="1" selected="selected"&gt; Fancy list&lt;/option&gt;<br />
+          &lt;option value="2"&gt; Table list&lt;/option&gt;<br />
+        </span>
+        &lt;/select&gt;<br />
+        Sorted by &lt;select name="C"&gt;<br />
+        <span class="indent">
+          &lt;option value="N" selected="selected"&gt; Name&lt;/option&gt;<br />
+          &lt;option value="M"&gt; Date Modified&lt;/option&gt;<br />
+          &lt;option value="S"&gt; Size&lt;/option&gt;<br />
+          &lt;option value="D"&gt; Description&lt;/option&gt;<br />
+        </span>
+        &lt;/select&gt;<br />
+        &lt;select name="O"&gt;<br />
+        <span class="indent">
+          &lt;option value="A" selected="selected"&gt; Ascending&lt;/option&gt;<br />
+          &lt;option value="D"&gt; Descending&lt;/option&gt;<br />
+        </span>
+        &lt;/select&gt;<br />
+        &lt;select name="V"&gt;<br />
+        <span class="indent">
+          &lt;option value="0" selected="selected"&gt; in Normal order&lt;/option&gt;<br />
+          &lt;option value="1"&gt; in Version order&lt;/option&gt;<br />
+        </span>
+        &lt;/select&gt;<br />
+        Matching &lt;input type="text" name="P" value="*" /&gt;<br />
+        &lt;input type="submit" name="X" value="Go" /&gt;<br />
+      </span>
+      &lt;/form&gt;
+    </code></p></div>
+
+</div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="AddAlt" id="AddAlt">AddAlt</a> <a name="addalt" id="addalt">Directive</a></h2>
 <table class="directive">
@@ -910,108 +1012,6 @@ ReadmeName /include/FOOTER.html</pre>
     <p>See also <code class="directive"><a href="#headername">HeaderName</a></code>, where this behavior is described in greater
     detail.</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="query" id="query">Autoindex Request Query Arguments</a></h2>
-    
-
-    <p>Various query string arguments are available to give the client
-    some control over the ordering of the directory listing, as well as
-    what files are listed. If you do not wish to give the client this
-    control, the <code><a href="#indexoptions.ignoreclient">IndexOptions
-    IgnoreClient</a></code> option disables that functionality.</p>
-
-    <p>The column sorting headers themselves are self-referencing
-    hyperlinks that add the sort query options shown below. Any
-    option below may be added to any request for the directory
-    resource.</p>
-
-    <ul>
-      <li><code>C=N</code> sorts the directory by file name</li>
-
-      <li><code>C=M</code> sorts the directory by last-modified
-      date, then file name</li>
-
-      <li><code>C=S</code> sorts the directory by size, then file
-      name</li>
-
-      <li class="separate"><code>C=D</code> sorts the directory by description, then
-      file name</li>
-
-      <li><code>O=A</code> sorts the listing in Ascending
-      Order</li>
-
-      <li class="separate"><code>O=D</code> sorts the listing in Descending
-      Order</li>
-
-      <li><code>F=0</code> formats the listing as a simple list
-      (not FancyIndexed)</li>
-
-      <li><code>F=1</code> formats the listing as a FancyIndexed
-      list</li>
-
-      <li class="separate"><code>F=2</code> formats the listing as an
-      HTMLTable FancyIndexed list</li>
-
-      <li><code>V=0</code> disables version sorting</li>
-
-      <li class="separate"><code>V=1</code> enables version sorting</li>
-
-      <li><code>P=<var>pattern</var></code> lists only files matching
-      the given <var>pattern</var></li>
-    </ul>
-
-    <p>Note that the 'P'attern query argument is tested
-    <em>after</em> the usual <code class="directive"><a href="#indexignore">IndexIgnore</a></code> directives are processed,
-    and all file names are still subjected to the same criteria as
-    any other autoindex listing. The Query Arguments parser in
-    <code class="module"><a href="../mod/mod_autoindex.html">mod_autoindex</a></code> will stop abruptly when an unrecognized
-    option is encountered. The Query Arguments must be well formed,
-    according to the table above.</p>
-
-    <p>The simple example below, which can be clipped and saved in
-    a header.html file, illustrates these query options. Note that
-    the unknown "X" argument, for the submit button, is listed last
-    to assure the arguments are all parsed before mod_autoindex
-    encounters the X=Go input.</p>
-
-    <div class="example"><p><code>
-      &lt;form action="" method="get"&gt;<br />
-      <span class="indent">
-        Show me a &lt;select name="F"&gt;<br />
-        <span class="indent">
-          &lt;option value="0"&gt; Plain list&lt;/option&gt;<br />
-          &lt;option value="1" selected="selected"&gt; Fancy list&lt;/option&gt;<br />
-          &lt;option value="2"&gt; Table list&lt;/option&gt;<br />
-        </span>
-        &lt;/select&gt;<br />
-        Sorted by &lt;select name="C"&gt;<br />
-        <span class="indent">
-          &lt;option value="N" selected="selected"&gt; Name&lt;/option&gt;<br />
-          &lt;option value="M"&gt; Date Modified&lt;/option&gt;<br />
-          &lt;option value="S"&gt; Size&lt;/option&gt;<br />
-          &lt;option value="D"&gt; Description&lt;/option&gt;<br />
-        </span>
-        &lt;/select&gt;<br />
-        &lt;select name="O"&gt;<br />
-        <span class="indent">
-          &lt;option value="A" selected="selected"&gt; Ascending&lt;/option&gt;<br />
-          &lt;option value="D"&gt; Descending&lt;/option&gt;<br />
-        </span>
-        &lt;/select&gt;<br />
-        &lt;select name="V"&gt;<br />
-        <span class="indent">
-          &lt;option value="0" selected="selected"&gt; in Normal order&lt;/option&gt;<br />
-          &lt;option value="1"&gt; in Version order&lt;/option&gt;<br />
-        </span>
-        &lt;/select&gt;<br />
-        Matching &lt;input type="text" name="P" value="*" /&gt;<br />
-        &lt;input type="submit" name="X" value="Go" /&gt;<br />
-      </span>
-      &lt;/form&gt;
-    </code></p></div>
-
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_buffer.html.en b/docs/manual/mod/mod_buffer.html.en
index 04aa79eecd..f696509c85 100644
--- a/docs/manual/mod/mod_buffer.html.en
+++ b/docs/manual/mod/mod_buffer.html.en
@@ -78,6 +78,7 @@
 <ul class="seealso">
 <li><a href="../filter.html">Filters</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="BufferSize" id="BufferSize">BufferSize</a> <a name="buffersize" id="buffersize">Directive</a></h2>
 <table class="directive">
@@ -94,7 +95,6 @@
     The default is 128 kilobytes.</p>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_buffer.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_cache.html.en b/docs/manual/mod/mod_cache.html.en
index d0a2a6000a..28a1253b32 100644
--- a/docs/manual/mod/mod_cache.html.en
+++ b/docs/manual/mod/mod_cache.html.en
@@ -126,7 +126,14 @@
     <p>Further details, discussion, and examples, are provided in the
     <a href="../caching.html">Caching Guide</a>.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#related">Related Modules and Directives</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#sampleconf">Sample Configuration</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#thunderingherd">Avoiding the Thundering Herd</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#finecontrol">Fine Control with the CACHE Filter</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#status">Cache Status and Logging</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#cachedefaultexpire">CacheDefaultExpire</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#cachedetailheader">CacheDetailHeader</a></li>
@@ -151,18 +158,196 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#cachestorenostore">CacheStoreNoStore</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#cachestoreprivate">CacheStorePrivate</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#related">Related Modules and Directives</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#sampleconf">Sample Configuration</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#thunderingherd">Avoiding the Thundering Herd</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#finecontrol">Fine Control with the CACHE Filter</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#status">Cache Status and Logging</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><a href="../caching.html">Caching Guide</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="related" id="related">Related Modules and Directives</a></h2>
+    <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="../mod/mod_cache_disk.html">mod_cache_disk</a></code></li><li><code class="module"><a href="../mod/mod_cache_socache.html">mod_cache_socache</a></code></li></ul></td><td><ul><li><code class="directive"><a href="../mod/mod_cache_disk.html#cacheroot">CacheRoot</a></code></li><li><code class="directive"><a href="../mod/mod_cache_disk.html#cachedirlevels">CacheDirLevels</a></code></li><li><code class="directive"><a href="../mod/mod_cache_disk.html#cachedirlength">CacheDirLength</a></code></li><li><code class="directive"><a href="../mod/mod_cache_disk.html#cacheminfilesize">CacheMinFileSize</a></code></li><li><code class="directive"><a href="../mod/mod_cache_disk.html#cachemaxfilesize">CacheMaxFileSize</a></code></li><li><code class="directive"><a href="../mod/mod_cache_socache.html#cachesocache">CacheSocache</a></code></li><li><code class="directive"><a href="../mod/mod_cache_socache.html#cachesocachemaxtime">CacheSocacheMaxTime</a></code></li><li><code class="directive"><a href="../mod/mod_cache_socache.html#cachesocachemintime">CacheSocacheMinTime</a></code></li><li><code class="directive"><a href="../mod/mod_cache_socache.html#cachesocachemaxsize">CacheSocacheMaxSize</a></code></li><li><code class="directive"><a href="../mod/mod_cache_socache.html#cachesocachereadsize">CacheSocacheReadSize</a></code></li><li><code class="directive"><a href="../mod/mod_cache_socache.html#cachesocachereadtime">CacheSocacheReadTime</a></code></li></ul></td></tr></table>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="sampleconf" id="sampleconf">Sample Configuration</a></h2>
+    <div class="example"><h3>Sample httpd.conf</h3><pre class="prettyprint lang-config">#
+# Sample Cache Configuration
+#
+LoadModule cache_module modules/mod_cache.so
+&lt;IfModule mod_cache.c&gt;
+    LoadModule cache_disk_module modules/mod_cache_disk.so
+    &lt;IfModule mod_cache_disk.c&gt;
+        CacheRoot "c:/cacheroot"
+        CacheEnable disk  "/"
+        CacheDirLevels 5
+        CacheDirLength 3
+    &lt;/IfModule&gt;
+
+    # When acting as a proxy, don't cache the list of security updates
+    CacheDisable "http://security.update.server/update-list/"
+&lt;/IfModule&gt;</pre>
+</div>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="thunderingherd" id="thunderingherd">Avoiding the Thundering Herd</a></h2>
+  <p>When a cached entry becomes stale, <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code> will submit
+  a conditional request to the backend, which is expected to confirm whether the
+  cached entry is still fresh, and send an updated entity if not.</p>
+  <p>A small but finite amount of time exists between the time the cached entity
+  becomes stale, and the time the stale entity is fully refreshed. On a busy
+  server, a significant number of requests might arrive during this time, and
+  cause a <strong>thundering herd</strong> of requests to strike the backend
+  suddenly and unpredictably.</p>
+  <p>To keep the thundering herd at bay, the <code class="directive">CacheLock</code>
+  directive can be used to define a directory in which locks are created for
+  URLs <strong>in flight</strong>. The lock is used as a <strong>hint</strong>
+  by other requests to either suppress an attempt to cache (someone else has
+  gone to fetch the entity), or to indicate that a stale entry is being refreshed
+  (stale content will be returned in the mean time).
+  </p>
+  <h3>Initial caching of an entry</h3>
+    
+    <p>When an entity is cached for the first time, a lock will be created for the
+    entity until the response has been fully cached. During the lifetime of the
+    lock, the cache will suppress the second and subsequent attempt to cache the
+    same entity. While this doesn't hold back the thundering herd, it does stop
+    the cache attempting to cache the same entity multiple times simultaneously.
+    </p>
+  
+  <h3>Refreshment of a stale entry</h3>
+    
+    <p>When an entity reaches its freshness lifetime and becomes stale, a lock
+    will be created for the entity until the response has either been confirmed as
+    still fresh, or replaced by the backend. During the lifetime of the lock, the
+    second and subsequent incoming request will cause stale data to be returned,
+    and the thundering herd is kept at bay.</p>
+  
+  <h3>Locks and Cache-Control: no-cache</h3>
+    
+    <p>Locks are used as a <strong>hint only</strong> to enable the cache to be
+    more gentle on backend servers, however the lock can be overridden if necessary.
+    If the client sends a request with a Cache-Control header forcing a reload, any
+    lock that may be present will be ignored, and the client's request will be
+    honored immediately and the cached entry refreshed.</p>
+    <p>As a further safety mechanism, locks have a configurable maximum age.
+    Once this age has been reached, the lock is removed, and a new request is
+    given the opportunity to create a new lock. This maximum age can be set using
+    the <code class="directive">CacheLockMaxAge</code> directive, and defaults to 5
+    seconds.
+    </p>
+  
+  <h3>Example configuration</h3>
+    
+    <div class="example"><h3>Enabling the cache lock</h3><pre class="prettyprint lang-config">#
+# Enable the cache lock
+#
+&lt;IfModule mod_cache.c&gt;
+    CacheLock on
+    CacheLockPath "/tmp/mod_cache-lock"
+    CacheLockMaxAge 5
+&lt;/IfModule&gt;</pre>
+</div>
+  
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="finecontrol" id="finecontrol">Fine Control with the CACHE Filter</a></h2>
+  <p>Under the default mode of cache operation, the cache runs as a quick handler,
+  short circuiting the majority of server processing and offering the highest
+  cache performance available.</p>
+
+  <p>In this mode, the cache <strong>bolts onto</strong> the front of the server,
+  acting as if a free standing RFC 2616 caching proxy had been placed in front of
+  the server.</p>
+
+  <p>While this mode offers the best performance, the administrator may find that
+  under certain circumstances they may want to perform further processing on the
+  request after the request is cached, such as to inject personalisation into the
+  cached page, or to apply authorisation restrictions to the content. Under these
+  circumstances, an administrator is often forced to place independent reverse
+  proxy servers either behind or in front of the caching server to achieve this.</p>
+
+  <p>To solve this problem the <code class="directive"><a href="#cachequickhandler">CacheQuickHandler
+  </a></code> directive can be set to <strong>off</strong>, and the server will
+  process all phases normally handled by a non-cached request, including the
+  <strong>authentication and authorisation</strong> phases.</p>
+
+  <p>In addition, the administrator may optionally specify the <strong>precise point
+  within the filter chain</strong> where caching is to take place by adding the
+  <strong>CACHE</strong> filter to the output filter chain.</p>
+
+  <p>For example, to cache content before applying compression to the response,
+  place the <strong>CACHE</strong> filter before the <strong>DEFLATE</strong>
+  filter as in the example below:</p>
+
+  <pre class="prettyprint lang-config"># Cache content before optional compression
+CacheQuickHandler off
+AddOutputFilterByType CACHE;DEFLATE text/plain</pre>
+
+
+  <p>Another option is to have content cached before personalisation is applied
+  by <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> (or another content processing filter). In this
+  example templates containing tags understood by
+  <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> are cached before being parsed:</p>
+
+  <pre class="prettyprint lang-config"># Cache content before mod_include and mod_deflate
+CacheQuickHandler off
+AddOutputFilterByType CACHE;INCLUDES;DEFLATE text/html</pre>
+
+
+  <p>You may place the <strong>CACHE</strong> filter anywhere you wish within the
+  filter chain. In this example, content is cached after being parsed by
+  <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>, but before being processed by
+  <code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code>:</p>
+
+  <pre class="prettyprint lang-config"># Cache content between mod_include and mod_deflate
+CacheQuickHandler off
+AddOutputFilterByType INCLUDES;CACHE;DEFLATE text/html</pre>
+
+
+  <div class="warning"><h3>Warning:</h3>If the location of the
+  <strong>CACHE</strong> filter in the filter chain is changed for any reason,
+  you may need to <strong>flush your cache</strong> to ensure that your data
+  served remains consistent. <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code> is not in a position
+  to enforce this for you.</div>
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="status" id="status">Cache Status and Logging</a></h2>
+  <p>Once <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code> has made a decision as to whether or not
+  an entity is to be served from cache, the detailed reason for the decision
+  is written to the subprocess environment within the request under the
+  <strong>cache-status</strong> key. This reason can be logged by the
+  <code class="directive"><a href="../mod/mod_log_config.html#logformat">LogFormat</a></code> directive as
+  follows:</p>
+
+  <pre class="prettyprint lang-config">LogFormat "%{cache-status}e ..."</pre>
+
+
+  <p>Based on the caching decision made, the reason is also written to the
+  subprocess environment under one the following four keys, as appropriate:</p>
+
+  <dl>
+    <dt>cache-hit</dt><dd>The response was served from cache.</dd>
+    <dt>cache-revalidate</dt><dd>The response was stale and was successfully
+      revalidated, then served from cache.</dd>
+    <dt>cache-miss</dt><dd>The response was served from the upstream server.</dd>
+    <dt>cache-invalidate</dt><dd>The cached entity was invalidated by a request
+      method other than GET or HEAD.</dd>
+  </dl>
+
+  <p>This makes it possible to support conditional logging of cached requests
+  as per the following example:</p>
+
+  <pre class="prettyprint lang-config">CustomLog "cached-requests.log" common env=cache-hit
+CustomLog "uncached-requests.log" common env=cache-miss
+CustomLog "revalidated-requests.log" common env=cache-revalidate
+CustomLog "invalidated-requests.log" common env=cache-invalidate</pre>
+
+
+  <p>For module authors, a hook called <var>cache_status</var> is available,
+  allowing modules to respond to the caching outcomes above in customised
+  ways.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="CacheDefaultExpire" id="CacheDefaultExpire">CacheDefaultExpire</a> <a name="cachedefaultexpire" id="cachedefaultexpire">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The default duration to cache a document when no expiry date is specified.</td></tr>
@@ -859,191 +1044,6 @@ CacheStaleOnError on</pre>
 <li><code class="directive"><a href="#cachestorenostore">CacheStoreNoStore</a></code></li>
 </ul>
 </div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="related" id="related">Related Modules and Directives</a></h2>
-    <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="../mod/mod_cache_disk.html">mod_cache_disk</a></code></li><li><code class="module"><a href="../mod/mod_cache_socache.html">mod_cache_socache</a></code></li></ul></td><td><ul><li><code class="directive"><a href="../mod/mod_cache_disk.html#cacheroot">CacheRoot</a></code></li><li><code class="directive"><a href="../mod/mod_cache_disk.html#cachedirlevels">CacheDirLevels</a></code></li><li><code class="directive"><a href="../mod/mod_cache_disk.html#cachedirlength">CacheDirLength</a></code></li><li><code class="directive"><a href="../mod/mod_cache_disk.html#cacheminfilesize">CacheMinFileSize</a></code></li><li><code class="directive"><a href="../mod/mod_cache_disk.html#cachemaxfilesize">CacheMaxFileSize</a></code></li><li><code class="directive"><a href="../mod/mod_cache_socache.html#cachesocache">CacheSocache</a></code></li><li><code class="directive"><a href="../mod/mod_cache_socache.html#cachesocachemaxtime">CacheSocacheMaxTime</a></code></li><li><code class="directive"><a href="../mod/mod_cache_socache.html#cachesocachemintime">CacheSocacheMinTime</a></code></li><li><code class="directive"><a href="../mod/mod_cache_socache.html#cachesocachemaxsize">CacheSocacheMaxSize</a></code></li><li><code class="directive"><a href="../mod/mod_cache_socache.html#cachesocachereadsize">CacheSocacheReadSize</a></code></li><li><code class="directive"><a href="../mod/mod_cache_socache.html#cachesocachereadtime">CacheSocacheReadTime</a></code></li></ul></td></tr></table>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="sampleconf" id="sampleconf">Sample Configuration</a></h2>
-    <div class="example"><h3>Sample httpd.conf</h3><pre class="prettyprint lang-config">#
-# Sample Cache Configuration
-#
-LoadModule cache_module modules/mod_cache.so
-&lt;IfModule mod_cache.c&gt;
-    LoadModule cache_disk_module modules/mod_cache_disk.so
-    &lt;IfModule mod_cache_disk.c&gt;
-        CacheRoot "c:/cacheroot"
-        CacheEnable disk  "/"
-        CacheDirLevels 5
-        CacheDirLength 3
-    &lt;/IfModule&gt;
-
-    # When acting as a proxy, don't cache the list of security updates
-    CacheDisable "http://security.update.server/update-list/"
-&lt;/IfModule&gt;</pre>
-</div>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="thunderingherd" id="thunderingherd">Avoiding the Thundering Herd</a></h2>
-  <p>When a cached entry becomes stale, <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code> will submit
-  a conditional request to the backend, which is expected to confirm whether the
-  cached entry is still fresh, and send an updated entity if not.</p>
-  <p>A small but finite amount of time exists between the time the cached entity
-  becomes stale, and the time the stale entity is fully refreshed. On a busy
-  server, a significant number of requests might arrive during this time, and
-  cause a <strong>thundering herd</strong> of requests to strike the backend
-  suddenly and unpredictably.</p>
-  <p>To keep the thundering herd at bay, the <code class="directive">CacheLock</code>
-  directive can be used to define a directory in which locks are created for
-  URLs <strong>in flight</strong>. The lock is used as a <strong>hint</strong>
-  by other requests to either suppress an attempt to cache (someone else has
-  gone to fetch the entity), or to indicate that a stale entry is being refreshed
-  (stale content will be returned in the mean time).
-  </p>
-  <h3>Initial caching of an entry</h3>
-    
-    <p>When an entity is cached for the first time, a lock will be created for the
-    entity until the response has been fully cached. During the lifetime of the
-    lock, the cache will suppress the second and subsequent attempt to cache the
-    same entity. While this doesn't hold back the thundering herd, it does stop
-    the cache attempting to cache the same entity multiple times simultaneously.
-    </p>
-  
-  <h3>Refreshment of a stale entry</h3>
-    
-    <p>When an entity reaches its freshness lifetime and becomes stale, a lock
-    will be created for the entity until the response has either been confirmed as
-    still fresh, or replaced by the backend. During the lifetime of the lock, the
-    second and subsequent incoming request will cause stale data to be returned,
-    and the thundering herd is kept at bay.</p>
-  
-  <h3>Locks and Cache-Control: no-cache</h3>
-    
-    <p>Locks are used as a <strong>hint only</strong> to enable the cache to be
-    more gentle on backend servers, however the lock can be overridden if necessary.
-    If the client sends a request with a Cache-Control header forcing a reload, any
-    lock that may be present will be ignored, and the client's request will be
-    honored immediately and the cached entry refreshed.</p>
-    <p>As a further safety mechanism, locks have a configurable maximum age.
-    Once this age has been reached, the lock is removed, and a new request is
-    given the opportunity to create a new lock. This maximum age can be set using
-    the <code class="directive">CacheLockMaxAge</code> directive, and defaults to 5
-    seconds.
-    </p>
-  
-  <h3>Example configuration</h3>
-    
-    <div class="example"><h3>Enabling the cache lock</h3><pre class="prettyprint lang-config">#
-# Enable the cache lock
-#
-&lt;IfModule mod_cache.c&gt;
-    CacheLock on
-    CacheLockPath "/tmp/mod_cache-lock"
-    CacheLockMaxAge 5
-&lt;/IfModule&gt;</pre>
-</div>
-  
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="finecontrol" id="finecontrol">Fine Control with the CACHE Filter</a></h2>
-  <p>Under the default mode of cache operation, the cache runs as a quick handler,
-  short circuiting the majority of server processing and offering the highest
-  cache performance available.</p>
-
-  <p>In this mode, the cache <strong>bolts onto</strong> the front of the server,
-  acting as if a free standing RFC 2616 caching proxy had been placed in front of
-  the server.</p>
-
-  <p>While this mode offers the best performance, the administrator may find that
-  under certain circumstances they may want to perform further processing on the
-  request after the request is cached, such as to inject personalisation into the
-  cached page, or to apply authorisation restrictions to the content. Under these
-  circumstances, an administrator is often forced to place independent reverse
-  proxy servers either behind or in front of the caching server to achieve this.</p>
-
-  <p>To solve this problem the <code class="directive"><a href="#cachequickhandler">CacheQuickHandler
-  </a></code> directive can be set to <strong>off</strong>, and the server will
-  process all phases normally handled by a non-cached request, including the
-  <strong>authentication and authorisation</strong> phases.</p>
-
-  <p>In addition, the administrator may optionally specify the <strong>precise point
-  within the filter chain</strong> where caching is to take place by adding the
-  <strong>CACHE</strong> filter to the output filter chain.</p>
-
-  <p>For example, to cache content before applying compression to the response,
-  place the <strong>CACHE</strong> filter before the <strong>DEFLATE</strong>
-  filter as in the example below:</p>
-
-  <pre class="prettyprint lang-config"># Cache content before optional compression
-CacheQuickHandler off
-AddOutputFilterByType CACHE;DEFLATE text/plain</pre>
-
-
-  <p>Another option is to have content cached before personalisation is applied
-  by <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> (or another content processing filter). In this
-  example templates containing tags understood by
-  <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> are cached before being parsed:</p>
-
-  <pre class="prettyprint lang-config"># Cache content before mod_include and mod_deflate
-CacheQuickHandler off
-AddOutputFilterByType CACHE;INCLUDES;DEFLATE text/html</pre>
-
-
-  <p>You may place the <strong>CACHE</strong> filter anywhere you wish within the
-  filter chain. In this example, content is cached after being parsed by
-  <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>, but before being processed by
-  <code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code>:</p>
-
-  <pre class="prettyprint lang-config"># Cache content between mod_include and mod_deflate
-CacheQuickHandler off
-AddOutputFilterByType INCLUDES;CACHE;DEFLATE text/html</pre>
-
-
-  <div class="warning"><h3>Warning:</h3>If the location of the
-  <strong>CACHE</strong> filter in the filter chain is changed for any reason,
-  you may need to <strong>flush your cache</strong> to ensure that your data
-  served remains consistent. <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code> is not in a position
-  to enforce this for you.</div>
-
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="status" id="status">Cache Status and Logging</a></h2>
-  <p>Once <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code> has made a decision as to whether or not
-  an entity is to be served from cache, the detailed reason for the decision
-  is written to the subprocess environment within the request under the
-  <strong>cache-status</strong> key. This reason can be logged by the
-  <code class="directive"><a href="../mod/mod_log_config.html#logformat">LogFormat</a></code> directive as
-  follows:</p>
-
-  <pre class="prettyprint lang-config">LogFormat "%{cache-status}e ..."</pre>
-
-
-  <p>Based on the caching decision made, the reason is also written to the
-  subprocess environment under one the following four keys, as appropriate:</p>
-
-  <dl>
-    <dt>cache-hit</dt><dd>The response was served from cache.</dd>
-    <dt>cache-revalidate</dt><dd>The response was stale and was successfully
-      revalidated, then served from cache.</dd>
-    <dt>cache-miss</dt><dd>The response was served from the upstream server.</dd>
-    <dt>cache-invalidate</dt><dd>The cached entity was invalidated by a request
-      method other than GET or HEAD.</dd>
-  </dl>
-
-  <p>This makes it possible to support conditional logging of cached requests
-  as per the following example:</p>
-
-  <pre class="prettyprint lang-config">CustomLog "cached-requests.log" common env=cache-hit
-CustomLog "uncached-requests.log" common env=cache-miss
-CustomLog "revalidated-requests.log" common env=cache-revalidate
-CustomLog "invalidated-requests.log" common env=cache-invalidate</pre>
-
-
-  <p>For module authors, a hook called <var>cache_status</var> is available,
-  allowing modules to respond to the caching outcomes above in customised
-  ways.</p>
-</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_cache.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_cache_disk.html.en b/docs/manual/mod/mod_cache_disk.html.en
index 1c9d640ee9..f5741bdf18 100644
--- a/docs/manual/mod/mod_cache_disk.html.en
+++ b/docs/manual/mod/mod_cache_disk.html.en
@@ -88,6 +88,7 @@
 <li><code class="module"><a href="../mod/mod_cache_socache.html">mod_cache_socache</a></code></li>
 <li><a href="../caching.html">Caching Guide</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="CacheDirLength" id="CacheDirLength">CacheDirLength</a> <a name="cachedirlength" id="cachedirlength">Directive</a></h2>
 <table class="directive">
@@ -256,7 +257,6 @@ stored</td></tr>
 
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_cache_disk.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_cache_socache.html.en b/docs/manual/mod/mod_cache_socache.html.en
index f9a3941698..e4840e36ee 100644
--- a/docs/manual/mod/mod_cache_socache.html.en
+++ b/docs/manual/mod/mod_cache_socache.html.en
@@ -83,6 +83,7 @@ CacheSocacheMaxSize 102400
 <li><code class="module"><a href="../mod/mod_cache_disk.html">mod_cache_disk</a></code></li>
 <li><a href="../caching.html">Caching Guide</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="CacheSocache" id="CacheSocache">CacheSocache</a> <a name="cachesocache" id="cachesocache">Directive</a></h2>
 <table class="directive">
@@ -232,7 +233,6 @@ cache</td></tr>
 
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_cache_socache.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_cern_meta.html.en b/docs/manual/mod/mod_cern_meta.html.en
index 779c61e7f6..255ac6322e 100644
--- a/docs/manual/mod/mod_cern_meta.html.en
+++ b/docs/manual/mod/mod_cern_meta.html.en
@@ -56,6 +56,7 @@
 <li><code class="module"><a href="../mod/mod_headers.html">mod_headers</a></code></li>
 <li><code class="module"><a href="../mod/mod_asis.html">mod_asis</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="MetaDir" id="MetaDir">MetaDir</a> <a name="metadir" id="metadir">Directive</a></h2>
 <table class="directive">
@@ -122,7 +123,6 @@ meta information</td></tr>
 </div>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_cern_meta.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_cgi.html.en b/docs/manual/mod/mod_cgi.html.en
index b7e88eec75..5beac58df4 100644
--- a/docs/manual/mod/mod_cgi.html.en
+++ b/docs/manual/mod/mod_cgi.html.en
@@ -57,17 +57,17 @@
     for any file with the mime-type <code>application/x-httpd-cgi</code>. The
     use of the magic mime-type is deprecated.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#env">CGI Environment variables</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#cgi-debug">CGI Debugging</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#scriptlog">ScriptLog</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#scriptlogbuffer">ScriptLogBuffer</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#scriptloglength">ScriptLogLength</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#env">CGI Environment variables</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#cgi-debug">CGI Debugging</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="directive"><a href="../mod/core.html#acceptpathinfo">AcceptPathInfo</a></code></li>
 <li><code class="directive"><a href="../mod/core.html#options">Options</a></code> ExecCGI</li>
@@ -78,78 +78,6 @@
 <li><a href="http://www.ietf.org/rfc/rfc3875">CGI Specification</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ScriptLog" id="ScriptLog">ScriptLog</a> <a name="scriptlog" id="scriptlog">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Location of the CGI script error logfile</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ScriptLog <var>file-path</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td><code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code>, <code class="module"><a href="../mod/mod_cgid.html">mod_cgid</a></code></td></tr>
-</table>
-    <p>The <code class="directive">ScriptLog</code> directive sets the CGI
-    script error logfile. If no <code class="directive">ScriptLog</code> is given,
-    no error log is created. If given, any CGI errors are logged into the
-    filename given as argument. If this is a relative file or path it is
-    taken relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.
-    </p>
-
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ScriptLog logs/cgi_log</pre>
-</div>
-
-    <p>This log will be opened as the user the child processes run
-    as, <em>i.e.</em> the user specified in the main <code class="directive"><a href="../mod/mod_unixd.html#user">User</a></code> directive. This means that
-    either the directory the script log is in needs to be writable
-    by that user or the file needs to be manually created and set
-    to be writable by that user. If you place the script log in
-    your main logs directory, do <strong>NOT</strong> change the
-    directory permissions to make it writable by the user the child
-    processes run as.</p>
-
-    <p>Note that script logging is meant to be a debugging feature
-    when writing CGI scripts, and is not meant to be activated
-    continuously on running servers. It is not optimized for speed
-    or efficiency, and may have security problems if used in a
-    manner other than that for which it was designed.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ScriptLogBuffer" id="ScriptLogBuffer">ScriptLogBuffer</a> <a name="scriptlogbuffer" id="scriptlogbuffer">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maximum amount of PUT or POST requests that will be recorded
-in the scriptlog</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ScriptLogBuffer <var>bytes</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ScriptLogBuffer 1024</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td><code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code>, <code class="module"><a href="../mod/mod_cgid.html">mod_cgid</a></code></td></tr>
-</table>
-    <p>The size of any PUT or POST entity body that is logged to
-    the file is limited, to prevent the log file growing too big
-    too quickly if large bodies are being received. By default, up
-    to 1024 bytes are logged, but this can be changed with this
-    directive.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ScriptLogLength" id="ScriptLogLength">ScriptLogLength</a> <a name="scriptloglength" id="scriptloglength">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Size limit of the CGI script logfile</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ScriptLogLength <var>bytes</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ScriptLogLength 10385760</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td><code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code>, <code class="module"><a href="../mod/mod_cgid.html">mod_cgid</a></code></td></tr>
-</table>
-    <p><code class="directive">ScriptLogLength</code> can be used to limit the
-    size of the CGI script logfile. Since the logfile logs a lot of
-    information per CGI error (all request headers, all script output)
-    it can grow to be a big file. To prevent problems due to unbounded
-    growth, this directive can be used to set an maximum file-size for
-    the CGI logfile. If the file exceeds this size, no more
-    information will be written to it.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="env" id="env">CGI Environment variables</a></h2>
     <p>The server will set the CGI environment variables as described
@@ -233,6 +161,78 @@ in the scriptlog</td></tr>
       <p>(The %stdout and %stderr parts may be missing if the script did
       not output anything on standard output or standard error).</p>
     
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ScriptLog" id="ScriptLog">ScriptLog</a> <a name="scriptlog" id="scriptlog">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Location of the CGI script error logfile</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ScriptLog <var>file-path</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td><code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code>, <code class="module"><a href="../mod/mod_cgid.html">mod_cgid</a></code></td></tr>
+</table>
+    <p>The <code class="directive">ScriptLog</code> directive sets the CGI
+    script error logfile. If no <code class="directive">ScriptLog</code> is given,
+    no error log is created. If given, any CGI errors are logged into the
+    filename given as argument. If this is a relative file or path it is
+    taken relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.
+    </p>
+
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ScriptLog logs/cgi_log</pre>
+</div>
+
+    <p>This log will be opened as the user the child processes run
+    as, <em>i.e.</em> the user specified in the main <code class="directive"><a href="../mod/mod_unixd.html#user">User</a></code> directive. This means that
+    either the directory the script log is in needs to be writable
+    by that user or the file needs to be manually created and set
+    to be writable by that user. If you place the script log in
+    your main logs directory, do <strong>NOT</strong> change the
+    directory permissions to make it writable by the user the child
+    processes run as.</p>
+
+    <p>Note that script logging is meant to be a debugging feature
+    when writing CGI scripts, and is not meant to be activated
+    continuously on running servers. It is not optimized for speed
+    or efficiency, and may have security problems if used in a
+    manner other than that for which it was designed.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ScriptLogBuffer" id="ScriptLogBuffer">ScriptLogBuffer</a> <a name="scriptlogbuffer" id="scriptlogbuffer">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maximum amount of PUT or POST requests that will be recorded
+in the scriptlog</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ScriptLogBuffer <var>bytes</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ScriptLogBuffer 1024</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td><code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code>, <code class="module"><a href="../mod/mod_cgid.html">mod_cgid</a></code></td></tr>
+</table>
+    <p>The size of any PUT or POST entity body that is logged to
+    the file is limited, to prevent the log file growing too big
+    too quickly if large bodies are being received. By default, up
+    to 1024 bytes are logged, but this can be changed with this
+    directive.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ScriptLogLength" id="ScriptLogLength">ScriptLogLength</a> <a name="scriptloglength" id="scriptloglength">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Size limit of the CGI script logfile</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ScriptLogLength <var>bytes</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ScriptLogLength 10385760</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td><code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code>, <code class="module"><a href="../mod/mod_cgid.html">mod_cgid</a></code></td></tr>
+</table>
+    <p><code class="directive">ScriptLogLength</code> can be used to limit the
+    size of the CGI script logfile. Since the logfile logs a lot of
+    information per CGI error (all request headers, all script output)
+    it can grow to be a big file. To prevent problems due to unbounded
+    growth, this directive can be used to set an maximum file-size for
+    the CGI logfile. If the file exceeds this size, no more
+    information will be written to it.</p>
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_cgid.html.en b/docs/manual/mod/mod_cgid.html.en
index 134d4b70e1..7d683ebf39 100644
--- a/docs/manual/mod/mod_cgid.html.en
+++ b/docs/manual/mod/mod_cgid.html.en
@@ -74,6 +74,7 @@
 <li><a href="../suexec.html">Running CGI programs under different
     user IDs</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="CGIDScriptTimeout" id="CGIDScriptTimeout">CGIDScriptTimeout</a> <a name="cgidscripttimeout" id="cgidscripttimeout">Directive</a></h2>
 <table class="directive">
@@ -125,7 +126,6 @@ the cgi daemon</td></tr>
 
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_cgid.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_charset_lite.html.en b/docs/manual/mod/mod_charset_lite.html.en
index cf88e52c6e..7443b7c39a 100644
--- a/docs/manual/mod/mod_charset_lite.html.en
+++ b/docs/manual/mod/mod_charset_lite.html.en
@@ -49,16 +49,53 @@
     mechanisms implemented by Russian Apache and its associated
     <code>mod_charset</code>.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#problems">Common Problems</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#charsetdefault">CharsetDefault</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#charsetoptions">CharsetOptions</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#charsetsourceenc">CharsetSourceEnc</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#problems">Common Problems</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="problems" id="problems">Common Problems</a></h2>
+
+    <h3>Invalid character set names</h3>
+
+      <p>The character set name parameters of <code class="directive"><a href="#charsetsourceenc">CharsetSourceEnc</a></code> and
+      <code class="directive"><a href="#charsetdefault">CharsetDefault</a></code>
+      must be acceptable to the translation mechanism used by
+      <a class="glossarylink" href="../glossary.html#apr" title="see glossary">APR</a> on the system where
+      <code class="module"><a href="../mod/mod_charset_lite.html">mod_charset_lite</a></code> is deployed.  These character
+      set names are not standardized and are usually not the same as
+      the corresponding values used in http headers.  Currently, APR
+      can only use iconv(3), so you can easily test your character set
+      names using the iconv(1) program, as follows:</p>
+
+      <div class="example"><p><code>
+        iconv -f charsetsourceenc-value -t charsetdefault-value
+      </code></p></div>
+    
+
+    <h3>Mismatch between character set of content and translation
+    rules</h3>
+
+      <p>If the translation rules don't make sense for the content,
+      translation can fail in various ways, including:</p>
+
+      <ul>
+      <li>The translation mechanism may return a bad return code,
+      and the connection will be aborted.</li>
+
+      <li>The translation mechanism may silently place special
+      characters (e.g., question marks) in the output buffer when
+      it cannot translate the input buffer.</li>
+      </ul>
+    
+</div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="CharsetDefault" id="CharsetDefault">CharsetDefault</a> <a name="charsetdefault" id="charsetdefault">Directive</a></h2>
 <table class="directive">
@@ -162,43 +199,6 @@
      </div>
 
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="problems" id="problems">Common Problems</a></h2>
-
-    <h3>Invalid character set names</h3>
-
-      <p>The character set name parameters of <code class="directive"><a href="#charsetsourceenc">CharsetSourceEnc</a></code> and
-      <code class="directive"><a href="#charsetdefault">CharsetDefault</a></code>
-      must be acceptable to the translation mechanism used by
-      <a class="glossarylink" href="../glossary.html#apr" title="see glossary">APR</a> on the system where
-      <code class="module"><a href="../mod/mod_charset_lite.html">mod_charset_lite</a></code> is deployed.  These character
-      set names are not standardized and are usually not the same as
-      the corresponding values used in http headers.  Currently, APR
-      can only use iconv(3), so you can easily test your character set
-      names using the iconv(1) program, as follows:</p>
-
-      <div class="example"><p><code>
-        iconv -f charsetsourceenc-value -t charsetdefault-value
-      </code></p></div>
-    
-
-    <h3>Mismatch between character set of content and translation
-    rules</h3>
-
-      <p>If the translation rules don't make sense for the content,
-      translation can fail in various ways, including:</p>
-
-      <ul>
-      <li>The translation mechanism may return a bad return code,
-      and the connection will be aborted.</li>
-
-      <li>The translation mechanism may silently place special
-      characters (e.g., question marks) in the output buffer when
-      it cannot translate the input buffer.</li>
-      </ul>
-    
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_dav.html.en b/docs/manual/mod/mod_dav.html.en
index 8a464b2819..7d5b1713d9 100644
--- a/docs/manual/mod/mod_dav.html.en
+++ b/docs/manual/mod/mod_dav.html.en
@@ -42,98 +42,24 @@
     copying, and deleting resources and collections on a remote web
     server.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#example">Enabling WebDAV</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#security">Security Issues</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#complex">Complex Configurations</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#dav">Dav</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#davdepthinfinity">DavDepthInfinity</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#davmintimeout">DavMinTimeout</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#example">Enabling WebDAV</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#security">Security Issues</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#complex">Complex Configurations</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="directive"><a href="../mod/mod_dav_fs.html#davlockdb">DavLockDB</a></code></li>
 <li><code class="directive"><a href="../mod/core.html#limitxmlrequestbody">LimitXMLRequestBody</a></code></li>
 <li><a href="http://www.webdav.org">WebDAV Resources</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="Dav" id="Dav">Dav</a> <a name="dav" id="dav">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable WebDAV HTTP methods</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Dav On|Off|<var>provider-name</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>Dav Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_dav</td></tr>
-</table>
-    <p>Use the <code class="directive">Dav</code> directive to enable the
-    WebDAV HTTP methods for the given container:</p>
-
-    <pre class="prettyprint lang-config">&lt;Location "/foo"&gt;
-    Dav On
-&lt;/Location&gt;</pre>
-
-
-    <p>The value <code>On</code> is actually an alias for the default
-    provider <code>filesystem</code> which is served by the <code class="module"><a href="../mod/mod_dav_fs.html">mod_dav_fs</a></code> module. Note, that once you have DAV enabled
-    for some location, it <em>cannot</em> be disabled for sublocations.
-    For a complete configuration example have a look at the <a href="#example">section above</a>.</p>
-
-    <div class="warning">
-      Do not enable WebDAV until you have secured your server. Otherwise
-      everyone will be able to distribute files on your system.
-    </div>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="DavDepthInfinity" id="DavDepthInfinity">DavDepthInfinity</a> <a name="davdepthinfinity" id="davdepthinfinity">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Allow PROPFIND, Depth: Infinity requests</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>DavDepthInfinity on|off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>DavDepthInfinity off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_dav</td></tr>
-</table>
-    <p>Use the <code class="directive">DavDepthInfinity</code> directive to
-    allow the processing of <code>PROPFIND</code> requests containing the
-    header 'Depth: Infinity'. Because this type of request could constitute
-    a denial-of-service attack, by default it is not allowed.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="DavMinTimeout" id="DavMinTimeout">DavMinTimeout</a> <a name="davmintimeout" id="davmintimeout">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Minimum amount of time the server holds a lock on
-a DAV resource</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>DavMinTimeout <var>seconds</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>DavMinTimeout 0</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_dav</td></tr>
-</table>
-    <p>When a client requests a DAV resource lock, it can also
-    specify a time when the lock will be automatically removed by
-    the server. This value is only a request, and the server can
-    ignore it or inform the client of an arbitrary value.</p>
-
-    <p>Use the <code class="directive">DavMinTimeout</code> directive to specify, in
-    seconds, the minimum lock timeout to return to a client.
-    Microsoft Web Folders defaults to a timeout of 120 seconds; the
-    <code class="directive">DavMinTimeout</code> can override this to a higher value
-    (like 600 seconds) to reduce the chance of the client losing
-    the lock due to network latency.</p>
-
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">&lt;Location "/MSWord"&gt;
-    DavMinTimeout 600
-&lt;/Location&gt;</pre>
-</div>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="example" id="example">Enabling WebDAV</a></h2>
     <p>To enable <code class="module"><a href="../mod/mod_dav.html">mod_dav</a></code>, add the following to a
@@ -245,6 +171,80 @@ Alias "/php-source" "/home/gstein/php_files"
     used to access the output of the PHP scripts, and
     <code>http://example.com/php-source</code> can be used with a DAV
     client to manipulate them.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="Dav" id="Dav">Dav</a> <a name="dav" id="dav">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable WebDAV HTTP methods</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Dav On|Off|<var>provider-name</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>Dav Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_dav</td></tr>
+</table>
+    <p>Use the <code class="directive">Dav</code> directive to enable the
+    WebDAV HTTP methods for the given container:</p>
+
+    <pre class="prettyprint lang-config">&lt;Location "/foo"&gt;
+    Dav On
+&lt;/Location&gt;</pre>
+
+
+    <p>The value <code>On</code> is actually an alias for the default
+    provider <code>filesystem</code> which is served by the <code class="module"><a href="../mod/mod_dav_fs.html">mod_dav_fs</a></code> module. Note, that once you have DAV enabled
+    for some location, it <em>cannot</em> be disabled for sublocations.
+    For a complete configuration example have a look at the <a href="#example">section above</a>.</p>
+
+    <div class="warning">
+      Do not enable WebDAV until you have secured your server. Otherwise
+      everyone will be able to distribute files on your system.
+    </div>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="DavDepthInfinity" id="DavDepthInfinity">DavDepthInfinity</a> <a name="davdepthinfinity" id="davdepthinfinity">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Allow PROPFIND, Depth: Infinity requests</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>DavDepthInfinity on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>DavDepthInfinity off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_dav</td></tr>
+</table>
+    <p>Use the <code class="directive">DavDepthInfinity</code> directive to
+    allow the processing of <code>PROPFIND</code> requests containing the
+    header 'Depth: Infinity'. Because this type of request could constitute
+    a denial-of-service attack, by default it is not allowed.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="DavMinTimeout" id="DavMinTimeout">DavMinTimeout</a> <a name="davmintimeout" id="davmintimeout">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Minimum amount of time the server holds a lock on
+a DAV resource</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>DavMinTimeout <var>seconds</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>DavMinTimeout 0</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_dav</td></tr>
+</table>
+    <p>When a client requests a DAV resource lock, it can also
+    specify a time when the lock will be automatically removed by
+    the server. This value is only a request, and the server can
+    ignore it or inform the client of an arbitrary value.</p>
+
+    <p>Use the <code class="directive">DavMinTimeout</code> directive to specify, in
+    seconds, the minimum lock timeout to return to a client.
+    Microsoft Web Folders defaults to a timeout of 120 seconds; the
+    <code class="directive">DavMinTimeout</code> can override this to a higher value
+    (like 600 seconds) to reduce the chance of the client losing
+    the lock due to network latency.</p>
+
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">&lt;Location "/MSWord"&gt;
+    DavMinTimeout 600
+&lt;/Location&gt;</pre>
+</div>
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_dav_fs.html.en b/docs/manual/mod/mod_dav_fs.html.en
index 4f252369c2..4e0e0280bc 100644
--- a/docs/manual/mod/mod_dav_fs.html.en
+++ b/docs/manual/mod/mod_dav_fs.html.en
@@ -56,6 +56,7 @@
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_dav.html">mod_dav</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="DavLockDB" id="DavLockDB">DavLockDB</a> <a name="davlockdb" id="davlockdb">Directive</a></h2>
 <table class="directive">
@@ -87,7 +88,6 @@
 
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_dav_fs.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_dav_lock.html.en b/docs/manual/mod/mod_dav_lock.html.en
index 7014c28ae4..a0a99db81b 100644
--- a/docs/manual/mod/mod_dav_lock.html.en
+++ b/docs/manual/mod/mod_dav_lock.html.en
@@ -64,6 +64,7 @@
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_dav.html">mod_dav</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="DavGenericLockDB" id="DavGenericLockDB">DavGenericLockDB</a> <a name="davgenericlockdb" id="davgenericlockdb">Directive</a></h2>
 <table class="directive">
@@ -93,7 +94,6 @@
 
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_dav_lock.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_dbd.html.en b/docs/manual/mod/mod_dbd.html.en
index edd3585bb0..aaf798ddaf 100644
--- a/docs/manual/mod/mod_dbd.html.en
+++ b/docs/manual/mod/mod_dbd.html.en
@@ -44,7 +44,13 @@
     by its original developer.
 </p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#pooling">Connection Pooling</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#API">Apache DBD API</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#prepared">SQL Prepared Statements</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#security">SECURITY WARNING</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#dbdexptime">DBDExptime</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#dbdinitsql">DBDInitSQL</a></li>
@@ -56,17 +62,125 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#dbdpreparesql">DBDPrepareSQL</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#dbdriver">DBDriver</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#pooling">Connection Pooling</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#API">Apache DBD API</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#prepared">SQL Prepared Statements</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#security">SECURITY WARNING</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><a href="../misc/password_encryptions.html">Password Formats</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="pooling" id="pooling">Connection Pooling</a></h2>
+    <p>This module manages database connections, in a manner
+    optimised for the platform.  On non-threaded platforms,
+    it provides a persistent connection in the manner of
+    classic LAMP (Linux, Apache, Mysql, Perl/PHP/Python).
+    On threaded platform, it provides an altogether more
+    scalable and efficient <em>connection pool</em>, as
+    described in <a href="http://www.apachetutor.org/dev/reslist">this
+    article at ApacheTutor</a>.  Note that <code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code>
+    supersedes the modules presented in that article.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="API" id="API">Apache DBD API</a></h2>
+    <p><code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code> exports five functions for other modules
+    to use. The API is as follows:</p>
+
+<pre class="prettyprint lang-c">typedef struct {
+    apr_dbd_t *handle;
+    apr_dbd_driver_t *driver;
+    apr_hash_t *prepared;
+} ap_dbd_t;
+
+/* Export functions to access the database */
+
+/* acquire a connection that MUST be explicitly closed.
+ * Returns NULL on error
+ */
+AP_DECLARE(ap_dbd_t*) ap_dbd_open(apr_pool_t*, server_rec*);
+
+/* release a connection acquired with ap_dbd_open */
+AP_DECLARE(void) ap_dbd_close(server_rec*, ap_dbd_t*);
+
+/* acquire a connection that will have the lifetime of a request
+ * and MUST NOT be explicitly closed.  Return NULL on error.
+ * This is the preferred function for most applications.
+ */
+AP_DECLARE(ap_dbd_t*) ap_dbd_acquire(request_rec*);
+
+/* acquire a connection that will have the lifetime of a connection
+ * and MUST NOT be explicitly closed.  Return NULL on error.
+ */
+AP_DECLARE(ap_dbd_t*) ap_dbd_cacquire(conn_rec*);
+
+/* Prepare a statement for use by a client module */
+AP_DECLARE(void) ap_dbd_prepare(server_rec*, const char*, const char*);
+
+/* Also export them as optional functions for modules that prefer it */
+APR_DECLARE_OPTIONAL_FN(ap_dbd_t*, ap_dbd_open, (apr_pool_t*, server_rec*));
+APR_DECLARE_OPTIONAL_FN(void, ap_dbd_close, (server_rec*, ap_dbd_t*));
+APR_DECLARE_OPTIONAL_FN(ap_dbd_t*, ap_dbd_acquire, (request_rec*));
+APR_DECLARE_OPTIONAL_FN(ap_dbd_t*, ap_dbd_cacquire, (conn_rec*));
+APR_DECLARE_OPTIONAL_FN(void, ap_dbd_prepare, (server_rec*, const char*, const char*));</pre>
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="prepared" id="prepared">SQL Prepared Statements</a></h2>
+    <p><code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code> supports SQL prepared statements on behalf
+    of modules that may wish to use them.  Each prepared statement
+    must be assigned a name (label), and they are stored in a hash:
+    the <code>prepared</code> field of an <code>ap_dbd_t</code>.
+    Hash entries are of type <code>apr_dbd_prepared_t</code>
+    and can be used in any of the apr_dbd prepared statement
+    SQL query or select commands.</p>
+
+    <p>It is up to dbd user modules to use the prepared statements
+    and document what statements can be specified in httpd.conf,
+    or to provide their own directives and use <code>ap_dbd_prepare</code>.</p>
+	
+	<div class="warning"><h3>Caveat</h3>
+	When using prepared statements with a MySQL database, it is preferred to set
+	<code>reconnect</code> to 0 in the connection string as to avoid errors that
+	arise from the MySQL client reconnecting without properly resetting the
+	prepared statements. If set to 1, any broken connections will be attempted
+	fixed, but as mod_dbd is not informed, the prepared statements will be invalidated.
+	</div>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="security" id="security">SECURITY WARNING</a></h2>
+
+    <p>Any web/database application needs to secure itself against SQL
+    injection attacks.  In most cases, Apache DBD is safe, because
+    applications use prepared statements, and untrusted inputs are
+    only ever used as data.  Of course, if you use it via third-party
+    modules, you should ascertain what precautions they may require.</p>
+    <p>However, the <var>FreeTDS</var> driver is inherently
+    <strong>unsafe</strong>.  The underlying library doesn't support
+    prepared statements, so the driver emulates them, and the
+    untrusted input is merged into the SQL statement.</p>
+    <p>It can be made safe by <em>untainting</em> all inputs:
+    a process inspired by Perl's taint checking.  Each input
+    is matched against a regexp, and only the match is used,
+    according to the Perl idiom:</p>
+    <div class="example"><pre><code>  $untrusted =~ /([a-z]+)/;
+  $trusted = $1;</code></pre></div>
+    <p>To use this, the untainting regexps must be included in the
+    prepared statements configured.  The regexp follows immediately
+    after the % in the prepared statement, and is enclosed in
+    curly brackets {}.  For example, if your application expects
+    alphanumeric input, you can use:</p>
+    <div class="example"><p><code>
+       <code>"SELECT foo FROM bar WHERE input = %s"</code>
+    </code></p></div>
+    <p>with other drivers, and suffer nothing worse than a failed query.
+    But with FreeTDS you'd need:</p>
+    <div class="example"><p><code>
+       <code>"SELECT foo FROM bar WHERE input = %{([A-Za-z0-9]+)}s"</code>
+    </code></p></div>
+    <p>Now anything that doesn't match the regexp's $1 match is
+    discarded, so the statement is safe.</p>
+    <p>An alternative to this may be the third-party ODBC driver,
+    which offers the security of genuine prepared statements.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="DBDExptime" id="DBDExptime">DBDExptime</a> <a name="dbdexptime" id="dbdexptime">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Keepalive time for idle connections</td></tr>
@@ -224,120 +338,6 @@
     driver in apr_dbd_mysql.so.</p>
 
 </div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="pooling" id="pooling">Connection Pooling</a></h2>
-    <p>This module manages database connections, in a manner
-    optimised for the platform.  On non-threaded platforms,
-    it provides a persistent connection in the manner of
-    classic LAMP (Linux, Apache, Mysql, Perl/PHP/Python).
-    On threaded platform, it provides an altogether more
-    scalable and efficient <em>connection pool</em>, as
-    described in <a href="http://www.apachetutor.org/dev/reslist">this
-    article at ApacheTutor</a>.  Note that <code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code>
-    supersedes the modules presented in that article.</p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="API" id="API">Apache DBD API</a></h2>
-    <p><code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code> exports five functions for other modules
-    to use. The API is as follows:</p>
-
-<pre class="prettyprint lang-c">typedef struct {
-    apr_dbd_t *handle;
-    apr_dbd_driver_t *driver;
-    apr_hash_t *prepared;
-} ap_dbd_t;
-
-/* Export functions to access the database */
-
-/* acquire a connection that MUST be explicitly closed.
- * Returns NULL on error
- */
-AP_DECLARE(ap_dbd_t*) ap_dbd_open(apr_pool_t*, server_rec*);
-
-/* release a connection acquired with ap_dbd_open */
-AP_DECLARE(void) ap_dbd_close(server_rec*, ap_dbd_t*);
-
-/* acquire a connection that will have the lifetime of a request
- * and MUST NOT be explicitly closed.  Return NULL on error.
- * This is the preferred function for most applications.
- */
-AP_DECLARE(ap_dbd_t*) ap_dbd_acquire(request_rec*);
-
-/* acquire a connection that will have the lifetime of a connection
- * and MUST NOT be explicitly closed.  Return NULL on error.
- */
-AP_DECLARE(ap_dbd_t*) ap_dbd_cacquire(conn_rec*);
-
-/* Prepare a statement for use by a client module */
-AP_DECLARE(void) ap_dbd_prepare(server_rec*, const char*, const char*);
-
-/* Also export them as optional functions for modules that prefer it */
-APR_DECLARE_OPTIONAL_FN(ap_dbd_t*, ap_dbd_open, (apr_pool_t*, server_rec*));
-APR_DECLARE_OPTIONAL_FN(void, ap_dbd_close, (server_rec*, ap_dbd_t*));
-APR_DECLARE_OPTIONAL_FN(ap_dbd_t*, ap_dbd_acquire, (request_rec*));
-APR_DECLARE_OPTIONAL_FN(ap_dbd_t*, ap_dbd_cacquire, (conn_rec*));
-APR_DECLARE_OPTIONAL_FN(void, ap_dbd_prepare, (server_rec*, const char*, const char*));</pre>
-
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="prepared" id="prepared">SQL Prepared Statements</a></h2>
-    <p><code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code> supports SQL prepared statements on behalf
-    of modules that may wish to use them.  Each prepared statement
-    must be assigned a name (label), and they are stored in a hash:
-    the <code>prepared</code> field of an <code>ap_dbd_t</code>.
-    Hash entries are of type <code>apr_dbd_prepared_t</code>
-    and can be used in any of the apr_dbd prepared statement
-    SQL query or select commands.</p>
-
-    <p>It is up to dbd user modules to use the prepared statements
-    and document what statements can be specified in httpd.conf,
-    or to provide their own directives and use <code>ap_dbd_prepare</code>.</p>
-	
-	<div class="warning"><h3>Caveat</h3>
-	When using prepared statements with a MySQL database, it is preferred to set
-	<code>reconnect</code> to 0 in the connection string as to avoid errors that
-	arise from the MySQL client reconnecting without properly resetting the
-	prepared statements. If set to 1, any broken connections will be attempted
-	fixed, but as mod_dbd is not informed, the prepared statements will be invalidated.
-	</div>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="security" id="security">SECURITY WARNING</a></h2>
-
-    <p>Any web/database application needs to secure itself against SQL
-    injection attacks.  In most cases, Apache DBD is safe, because
-    applications use prepared statements, and untrusted inputs are
-    only ever used as data.  Of course, if you use it via third-party
-    modules, you should ascertain what precautions they may require.</p>
-    <p>However, the <var>FreeTDS</var> driver is inherently
-    <strong>unsafe</strong>.  The underlying library doesn't support
-    prepared statements, so the driver emulates them, and the
-    untrusted input is merged into the SQL statement.</p>
-    <p>It can be made safe by <em>untainting</em> all inputs:
-    a process inspired by Perl's taint checking.  Each input
-    is matched against a regexp, and only the match is used,
-    according to the Perl idiom:</p>
-    <div class="example"><pre><code>  $untrusted =~ /([a-z]+)/;
-  $trusted = $1;</code></pre></div>
-    <p>To use this, the untainting regexps must be included in the
-    prepared statements configured.  The regexp follows immediately
-    after the % in the prepared statement, and is enclosed in
-    curly brackets {}.  For example, if your application expects
-    alphanumeric input, you can use:</p>
-    <div class="example"><p><code>
-       <code>"SELECT foo FROM bar WHERE input = %s"</code>
-    </code></p></div>
-    <p>with other drivers, and suffer nothing worse than a failed query.
-    But with FreeTDS you'd need:</p>
-    <div class="example"><p><code>
-       <code>"SELECT foo FROM bar WHERE input = %{([A-Za-z0-9]+)}s"</code>
-    </code></p></div>
-    <p>Now anything that doesn't match the regexp's $1 match is
-    discarded, so the statement is safe.</p>
-    <p>An alternative to this may be the third-party ODBC driver,
-    which offers the security of genuine prepared statements.</p>
-</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_dbd.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_deflate.html.en b/docs/manual/mod/mod_deflate.html.en
index 41852d194b..b3fb927bb8 100644
--- a/docs/manual/mod/mod_deflate.html.en
+++ b/docs/manual/mod/mod_deflate.html.en
@@ -41,7 +41,14 @@ client</td></tr>
     your server to be compressed before being sent to the client over
     the network.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#recommended">Sample Configurations</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#enable">Enabling Compression</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#proxies">Dealing with proxy servers</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#precompressed">Serving pre-compressed
+content</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#deflatebuffersize">DeflateBufferSize</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#deflatecompressionlevel">DeflateCompressionLevel</a></li>
@@ -52,18 +59,177 @@ client</td></tr>
 <li><img alt="" src="../images/down.gif" /> <a href="#deflatememlevel">DeflateMemLevel</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#deflatewindowsize">DeflateWindowSize</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#recommended">Sample Configurations</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#enable">Enabling Compression</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#proxies">Dealing with proxy servers</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#precompressed">Serving pre-compressed
-content</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><a href="../filter.html">Filters</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="recommended" id="recommended">Sample Configurations</a></h2>
+    <div class="warning"><h3>Compression and TLS</h3>
+        <p>Some web applications are vulnerable to an information disclosure
+        attack when a TLS connection carries deflate compressed data. For more
+        information, review the details of the "BREACH" family of attacks.</p>
+    </div>
+    <p>This is a simple configuration that compresses common text-based content types.</p>
+
+    <div class="example"><h3>Compress only a few types</h3><pre class="prettyprint lang-config">AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript</pre>
+</div>
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="enable" id="enable">Enabling Compression</a></h2>
+    <div class="warning"><h3>Compression and TLS</h3>
+        <p>Some web applications are vulnerable to an information disclosure
+        attack when a TLS connection carries deflate compressed data. For more
+        information, review the details of the "BREACH" family of attacks.</p>
+    </div>
+
+    <h3><a name="output" id="output">Output Compression</a></h3>
+      <p>Compression is implemented by the <code>DEFLATE</code>
+      <a href="../filter.html">filter</a>. The following directive
+      will enable compression for documents in the container where it
+      is placed:</p>
+
+      <pre class="prettyprint lang-config">SetOutputFilter DEFLATE
+SetEnvIfNoCase Request_URI "\.(?:gif|jpe?g|png)$" no-gzip</pre>
+
+
+      <p>If you want to restrict the compression to particular MIME types
+      in general, you may use the <code class="directive"><a href="../mod/mod_filter.html#addoutputfilterbytype">AddOutputFilterByType</a></code> directive. Here is an example of
+      enabling compression only for the html files of the Apache
+      documentation:</p>
+
+      <pre class="prettyprint lang-config">&lt;Directory "/your-server-root/manual"&gt;
+    AddOutputFilterByType DEFLATE text/html
+&lt;/Directory&gt;</pre>
+
+
+      <div class="note"><h3>Note</h3>
+        The <code>DEFLATE</code> filter is always inserted after RESOURCE
+        filters like PHP or SSI. It never touches internal subrequests.
+      </div>
+      <div class="note"><h3>Note</h3>
+        There is an environment variable <code>force-gzip</code>,
+        set via <code class="directive"><a href="../mod/mod_env.html#setenv">SetEnv</a></code>, which
+        will ignore the accept-encoding setting of your browser and will
+        send compressed output.
+      </div>
+
+    
+    <h3><a name="inflate" id="inflate">Output Decompression</a></h3>
+      <p>The <code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code> module also provides a filter for
+      inflating/uncompressing a gzip compressed response body. In order to activate
+      this feature you have to insert the <code>INFLATE</code> filter into
+      the output filter chain using <code class="directive"><a href="../mod/core.html#setoutputfilter">SetOutputFilter</a></code> or <code class="directive"><a href="../mod/mod_mime.html#addoutputfilter">AddOutputFilter</a></code>, for example:</p>
+
+      <pre class="prettyprint lang-config">&lt;Location "/dav-area"&gt;
+    ProxyPass "http://example.com/"
+    SetOutputFilter INFLATE
+&lt;/Location&gt;</pre>
+
+
+      <p>This Example will uncompress gzip'ed output from example.com, so other
+      filters can do further processing with it.
+      </p>
+
+    
+    <h3><a name="input" id="input">Input Decompression</a></h3>
+      <p>The <code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code> module also provides a filter for
+      decompressing a gzip compressed request body . In order to activate
+      this feature you have to insert the <code>DEFLATE</code> filter into
+      the input filter chain using <code class="directive"><a href="../mod/core.html#setinputfilter">SetInputFilter</a></code> or <code class="directive"><a href="../mod/mod_mime.html#addinputfilter">AddInputFilter</a></code>, for example:</p>
+
+      <pre class="prettyprint lang-config">&lt;Location "/dav-area"&gt;
+    SetInputFilter DEFLATE
+&lt;/Location&gt;</pre>
+
+
+      <p>Now if a request contains a <code>Content-Encoding:
+      gzip</code> header, the body will be automatically decompressed.
+      Few browsers have the ability to gzip request bodies. However,
+      some special applications actually do support request
+      compression, for instance some <a href="http://www.webdav.org">WebDAV</a> clients.</p>
+
+      <div class="warning"><h3>Note on Content-Length</h3>
+        <p>If you evaluate the request body yourself, <em>don't trust
+        the <code>Content-Length</code> header!</em>
+        The Content-Length header reflects the length of the
+        incoming data from the client and <em>not</em> the byte count of
+        the decompressed data stream.</p>
+      </div>
+    
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="proxies" id="proxies">Dealing with proxy servers</a></h2>
+
+    <p>The <code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code> module sends a <code>Vary:
+    Accept-Encoding</code> HTTP response header to alert proxies that
+    a cached response should be sent only to clients that send the
+    appropriate <code>Accept-Encoding</code> request header.  This
+    prevents compressed content from being sent to a client that will
+    not understand it.</p>
+
+    <p>If you use some special exclusions dependent
+    on, for example, the <code>User-Agent</code> header, you must
+    manually configure an addition to the <code>Vary</code> header
+    to alert proxies of the additional restrictions.  For example,
+    in a typical configuration where the addition of the <code>DEFLATE</code>
+    filter depends on the <code>User-Agent</code>, you should add:</p>
+
+    <pre class="prettyprint lang-config">Header append Vary User-Agent</pre>
+
+
+    <p>If your decision about compression depends on other information
+    than request headers (<em>e.g.</em> HTTP version), you have to set the
+    <code>Vary</code> header to the value <code>*</code>. This prevents
+    compliant proxies from caching entirely.</p>
+
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">Header set Vary *</pre>
+</div>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="precompressed" id="precompressed">Serving pre-compressed
+content</a></h2>
+
+    <p>Since <code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code> re-compresses content each 
+    time a request is made, some performance benefit can be derived by
+    pre-compressing the content and telling mod_deflate to serve them
+    without re-compressing them. This may be accomplished using a
+    configuration like the following:</p>
+
+    <pre class="prettyprint lang-config">&lt;IfModule mod_headers.c&gt;
+    # Serve gzip compressed CSS files if they exist 
+    # and the client accepts gzip.
+    RewriteCond "%{HTTP:Accept-encoding}" "gzip"
+    RewriteCond "%{REQUEST_FILENAME}\.gz" -s
+    RewriteRule "^(.*)\.css" "$1\.css\.gz" [QSA]
+
+    # Serve gzip compressed JS files if they exist 
+    # and the client accepts gzip.
+    RewriteCond "%{HTTP:Accept-encoding}" "gzip"
+    RewriteCond "%{REQUEST_FILENAME}\.gz" -s
+    RewriteRule "^(.*)\.js" "$1\.js\.gz" [QSA]
+
+
+    # Serve correct content types, and prevent mod_deflate double gzip.
+    RewriteRule "\.css\.gz$" "-" [T=text/css,E=no-gzip:1]
+    RewriteRule "\.js\.gz$" "-" [T=text/javascript,E=no-gzip:1]
+
+
+    &lt;FilesMatch "(\.js\.gz|\.css\.gz)$"&gt;
+      # Serve correct encoding type.
+      Header append Content-Encoding gzip
+
+      # Force proxies to cache gzipped &amp; 
+      # non-gzipped css/js files separately.
+      Header append Vary Accept-Encoding
+    &lt;/FilesMatch&gt;
+&lt;/IfModule&gt;</pre>
+
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="DeflateBufferSize" id="DeflateBufferSize">DeflateBufferSize</a> <a name="deflatebuffersize" id="deflatebuffersize">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Fragment size to be compressed at one time by zlib</td></tr>
@@ -231,172 +397,6 @@ CustomLog "logs/deflate_log" deflate</pre>
     zlib compression window size (a value between 1 and 15). Generally, the
     higher the window size, the higher can the compression ratio be expected.</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="recommended" id="recommended">Sample Configurations</a></h2>
-    <div class="warning"><h3>Compression and TLS</h3>
-        <p>Some web applications are vulnerable to an information disclosure
-        attack when a TLS connection carries deflate compressed data. For more
-        information, review the details of the "BREACH" family of attacks.</p>
-    </div>
-    <p>This is a simple configuration that compresses common text-based content types.</p>
-
-    <div class="example"><h3>Compress only a few types</h3><pre class="prettyprint lang-config">AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript</pre>
-</div>
-
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="enable" id="enable">Enabling Compression</a></h2>
-    <div class="warning"><h3>Compression and TLS</h3>
-        <p>Some web applications are vulnerable to an information disclosure
-        attack when a TLS connection carries deflate compressed data. For more
-        information, review the details of the "BREACH" family of attacks.</p>
-    </div>
-
-    <h3><a name="output" id="output">Output Compression</a></h3>
-      <p>Compression is implemented by the <code>DEFLATE</code>
-      <a href="../filter.html">filter</a>. The following directive
-      will enable compression for documents in the container where it
-      is placed:</p>
-
-      <pre class="prettyprint lang-config">SetOutputFilter DEFLATE
-SetEnvIfNoCase Request_URI "\.(?:gif|jpe?g|png)$" no-gzip</pre>
-
-
-      <p>If you want to restrict the compression to particular MIME types
-      in general, you may use the <code class="directive"><a href="../mod/mod_filter.html#addoutputfilterbytype">AddOutputFilterByType</a></code> directive. Here is an example of
-      enabling compression only for the html files of the Apache
-      documentation:</p>
-
-      <pre class="prettyprint lang-config">&lt;Directory "/your-server-root/manual"&gt;
-    AddOutputFilterByType DEFLATE text/html
-&lt;/Directory&gt;</pre>
-
-
-      <div class="note"><h3>Note</h3>
-        The <code>DEFLATE</code> filter is always inserted after RESOURCE
-        filters like PHP or SSI. It never touches internal subrequests.
-      </div>
-      <div class="note"><h3>Note</h3>
-        There is an environment variable <code>force-gzip</code>,
-        set via <code class="directive"><a href="../mod/mod_env.html#setenv">SetEnv</a></code>, which
-        will ignore the accept-encoding setting of your browser and will
-        send compressed output.
-      </div>
-
-    
-    <h3><a name="inflate" id="inflate">Output Decompression</a></h3>
-      <p>The <code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code> module also provides a filter for
-      inflating/uncompressing a gzip compressed response body. In order to activate
-      this feature you have to insert the <code>INFLATE</code> filter into
-      the output filter chain using <code class="directive"><a href="../mod/core.html#setoutputfilter">SetOutputFilter</a></code> or <code class="directive"><a href="../mod/mod_mime.html#addoutputfilter">AddOutputFilter</a></code>, for example:</p>
-
-      <pre class="prettyprint lang-config">&lt;Location "/dav-area"&gt;
-    ProxyPass "http://example.com/"
-    SetOutputFilter INFLATE
-&lt;/Location&gt;</pre>
-
-
-      <p>This Example will uncompress gzip'ed output from example.com, so other
-      filters can do further processing with it.
-      </p>
-
-    
-    <h3><a name="input" id="input">Input Decompression</a></h3>
-      <p>The <code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code> module also provides a filter for
-      decompressing a gzip compressed request body . In order to activate
-      this feature you have to insert the <code>DEFLATE</code> filter into
-      the input filter chain using <code class="directive"><a href="../mod/core.html#setinputfilter">SetInputFilter</a></code> or <code class="directive"><a href="../mod/mod_mime.html#addinputfilter">AddInputFilter</a></code>, for example:</p>
-
-      <pre class="prettyprint lang-config">&lt;Location "/dav-area"&gt;
-    SetInputFilter DEFLATE
-&lt;/Location&gt;</pre>
-
-
-      <p>Now if a request contains a <code>Content-Encoding:
-      gzip</code> header, the body will be automatically decompressed.
-      Few browsers have the ability to gzip request bodies. However,
-      some special applications actually do support request
-      compression, for instance some <a href="http://www.webdav.org">WebDAV</a> clients.</p>
-
-      <div class="warning"><h3>Note on Content-Length</h3>
-        <p>If you evaluate the request body yourself, <em>don't trust
-        the <code>Content-Length</code> header!</em>
-        The Content-Length header reflects the length of the
-        incoming data from the client and <em>not</em> the byte count of
-        the decompressed data stream.</p>
-      </div>
-    
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="proxies" id="proxies">Dealing with proxy servers</a></h2>
-
-    <p>The <code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code> module sends a <code>Vary:
-    Accept-Encoding</code> HTTP response header to alert proxies that
-    a cached response should be sent only to clients that send the
-    appropriate <code>Accept-Encoding</code> request header.  This
-    prevents compressed content from being sent to a client that will
-    not understand it.</p>
-
-    <p>If you use some special exclusions dependent
-    on, for example, the <code>User-Agent</code> header, you must
-    manually configure an addition to the <code>Vary</code> header
-    to alert proxies of the additional restrictions.  For example,
-    in a typical configuration where the addition of the <code>DEFLATE</code>
-    filter depends on the <code>User-Agent</code>, you should add:</p>
-
-    <pre class="prettyprint lang-config">Header append Vary User-Agent</pre>
-
-
-    <p>If your decision about compression depends on other information
-    than request headers (<em>e.g.</em> HTTP version), you have to set the
-    <code>Vary</code> header to the value <code>*</code>. This prevents
-    compliant proxies from caching entirely.</p>
-
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">Header set Vary *</pre>
-</div>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="precompressed" id="precompressed">Serving pre-compressed
-content</a></h2>
-
-    <p>Since <code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code> re-compresses content each 
-    time a request is made, some performance benefit can be derived by
-    pre-compressing the content and telling mod_deflate to serve them
-    without re-compressing them. This may be accomplished using a
-    configuration like the following:</p>
-
-    <pre class="prettyprint lang-config">&lt;IfModule mod_headers.c&gt;
-    # Serve gzip compressed CSS files if they exist 
-    # and the client accepts gzip.
-    RewriteCond "%{HTTP:Accept-encoding}" "gzip"
-    RewriteCond "%{REQUEST_FILENAME}\.gz" -s
-    RewriteRule "^(.*)\.css" "$1\.css\.gz" [QSA]
-
-    # Serve gzip compressed JS files if they exist 
-    # and the client accepts gzip.
-    RewriteCond "%{HTTP:Accept-encoding}" "gzip"
-    RewriteCond "%{REQUEST_FILENAME}\.gz" -s
-    RewriteRule "^(.*)\.js" "$1\.js\.gz" [QSA]
-
-
-    # Serve correct content types, and prevent mod_deflate double gzip.
-    RewriteRule "\.css\.gz$" "-" [T=text/css,E=no-gzip:1]
-    RewriteRule "\.js\.gz$" "-" [T=text/javascript,E=no-gzip:1]
-
-
-    &lt;FilesMatch "(\.js\.gz|\.css\.gz)$"&gt;
-      # Serve correct encoding type.
-      Header append Content-Encoding gzip
-
-      # Force proxies to cache gzipped &amp; 
-      # non-gzipped css/js files separately.
-      Header append Vary Accept-Encoding
-    &lt;/FilesMatch&gt;
-&lt;/IfModule&gt;</pre>
-
-
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_dialup.html.en b/docs/manual/mod/mod_dialup.html.en
index 16524cd712..c08fca1d87 100644
--- a/docs/manual/mod/mod_dialup.html.en
+++ b/docs/manual/mod/mod_dialup.html.en
@@ -53,6 +53,7 @@ once the timer hits.  From there the handler can continue to send data to the cl
 <li><img alt="" src="../images/down.gif" /> <a href="#modemstandard">ModemStandard</a></li>
 </ul>
 <ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="ModemStandard" id="ModemStandard">ModemStandard</a> <a name="modemstandard" id="modemstandard">Directive</a></h2>
 <table class="directive">
@@ -71,7 +72,6 @@ once the timer hits.  From there the handler can continue to send data to the cl
 
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_dialup.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_dir.html.en b/docs/manual/mod/mod_dir.html.en
index 7139b54edc..59bfc3faf6 100644
--- a/docs/manual/mod/mod_dir.html.en
+++ b/docs/manual/mod/mod_dir.html.en
@@ -68,6 +68,7 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#fallbackresource">FallbackResource</a></li>
 </ul>
 <ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="DirectoryCheckHandler" id="DirectoryCheckHandler">DirectoryCheckHandler</a> <a name="directorycheckhandler" id="directorycheckhandler">Directive</a></h2>
 <table class="directive">
@@ -306,7 +307,6 @@ later</td></tr>
 
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_dir.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_dumpio.html.en b/docs/manual/mod/mod_dumpio.html.en
index 8b608cf29e..462b2594b0 100644
--- a/docs/manual/mod/mod_dumpio.html.en
+++ b/docs/manual/mod/mod_dumpio.html.en
@@ -44,15 +44,29 @@
     be expected, this can produce extreme volumes of data,
     and should only be used when debugging problems.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#enable">Enabling dumpio Support</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#dumpioinput">DumpIOInput</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#dumpiooutput">DumpIOOutput</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#enable">Enabling dumpio Support</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="enable" id="enable">Enabling dumpio Support</a></h2>
+    
+
+    <p>To enable the module, it should be compiled and loaded
+    in to your running Apache configuration. Logging can then
+    be enabled or disabled separately for input and output via
+    the below directives.  Additionally, <code class="module"><a href="../mod/mod_dumpio.html">mod_dumpio</a></code>
+    needs to be configured to <code class="directive"><a href="../mod/core.html#loglevel">LogLevel</a></code> <code>trace7</code>:
+    </p>
+    <pre class="prettyprint lang-config">LogLevel dumpio:trace7</pre>
+
+</div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="DumpIOInput" id="DumpIOInput">DumpIOInput</a> <a name="dumpioinput" id="dumpioinput">Directive</a></h2>
 <table class="directive">
@@ -88,20 +102,6 @@ later.</td></tr>
     <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">DumpIOOutput On</pre>
 </div>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="enable" id="enable">Enabling dumpio Support</a></h2>
-    
-
-    <p>To enable the module, it should be compiled and loaded
-    in to your running Apache configuration. Logging can then
-    be enabled or disabled separately for input and output via
-    the below directives.  Additionally, <code class="module"><a href="../mod/mod_dumpio.html">mod_dumpio</a></code>
-    needs to be configured to <code class="directive"><a href="../mod/core.html#loglevel">LogLevel</a></code> <code>trace7</code>:
-    </p>
-    <pre class="prettyprint lang-config">LogLevel dumpio:trace7</pre>
-
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_echo.html.en b/docs/manual/mod/mod_echo.html.en
index 429c7727c6..306cf5f00c 100644
--- a/docs/manual/mod/mod_echo.html.en
+++ b/docs/manual/mod/mod_echo.html.en
@@ -45,6 +45,7 @@ modules</td></tr>
 <li><img alt="" src="../images/down.gif" /> <a href="#protocolecho">ProtocolEcho</a></li>
 </ul>
 <ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="ProtocolEcho" id="ProtocolEcho">ProtocolEcho</a> <a name="protocolecho" id="protocolecho">Directive</a></h2>
 <table class="directive">
@@ -62,7 +63,6 @@ modules</td></tr>
 </div>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_echo.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_env.html.en b/docs/manual/mod/mod_env.html.en
index bc12efc1f9..3e932f632f 100644
--- a/docs/manual/mod/mod_env.html.en
+++ b/docs/manual/mod/mod_env.html.en
@@ -55,6 +55,7 @@ SSI pages</td></tr>
 <li><a href="../env.html">Environment Variables</a></li>
 <li><code class="directive"><a href="../mod/mod_setenvif.html#setenvif">SetEnvIf</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="PassEnv" id="PassEnv">PassEnv</a> <a name="passenv" id="passenv">Directive</a></h2>
 <table class="directive">
@@ -128,7 +129,6 @@ SSI pages</td></tr>
 </div>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_env.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_example_hooks.html.en b/docs/manual/mod/mod_example_hooks.html.en
index 10fc2328e7..187e3a2c73 100644
--- a/docs/manual/mod/mod_example_hooks.html.en
+++ b/docs/manual/mod/mod_example_hooks.html.en
@@ -50,35 +50,15 @@
     display of some of the tracing the example module did as the
     various callbacks were made.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#example">Example</a></li>
-</ul>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#compiling">Compiling the example_hooks module</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#using">Using the <code>mod_example_hooks</code> Module</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="Example" id="Example">Example</a> <a name="example" id="example">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Demonstration directive to illustrate the Apache module
-API</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Example</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_example_hooks</td></tr>
-</table>
-    <p>The <code class="directive">Example</code> directive just sets a demonstration
-    flag which the example module's content handler displays. It
-    takes no arguments. If you browse to an URL to which the
-    example-hooks content-handler applies, you will get a display of the
-    routines within the module and how and in what order they were
-    called to service the document request. The effect of this
-    directive one can observe under the point "<code>Example
-    directive declared here: YES/NO</code>".</p>
-
-</div>
+</ul><h3 class="directives">Directives</h3>
+<ul id="toc">
+<li><img alt="" src="../images/down.gif" /> <a href="#example">Example</a></li>
+</ul>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="compiling" id="compiling">Compiling the example_hooks module</a></h2>
@@ -148,6 +128,26 @@ API</td></tr>
     to browse to this location and see the brief display mentioned
     earlier.</p>
 </div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="Example" id="Example">Example</a> <a name="example" id="example">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Demonstration directive to illustrate the Apache module
+API</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Example</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_example_hooks</td></tr>
+</table>
+    <p>The <code class="directive">Example</code> directive just sets a demonstration
+    flag which the example module's content handler displays. It
+    takes no arguments. If you browse to an URL to which the
+    example-hooks content-handler applies, you will get a display of the
+    routines within the module and how and in what order they were
+    called to service the document request. The effect of this
+    directive one can observe under the point "<code>Example
+    directive declared here: YES/NO</code>".</p>
+
+</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_example_hooks.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_expires.html.en b/docs/manual/mod/mod_expires.html.en
index 2802f87eec..7363bb1091 100644
--- a/docs/manual/mod/mod_expires.html.en
+++ b/docs/manual/mod/mod_expires.html.en
@@ -60,16 +60,73 @@ criteria</td></tr>
     proxied from an origin server, this module does not change or add
     an <code>Expires</code> or <code>Cache-Control</code> header.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#AltSyn">Alternate Interval Syntax</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#expiresactive">ExpiresActive</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#expiresbytype">ExpiresByType</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#expiresdefault">ExpiresDefault</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#AltSyn">Alternate Interval Syntax</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="AltSyn" id="AltSyn">Alternate Interval Syntax</a></h2>
+    <p>The <code class="directive"><a href="#expiresdefault">ExpiresDefault</a></code> and
+    <code class="directive"><a href="#expiresbytype">ExpiresByType</a></code> directives
+    can also be defined in a more readable syntax of the form:</p>
+
+    <pre class="prettyprint lang-config">ExpiresDefault "<var>base</var>  [plus <var>num</var> <var>type</var>] [<var>num</var> <var>type</var>] ..."
+ExpiresByType type/encoding "<var>base</var>  [plus <var>num</var> <var>type</var>] [<var>num</var> <var>type</var>] ..."</pre>
+
+
+    <p>where <var>base</var> is one of:</p>
+
+    <ul>
+      <li><code>access</code></li>
+
+      <li><code>now</code> (equivalent to
+      '<code>access</code>')</li>
+
+      <li><code>modification</code></li>
+    </ul>
+
+    <p>The <code>plus</code> keyword is optional. <var>num</var>
+    should be an integer value [acceptable to <code>atoi()</code>],
+    and <var>type</var> is one of:</p>
+
+    <ul>
+      <li><code>years</code></li>
+      <li><code>months</code></li>
+      <li><code>weeks</code></li>
+      <li><code>days</code></li>
+      <li><code>hours</code></li>
+      <li><code>minutes</code></li>
+      <li><code>seconds</code></li>
+    </ul>
+
+    <p>For example, any of the following directives can be used to
+    make documents expire 1 month after being accessed, by
+    default:</p>
+
+    <pre class="prettyprint lang-config">ExpiresDefault "access plus 1 month"
+ExpiresDefault "access plus 4 weeks"
+ExpiresDefault "access plus 30 days"</pre>
+
+
+    <p>The expiry time can be fine-tuned by adding several
+    '<var>num</var> <var>type</var>' clauses:</p>
+
+    <pre class="prettyprint lang-config">ExpiresByType text/html "access plus 1 month 15 days 2 hours"
+ExpiresByType image/gif "modification plus 5 hours 3 minutes"</pre>
+
+
+    <p>Note that if you use a modification date based setting, the
+    Expires header will <strong>not</strong> be added to content
+    that does not come from a file on disk. This is due to the fact
+    that there is no modification time for such content.</p>
+</div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="ExpiresActive" id="ExpiresActive">ExpiresActive</a> <a name="expiresactive" id="expiresactive">Directive</a></h2>
 <table class="directive">
@@ -180,63 +237,6 @@ ExpiresByType text/html M604800</pre>
     description as well.</p>
 
 </div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="AltSyn" id="AltSyn">Alternate Interval Syntax</a></h2>
-    <p>The <code class="directive"><a href="#expiresdefault">ExpiresDefault</a></code> and
-    <code class="directive"><a href="#expiresbytype">ExpiresByType</a></code> directives
-    can also be defined in a more readable syntax of the form:</p>
-
-    <pre class="prettyprint lang-config">ExpiresDefault "<var>base</var>  [plus <var>num</var> <var>type</var>] [<var>num</var> <var>type</var>] ..."
-ExpiresByType type/encoding "<var>base</var>  [plus <var>num</var> <var>type</var>] [<var>num</var> <var>type</var>] ..."</pre>
-
-
-    <p>where <var>base</var> is one of:</p>
-
-    <ul>
-      <li><code>access</code></li>
-
-      <li><code>now</code> (equivalent to
-      '<code>access</code>')</li>
-
-      <li><code>modification</code></li>
-    </ul>
-
-    <p>The <code>plus</code> keyword is optional. <var>num</var>
-    should be an integer value [acceptable to <code>atoi()</code>],
-    and <var>type</var> is one of:</p>
-
-    <ul>
-      <li><code>years</code></li>
-      <li><code>months</code></li>
-      <li><code>weeks</code></li>
-      <li><code>days</code></li>
-      <li><code>hours</code></li>
-      <li><code>minutes</code></li>
-      <li><code>seconds</code></li>
-    </ul>
-
-    <p>For example, any of the following directives can be used to
-    make documents expire 1 month after being accessed, by
-    default:</p>
-
-    <pre class="prettyprint lang-config">ExpiresDefault "access plus 1 month"
-ExpiresDefault "access plus 4 weeks"
-ExpiresDefault "access plus 30 days"</pre>
-
-
-    <p>The expiry time can be fine-tuned by adding several
-    '<var>num</var> <var>type</var>' clauses:</p>
-
-    <pre class="prettyprint lang-config">ExpiresByType text/html "access plus 1 month 15 days 2 hours"
-ExpiresByType image/gif "modification plus 5 hours 3 minutes"</pre>
-
-
-    <p>Note that if you use a modification date based setting, the
-    Expires header will <strong>not</strong> be added to content
-    that does not come from a file on disk. This is due to the fact
-    that there is no modification time for such content.</p>
-</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_expires.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_ext_filter.html.en b/docs/manual/mod/mod_ext_filter.html.en
index 1160b11bcd..f5a87d8521 100644
--- a/docs/manual/mod/mod_ext_filter.html.en
+++ b/docs/manual/mod/mod_ext_filter.html.en
@@ -61,19 +61,143 @@ delivery to the client</td></tr>
     a prototype environment for filters.</p>
 
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#extfilterdefine">ExtFilterDefine</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#extfilteroptions">ExtFilterOptions</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><a href="../filter.html">Filters</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="examples" id="examples">Examples</a></h2>
+
+    <h3>Generating HTML from some other type of response</h3>
+      <pre class="prettyprint lang-config"># mod_ext_filter directive to define a filter
+# to HTML-ize text/c files using the external
+# program /usr/bin/enscript, with the type of
+# the result set to text/html
+ExtFilterDefine c-to-html mode=output \
+    intype=text/c outtype=text/html \
+    cmd="/usr/bin/enscript --color -W html -Ec -o - -"
+
+&lt;Directory "/export/home/trawick/apacheinst/htdocs/c"&gt;
+    # core directive to cause the new filter to
+    # be run on output
+    SetOutputFilter c-to-html
+    
+    # mod_mime directive to set the type of .c
+    # files to text/c
+    AddType text/c .c
+&lt;/Directory&gt;</pre>
+
+    
+
+    <h3>Implementing a content encoding filter</h3>
+      <p>Note: this gzip example is just for the purposes of illustration.
+      Please refer to <code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code> for a practical
+      implementation.</p>
+
+      <pre class="prettyprint lang-config"># mod_ext_filter directive to define the external filter
+ExtFilterDefine gzip mode=output cmd=/bin/gzip
+
+&lt;Location "/gzipped"&gt;
+    
+    # core directive to cause the gzip filter to be
+    # run on output
+    SetOutputFilter gzip
+    
+    # mod_headers directive to add
+    # "Content-Encoding: gzip" header field
+    Header set Content-Encoding gzip
+&lt;/Location&gt;</pre>
+
+    
+
+    <h3>Slowing down the server</h3>
+      <pre class="prettyprint lang-config"># mod_ext_filter directive to define a filter
+# which runs everything through cat; cat doesn't
+# modify anything; it just introduces extra pathlength
+# and consumes more resources
+ExtFilterDefine slowdown mode=output cmd=/bin/cat \
+    preservescontentlength
+
+&lt;Location "/"&gt;
+    # core directive to cause the slowdown filter to
+    # be run several times on output
+    #
+    SetOutputFilter slowdown;slowdown;slowdown
+&lt;/Location&gt;</pre>
+
+    
+
+    <h3>Using sed to replace text in the response</h3>
+      <pre class="prettyprint lang-config"># mod_ext_filter directive to define a filter which
+# replaces text in the response
+#
+ExtFilterDefine fixtext mode=output intype=text/html \
+    cmd="/bin/sed s/verdana/arial/g"
+
+&lt;Location "/"&gt;
+    # core directive to cause the fixtext filter to
+    # be run on output
+    SetOutputFilter fixtext
+&lt;/Location&gt;</pre>
+
+
+<div class="note">
+<p>You can do the same thing using <code class="module"><a href="../mod/mod_substitute.html">mod_substitute</a></code>
+without invoking an external process.</p>
+</div>
+    
+
+    <h3>Tracing another filter</h3>
+      <pre class="prettyprint lang-config"># Trace the data read and written by mod_deflate
+# for a particular client (IP 192.168.1.31)
+# experiencing compression problems.
+# This filter will trace what goes into mod_deflate.
+ExtFilterDefine tracebefore \
+    cmd="/bin/tracefilter.pl /tmp/tracebefore" \
+    EnableEnv=trace_this_client
+
+# This filter will trace what goes after mod_deflate.
+# Note that without the ftype parameter, the default
+# filter type of AP_FTYPE_RESOURCE would cause the
+# filter to be placed *before* mod_deflate in the filter
+# chain.  Giving it a numeric value slightly higher than
+# AP_FTYPE_CONTENT_SET will ensure that it is placed
+# after mod_deflate.
+ExtFilterDefine traceafter \
+    cmd="/bin/tracefilter.pl /tmp/traceafter" \
+    EnableEnv=trace_this_client ftype=21
+
+&lt;Directory "/usr/local/docs"&gt;
+    SetEnvIf Remote_Addr 192.168.1.31 trace_this_client
+    SetOutputFilter tracebefore;deflate;traceafter
+&lt;/Directory&gt;</pre>
+
+
+      <div class="example"><h3>Here is the filter which traces the data:</h3><pre class="prettyprint lang-perl">#!/usr/local/bin/perl -w
+use strict;
+
+open(SAVE, "&gt;$ARGV[0]")
+    or die "can't open $ARGV[0]: $?";
+
+while (&lt;STDIN&gt;) {
+    print SAVE $_;
+    print $_;
+}
+
+close(SAVE);</pre>
+</div>
+    
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="ExtFilterDefine" id="ExtFilterDefine">ExtFilterDefine</a> <a name="extfilterdefine" id="extfilterdefine">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Define an external filter</td></tr>
@@ -202,130 +326,6 @@ delivery to the client</td></tr>
     <p>Messages written to the filter's standard error will be stored
     in the Apache error log.</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="examples" id="examples">Examples</a></h2>
-
-    <h3>Generating HTML from some other type of response</h3>
-      <pre class="prettyprint lang-config"># mod_ext_filter directive to define a filter
-# to HTML-ize text/c files using the external
-# program /usr/bin/enscript, with the type of
-# the result set to text/html
-ExtFilterDefine c-to-html mode=output \
-    intype=text/c outtype=text/html \
-    cmd="/usr/bin/enscript --color -W html -Ec -o - -"
-
-&lt;Directory "/export/home/trawick/apacheinst/htdocs/c"&gt;
-    # core directive to cause the new filter to
-    # be run on output
-    SetOutputFilter c-to-html
-    
-    # mod_mime directive to set the type of .c
-    # files to text/c
-    AddType text/c .c
-&lt;/Directory&gt;</pre>
-
-    
-
-    <h3>Implementing a content encoding filter</h3>
-      <p>Note: this gzip example is just for the purposes of illustration.
-      Please refer to <code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code> for a practical
-      implementation.</p>
-
-      <pre class="prettyprint lang-config"># mod_ext_filter directive to define the external filter
-ExtFilterDefine gzip mode=output cmd=/bin/gzip
-
-&lt;Location "/gzipped"&gt;
-    
-    # core directive to cause the gzip filter to be
-    # run on output
-    SetOutputFilter gzip
-    
-    # mod_headers directive to add
-    # "Content-Encoding: gzip" header field
-    Header set Content-Encoding gzip
-&lt;/Location&gt;</pre>
-
-    
-
-    <h3>Slowing down the server</h3>
-      <pre class="prettyprint lang-config"># mod_ext_filter directive to define a filter
-# which runs everything through cat; cat doesn't
-# modify anything; it just introduces extra pathlength
-# and consumes more resources
-ExtFilterDefine slowdown mode=output cmd=/bin/cat \
-    preservescontentlength
-
-&lt;Location "/"&gt;
-    # core directive to cause the slowdown filter to
-    # be run several times on output
-    #
-    SetOutputFilter slowdown;slowdown;slowdown
-&lt;/Location&gt;</pre>
-
-    
-
-    <h3>Using sed to replace text in the response</h3>
-      <pre class="prettyprint lang-config"># mod_ext_filter directive to define a filter which
-# replaces text in the response
-#
-ExtFilterDefine fixtext mode=output intype=text/html \
-    cmd="/bin/sed s/verdana/arial/g"
-
-&lt;Location "/"&gt;
-    # core directive to cause the fixtext filter to
-    # be run on output
-    SetOutputFilter fixtext
-&lt;/Location&gt;</pre>
-
-
-<div class="note">
-<p>You can do the same thing using <code class="module"><a href="../mod/mod_substitute.html">mod_substitute</a></code>
-without invoking an external process.</p>
-</div>
-    
-
-    <h3>Tracing another filter</h3>
-      <pre class="prettyprint lang-config"># Trace the data read and written by mod_deflate
-# for a particular client (IP 192.168.1.31)
-# experiencing compression problems.
-# This filter will trace what goes into mod_deflate.
-ExtFilterDefine tracebefore \
-    cmd="/bin/tracefilter.pl /tmp/tracebefore" \
-    EnableEnv=trace_this_client
-
-# This filter will trace what goes after mod_deflate.
-# Note that without the ftype parameter, the default
-# filter type of AP_FTYPE_RESOURCE would cause the
-# filter to be placed *before* mod_deflate in the filter
-# chain.  Giving it a numeric value slightly higher than
-# AP_FTYPE_CONTENT_SET will ensure that it is placed
-# after mod_deflate.
-ExtFilterDefine traceafter \
-    cmd="/bin/tracefilter.pl /tmp/traceafter" \
-    EnableEnv=trace_this_client ftype=21
-
-&lt;Directory "/usr/local/docs"&gt;
-    SetEnvIf Remote_Addr 192.168.1.31 trace_this_client
-    SetOutputFilter tracebefore;deflate;traceafter
-&lt;/Directory&gt;</pre>
-
-
-      <div class="example"><h3>Here is the filter which traces the data:</h3><pre class="prettyprint lang-perl">#!/usr/local/bin/perl -w
-use strict;
-
-open(SAVE, "&gt;$ARGV[0]")
-    or die "can't open $ARGV[0]: $?";
-
-while (&lt;STDIN&gt;) {
-    print SAVE $_;
-    print $_;
-}
-
-close(SAVE);</pre>
-</div>
-    
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_file_cache.html.en b/docs/manual/mod/mod_file_cache.html.en
index ab0bbbdb3a..78707d1e1a 100644
--- a/docs/manual/mod/mod_file_cache.html.en
+++ b/docs/manual/mod/mod_file_cache.html.en
@@ -60,73 +60,15 @@
     <p>This module is an extension of and borrows heavily from the
     <code>mod_mmap_static</code> module in Apache 1.3.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#using">Using mod_file_cache</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#cachefile">CacheFile</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#mmapfile">MMapFile</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#using">Using mod_file_cache</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="CacheFile" id="CacheFile">CacheFile</a> <a name="cachefile" id="cachefile">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Cache a list of file handles at startup time</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>CacheFile <var>file-path</var> [<var>file-path</var>] ...</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_file_cache</td></tr>
-</table>
-    <p>The <code class="directive">CacheFile</code> directive opens handles to
-    one or more files (given as whitespace separated arguments) and
-    places these handles into the cache at server startup
-    time. Handles to cached files are automatically closed on a server
-    shutdown.  When the files have changed on the filesystem, the
-    server should be restarted to re-cache them.</p>
-
-    <p>Be careful with the <var>file-path</var> arguments: They have
-    to literally match the filesystem path Apache's URL-to-filename
-    translation handlers create. We cannot compare inodes or other
-    stuff to match paths through symbolic links <em>etc.</em>
-    because that again would cost extra <code>stat()</code> system
-    calls which is not acceptable. This module may or may not work
-    with filenames rewritten by <code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code> or
-    <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>.</p>
-
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">CacheFile /usr/local/apache/htdocs/index.html</pre>
-</div>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="MMapFile" id="MMapFile">MMapFile</a> <a name="mmapfile" id="mmapfile">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Map a list of files into memory at startup time</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MMapFile <var>file-path</var> [<var>file-path</var>] ...</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_file_cache</td></tr>
-</table>
-    <p>The <code class="directive">MMapFile</code> directive maps one or more files
-    (given as whitespace separated arguments) into memory at server
-    startup time. They are automatically unmapped on a server
-    shutdown. When the files have changed on the filesystem at
-    least a <code>HUP</code> or <code>USR1</code> signal should be send to
-    the server to re-<code>mmap()</code> them.</p>
-
-    <p>Be careful with the <var>file-path</var> arguments: They have
-    to literally match the filesystem path Apache's URL-to-filename
-    translation handlers create. We cannot compare inodes or other
-    stuff to match paths through symbolic links <em>etc.</em>
-    because that again would cost extra <code>stat()</code> system
-    calls which is not acceptable. This module may or may not work
-    with filenames rewritten by <code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code> or
-    <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>.</p>
-
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">MMapFile /usr/local/apache/htdocs/index.html</pre>
-</div>
-
-</div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="using" id="using">Using mod_file_cache</a></h2>
@@ -201,6 +143,64 @@
         | sed -e 's/.*/mmapfile &amp;/' &gt; /www/conf/mmap.conf
       </code></p></div>
     </div>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="CacheFile" id="CacheFile">CacheFile</a> <a name="cachefile" id="cachefile">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Cache a list of file handles at startup time</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>CacheFile <var>file-path</var> [<var>file-path</var>] ...</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_file_cache</td></tr>
+</table>
+    <p>The <code class="directive">CacheFile</code> directive opens handles to
+    one or more files (given as whitespace separated arguments) and
+    places these handles into the cache at server startup
+    time. Handles to cached files are automatically closed on a server
+    shutdown.  When the files have changed on the filesystem, the
+    server should be restarted to re-cache them.</p>
+
+    <p>Be careful with the <var>file-path</var> arguments: They have
+    to literally match the filesystem path Apache's URL-to-filename
+    translation handlers create. We cannot compare inodes or other
+    stuff to match paths through symbolic links <em>etc.</em>
+    because that again would cost extra <code>stat()</code> system
+    calls which is not acceptable. This module may or may not work
+    with filenames rewritten by <code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code> or
+    <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>.</p>
+
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">CacheFile /usr/local/apache/htdocs/index.html</pre>
+</div>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="MMapFile" id="MMapFile">MMapFile</a> <a name="mmapfile" id="mmapfile">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Map a list of files into memory at startup time</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MMapFile <var>file-path</var> [<var>file-path</var>] ...</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_file_cache</td></tr>
+</table>
+    <p>The <code class="directive">MMapFile</code> directive maps one or more files
+    (given as whitespace separated arguments) into memory at server
+    startup time. They are automatically unmapped on a server
+    shutdown. When the files have changed on the filesystem at
+    least a <code>HUP</code> or <code>USR1</code> signal should be send to
+    the server to re-<code>mmap()</code> them.</p>
+
+    <p>Be careful with the <var>file-path</var> arguments: They have
+    to literally match the filesystem path Apache's URL-to-filename
+    translation handlers create. We cannot compare inodes or other
+    stuff to match paths through symbolic links <em>etc.</em>
+    because that again would cost extra <code>stat()</code> system
+    calls which is not acceptable. This module may or may not work
+    with filenames rewritten by <code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code> or
+    <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>.</p>
+
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">MMapFile /usr/local/apache/htdocs/index.html</pre>
+</div>
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_filter.html.en b/docs/manual/mod/mod_filter.html.en
index 2880584819..ca91f26efa 100644
--- a/docs/manual/mod/mod_filter.html.en
+++ b/docs/manual/mod/mod_filter.html.en
@@ -46,16 +46,7 @@
     to <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code>; no change to existing filter modules is
     required (although it may be possible to simplify them).</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#addoutputfilterbytype">AddOutputFilterByType</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#filterchain">FilterChain</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#filterdeclare">FilterDeclare</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#filterprotocol">FilterProtocol</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#filterprovider">FilterProvider</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#filtertrace">FilterTrace</a></li>
-</ul>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#smart">Smart Filtering</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#terms">Filter Declarations, Providers and Chains</a></li>
@@ -64,7 +55,210 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#upgrade">Upgrading from Apache HTTP Server 2.2 Configuration</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#protocol">Protocol Handling</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+</ul><h3 class="directives">Directives</h3>
+<ul id="toc">
+<li><img alt="" src="../images/down.gif" /> <a href="#addoutputfilterbytype">AddOutputFilterByType</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#filterchain">FilterChain</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#filterdeclare">FilterDeclare</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#filterprotocol">FilterProtocol</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#filterprovider">FilterProvider</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#filtertrace">FilterTrace</a></li>
+</ul>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="smart" id="smart">Smart Filtering</a></h2>
+    <p>In the traditional filtering model, filters are inserted unconditionally
+    using <code class="directive"><a href="../mod/mod_mime.html#addoutputfilter">AddOutputFilter</a></code> and family.
+    Each filter then needs to determine whether to run, and there is little
+    flexibility available for server admins to allow the chain to be
+    configured dynamically.</p>
+
+    <p><code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code> by contrast gives server administrators a
+    great deal of flexibility in configuring the filter chain.  In fact,
+    filters can be inserted based on complex boolean
+    <a href="../expr.html">expressions</a> This generalises the limited
+    flexibility offered by <code class="directive">AddOutputFilterByType</code>.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="terms" id="terms">Filter Declarations, Providers and Chains</a></h2>
+    <p class="figure">
+    <img src="../images/mod_filter_old.gif" width="160" height="310" alt="[This image displays the traditional filter model]" /><br />
+    <dfn>Figure 1:</dfn> The traditional filter model</p>
+
+    <p>In the traditional model, output filters are a simple chain
+    from the content generator (handler) to the client.  This works well
+    provided the filter chain can be correctly configured, but presents
+    problems when the filters need to be configured dynamically based on
+    the outcome of the handler.</p>
+
+    <p class="figure">
+    <img src="../images/mod_filter_new.gif" width="423" height="331" alt="[This image shows the mod_filter model]" /><br />
+    <dfn>Figure 2:</dfn> The <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code> model</p>
+
+    <p><code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code> works by introducing indirection into
+    the filter chain.  Instead of inserting filters in the chain, we insert
+    a filter harness which in turn dispatches conditionally
+    to a filter provider.  Any content filter may be used as a provider
+    to <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code>; no change to existing filter modules
+    is required (although it may be possible to simplify them).  There can be
+    multiple providers for one filter, but no more than one provider will
+    run for any single request.</p>
+
+    <p>A filter chain comprises any number of instances of the filter
+    harness, each of which may have any number of providers.  A special
+    case is that of a single provider with unconditional dispatch: this
+    is equivalent to inserting the provider filter directly into the chain.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="config" id="config">Configuring the Chain</a></h2>
+    <p>There are three stages to configuring a filter chain with
+    <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code>. For details of the directives, see below.</p>
+
+    <dl>
+    <dt>Declare Filters</dt>
+    <dd>The <code class="directive"><a href="#filterdeclare">FilterDeclare</a></code> directive
+    declares a filter, assigning it a name and filter type.  Required
+    only if the filter is not the default type AP_FTYPE_RESOURCE.</dd>
+
+    <dt>Register Providers</dt>
+    <dd>The <code class="directive"><a href="#filterprovider">FilterProvider</a></code>
+    directive registers a provider with a filter. The filter may have
+    been declared with <code class="directive"><a href="#filterdeclare">FilterDeclare</a></code>; if not, FilterProvider will implicitly
+    declare it with the default type AP_FTYPE_RESOURCE. The provider
+    must have been
+    registered with <code>ap_register_output_filter</code> by some module.
+    The final argument to <code class="directive"><a href="#filterprovider">FilterProvider</a></code> is an expression: the provider will be
+    selected to run for a request if and only if the expression evaluates
+    to true.  The expression may evaluate HTTP request or response
+    headers, environment variables, or the Handler used by this request.
+    Unlike earlier versions, mod_filter now supports complex expressions
+    involving multiple criteria with AND / OR logic (&amp;&amp; / ||)
+    and brackets. The details of the expression syntax are described in
+    the <a href="../expr.html">ap_expr documentation</a>.</dd>
+
+    <dt>Configure the Chain</dt>
+    <dd>The above directives build components of a smart filter chain,
+    but do not configure it to run.  The <code class="directive"><a href="#filterchain">FilterChain</a></code> directive builds a filter chain from smart
+    filters declared, offering the flexibility to insert filters at the
+    beginning or end of the chain, remove a filter, or clear the chain.</dd>
+</dl>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="errordocs" id="errordocs">Filtering and Response Status</a></h2>
+    <p>mod_filter normally only runs filters on responses with
+    HTTP status 200 (OK).  If you want to filter documents with
+    other response statuses, you can set the <var>filter-errordocs</var>
+    environment variable, and it will work on all responses
+    regardless of status.  To refine this further, you can use
+    expression conditions with <code class="directive">FilterProvider</code>.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="upgrade" id="upgrade">Upgrading from Apache HTTP Server 2.2 Configuration</a></h2>
+    <p>The <code class="directive"><a href="#filterprovider">FilterProvider</a></code>
+    directive has changed from httpd 2.2: the <var>match</var> and
+    <var>dispatch</var> arguments are replaced with a single but
+    more versatile <var>expression</var>.  In general, you can convert
+    a match/dispatch pair to the two sides of an expression, using
+    something like:</p>
+    <div class="example"><p><code>"dispatch = 'match'"</code></p></div>
+    <p>The Request headers, Response headers and Environment variables
+    are now interpreted from syntax <var>%{req:foo}</var>,
+    <var>%{resp:foo}</var> and <var>%{env:foo}</var> respectively.
+    The variables <var>%{HANDLER}</var> and <var>%{CONTENT_TYPE}</var>
+    are also supported.</p>
+    <p>Note that the match no longer support substring matches.  They can be
+    replaced by regular expression matches.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="examples" id="examples">Examples</a></h2>
+    <dl>
+    <dt>Server side Includes (SSI)</dt>
+    <dd>A simple case of replacing <code class="directive">AddOutputFilterByType</code>
+    <pre class="prettyprint lang-config">FilterDeclare SSI
+FilterProvider SSI INCLUDES "%{CONTENT_TYPE} =~ m|^text/html|"
+FilterChain SSI</pre>
+
+    </dd>
+
+    <dt>Server side Includes (SSI)</dt>
+    <dd>The same as the above but dispatching on handler (classic
+    SSI behaviour; .shtml files get processed).
+    <pre class="prettyprint lang-config">FilterProvider SSI INCLUDES "%{HANDLER} = 'server-parsed'"
+FilterChain SSI</pre>
+
+    </dd>
+
+    <dt>Emulating mod_gzip with mod_deflate</dt>
+    <dd>Insert INFLATE filter only if "gzip" is NOT in the
+    Accept-Encoding header.  This filter runs with ftype CONTENT_SET.
+    <pre class="prettyprint lang-config">FilterDeclare gzip CONTENT_SET
+FilterProvider gzip inflate "%{req:Accept-Encoding} !~ /gzip/"
+FilterChain gzip</pre>
+
+    </dd>
+
+    <dt>Image Downsampling</dt>
+    <dd>Suppose we want to downsample all web images, and have filters
+    for GIF, JPEG and PNG.
+    <pre class="prettyprint lang-config">FilterProvider unpack jpeg_unpack "%{CONTENT_TYPE} = 'image/jpeg'"
+FilterProvider unpack gif_unpack "%{CONTENT_TYPE} = 'image/gif'"
+FilterProvider unpack png_unpack "%{CONTENT_TYPE} = 'image/png'"
+
+FilterProvider downsample downsample_filter "%{CONTENT_TYPE} = m|^image/(jpeg|gif|png)|"
+FilterProtocol downsample "change=yes"
+
+FilterProvider repack jpeg_pack "%{CONTENT_TYPE} = 'image/jpeg'"
+FilterProvider repack gif_pack "%{CONTENT_TYPE} = 'image/gif'"
+FilterProvider repack png_pack "%{CONTENT_TYPE} = 'image/png'"
+&lt;Location "/image-filter"&gt;
+    FilterChain unpack downsample repack
+&lt;/Location&gt;</pre>
+
+    </dd>
+    </dl>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="protocol" id="protocol">Protocol Handling</a></h2>
+    <p>Historically, each filter is responsible for ensuring that whatever
+    changes it makes are correctly represented in the HTTP response headers,
+    and that it does not run when it would make an illegal change.  This
+    imposes a burden on filter authors to re-implement some common
+    functionality in every filter:</p>
+
+    <ul>
+    <li>Many filters will change the content, invalidating existing content
+    tags, checksums, hashes, and lengths.</li>
+
+    <li>Filters that require an entire, unbroken response in input need to
+    ensure they don't get byteranges from a backend.</li>
+
+    <li>Filters that transform output in a filter need to ensure they don't
+    violate a <code>Cache-Control: no-transform</code> header from the
+    backend.</li>
+
+    <li>Filters may make responses uncacheable.</li>
+    </ul>
+
+    <p><code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code> aims to offer generic handling of these
+    details of filter implementation, reducing the complexity required of
+    content filter modules. This is work-in-progress; the
+    <code class="directive"><a href="#filterprotocol">FilterProtocol</a></code> implements
+    some of this functionality for back-compatibility with Apache 2.0
+    modules.  For httpd 2.1 and later, the
+    <code>ap_register_output_filter_protocol</code> and
+    <code>ap_filter_protocol</code> API enables filter modules to
+    declare their own behaviour.</p>
+
+    <p>At the same time, <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code> should not interfere
+    with a filter that wants to handle all aspects of the protocol.  By
+    default (i.e. in the absence of any <code class="directive"><a href="#filterprotocol">FilterProtocol</a></code> directives), <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code>
+    will leave the headers untouched.</p>
+
+    <p>At the time of writing, this feature is largely untested,
+    as modules in common use are designed to work with 2.0.
+    Modules using it should test it carefully.</p>
+</div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="AddOutputFilterByType" id="AddOutputFilterByType">AddOutputFilterByType</a> <a name="addoutputfilterbytype" id="addoutputfilterbytype">Directive</a></h2>
 <table class="directive">
@@ -296,200 +490,6 @@ for a complete reference and examples.</li>
     </dl>
 
 </div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="smart" id="smart">Smart Filtering</a></h2>
-    <p>In the traditional filtering model, filters are inserted unconditionally
-    using <code class="directive"><a href="../mod/mod_mime.html#addoutputfilter">AddOutputFilter</a></code> and family.
-    Each filter then needs to determine whether to run, and there is little
-    flexibility available for server admins to allow the chain to be
-    configured dynamically.</p>
-
-    <p><code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code> by contrast gives server administrators a
-    great deal of flexibility in configuring the filter chain.  In fact,
-    filters can be inserted based on complex boolean
-    <a href="../expr.html">expressions</a> This generalises the limited
-    flexibility offered by <code class="directive">AddOutputFilterByType</code>.</p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="terms" id="terms">Filter Declarations, Providers and Chains</a></h2>
-    <p class="figure">
-    <img src="../images/mod_filter_old.gif" width="160" height="310" alt="[This image displays the traditional filter model]" /><br />
-    <dfn>Figure 1:</dfn> The traditional filter model</p>
-
-    <p>In the traditional model, output filters are a simple chain
-    from the content generator (handler) to the client.  This works well
-    provided the filter chain can be correctly configured, but presents
-    problems when the filters need to be configured dynamically based on
-    the outcome of the handler.</p>
-
-    <p class="figure">
-    <img src="../images/mod_filter_new.gif" width="423" height="331" alt="[This image shows the mod_filter model]" /><br />
-    <dfn>Figure 2:</dfn> The <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code> model</p>
-
-    <p><code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code> works by introducing indirection into
-    the filter chain.  Instead of inserting filters in the chain, we insert
-    a filter harness which in turn dispatches conditionally
-    to a filter provider.  Any content filter may be used as a provider
-    to <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code>; no change to existing filter modules
-    is required (although it may be possible to simplify them).  There can be
-    multiple providers for one filter, but no more than one provider will
-    run for any single request.</p>
-
-    <p>A filter chain comprises any number of instances of the filter
-    harness, each of which may have any number of providers.  A special
-    case is that of a single provider with unconditional dispatch: this
-    is equivalent to inserting the provider filter directly into the chain.</p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="config" id="config">Configuring the Chain</a></h2>
-    <p>There are three stages to configuring a filter chain with
-    <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code>. For details of the directives, see below.</p>
-
-    <dl>
-    <dt>Declare Filters</dt>
-    <dd>The <code class="directive"><a href="#filterdeclare">FilterDeclare</a></code> directive
-    declares a filter, assigning it a name and filter type.  Required
-    only if the filter is not the default type AP_FTYPE_RESOURCE.</dd>
-
-    <dt>Register Providers</dt>
-    <dd>The <code class="directive"><a href="#filterprovider">FilterProvider</a></code>
-    directive registers a provider with a filter. The filter may have
-    been declared with <code class="directive"><a href="#filterdeclare">FilterDeclare</a></code>; if not, FilterProvider will implicitly
-    declare it with the default type AP_FTYPE_RESOURCE. The provider
-    must have been
-    registered with <code>ap_register_output_filter</code> by some module.
-    The final argument to <code class="directive"><a href="#filterprovider">FilterProvider</a></code> is an expression: the provider will be
-    selected to run for a request if and only if the expression evaluates
-    to true.  The expression may evaluate HTTP request or response
-    headers, environment variables, or the Handler used by this request.
-    Unlike earlier versions, mod_filter now supports complex expressions
-    involving multiple criteria with AND / OR logic (&amp;&amp; / ||)
-    and brackets. The details of the expression syntax are described in
-    the <a href="../expr.html">ap_expr documentation</a>.</dd>
-
-    <dt>Configure the Chain</dt>
-    <dd>The above directives build components of a smart filter chain,
-    but do not configure it to run.  The <code class="directive"><a href="#filterchain">FilterChain</a></code> directive builds a filter chain from smart
-    filters declared, offering the flexibility to insert filters at the
-    beginning or end of the chain, remove a filter, or clear the chain.</dd>
-</dl>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="errordocs" id="errordocs">Filtering and Response Status</a></h2>
-    <p>mod_filter normally only runs filters on responses with
-    HTTP status 200 (OK).  If you want to filter documents with
-    other response statuses, you can set the <var>filter-errordocs</var>
-    environment variable, and it will work on all responses
-    regardless of status.  To refine this further, you can use
-    expression conditions with <code class="directive">FilterProvider</code>.</p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="upgrade" id="upgrade">Upgrading from Apache HTTP Server 2.2 Configuration</a></h2>
-    <p>The <code class="directive"><a href="#filterprovider">FilterProvider</a></code>
-    directive has changed from httpd 2.2: the <var>match</var> and
-    <var>dispatch</var> arguments are replaced with a single but
-    more versatile <var>expression</var>.  In general, you can convert
-    a match/dispatch pair to the two sides of an expression, using
-    something like:</p>
-    <div class="example"><p><code>"dispatch = 'match'"</code></p></div>
-    <p>The Request headers, Response headers and Environment variables
-    are now interpreted from syntax <var>%{req:foo}</var>,
-    <var>%{resp:foo}</var> and <var>%{env:foo}</var> respectively.
-    The variables <var>%{HANDLER}</var> and <var>%{CONTENT_TYPE}</var>
-    are also supported.</p>
-    <p>Note that the match no longer support substring matches.  They can be
-    replaced by regular expression matches.</p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="examples" id="examples">Examples</a></h2>
-    <dl>
-    <dt>Server side Includes (SSI)</dt>
-    <dd>A simple case of replacing <code class="directive">AddOutputFilterByType</code>
-    <pre class="prettyprint lang-config">FilterDeclare SSI
-FilterProvider SSI INCLUDES "%{CONTENT_TYPE} =~ m|^text/html|"
-FilterChain SSI</pre>
-
-    </dd>
-
-    <dt>Server side Includes (SSI)</dt>
-    <dd>The same as the above but dispatching on handler (classic
-    SSI behaviour; .shtml files get processed).
-    <pre class="prettyprint lang-config">FilterProvider SSI INCLUDES "%{HANDLER} = 'server-parsed'"
-FilterChain SSI</pre>
-
-    </dd>
-
-    <dt>Emulating mod_gzip with mod_deflate</dt>
-    <dd>Insert INFLATE filter only if "gzip" is NOT in the
-    Accept-Encoding header.  This filter runs with ftype CONTENT_SET.
-    <pre class="prettyprint lang-config">FilterDeclare gzip CONTENT_SET
-FilterProvider gzip inflate "%{req:Accept-Encoding} !~ /gzip/"
-FilterChain gzip</pre>
-
-    </dd>
-
-    <dt>Image Downsampling</dt>
-    <dd>Suppose we want to downsample all web images, and have filters
-    for GIF, JPEG and PNG.
-    <pre class="prettyprint lang-config">FilterProvider unpack jpeg_unpack "%{CONTENT_TYPE} = 'image/jpeg'"
-FilterProvider unpack gif_unpack "%{CONTENT_TYPE} = 'image/gif'"
-FilterProvider unpack png_unpack "%{CONTENT_TYPE} = 'image/png'"
-
-FilterProvider downsample downsample_filter "%{CONTENT_TYPE} = m|^image/(jpeg|gif|png)|"
-FilterProtocol downsample "change=yes"
-
-FilterProvider repack jpeg_pack "%{CONTENT_TYPE} = 'image/jpeg'"
-FilterProvider repack gif_pack "%{CONTENT_TYPE} = 'image/gif'"
-FilterProvider repack png_pack "%{CONTENT_TYPE} = 'image/png'"
-&lt;Location "/image-filter"&gt;
-    FilterChain unpack downsample repack
-&lt;/Location&gt;</pre>
-
-    </dd>
-    </dl>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="protocol" id="protocol">Protocol Handling</a></h2>
-    <p>Historically, each filter is responsible for ensuring that whatever
-    changes it makes are correctly represented in the HTTP response headers,
-    and that it does not run when it would make an illegal change.  This
-    imposes a burden on filter authors to re-implement some common
-    functionality in every filter:</p>
-
-    <ul>
-    <li>Many filters will change the content, invalidating existing content
-    tags, checksums, hashes, and lengths.</li>
-
-    <li>Filters that require an entire, unbroken response in input need to
-    ensure they don't get byteranges from a backend.</li>
-
-    <li>Filters that transform output in a filter need to ensure they don't
-    violate a <code>Cache-Control: no-transform</code> header from the
-    backend.</li>
-
-    <li>Filters may make responses uncacheable.</li>
-    </ul>
-
-    <p><code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code> aims to offer generic handling of these
-    details of filter implementation, reducing the complexity required of
-    content filter modules. This is work-in-progress; the
-    <code class="directive"><a href="#filterprotocol">FilterProtocol</a></code> implements
-    some of this functionality for back-compatibility with Apache 2.0
-    modules.  For httpd 2.1 and later, the
-    <code>ap_register_output_filter_protocol</code> and
-    <code>ap_filter_protocol</code> API enables filter modules to
-    declare their own behaviour.</p>
-
-    <p>At the same time, <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code> should not interfere
-    with a filter that wants to handle all aspects of the protocol.  By
-    default (i.e. in the absence of any <code class="directive"><a href="#filterprotocol">FilterProtocol</a></code> directives), <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code>
-    will leave the headers untouched.</p>
-
-    <p>At the time of writing, this feature is largely untested,
-    as modules in common use are designed to work with 2.0.
-    Modules using it should test it carefully.</p>
-</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_filter.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_headers.html.en b/docs/manual/mod/mod_headers.html.en
index 7a5a45a704..4de6388055 100644
--- a/docs/manual/mod/mod_headers.html.en
+++ b/docs/manual/mod/mod_headers.html.en
@@ -40,17 +40,169 @@ headers</td></tr>
     request and response headers. Headers can be merged, replaced
     or removed.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#header">Header</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#requestheader">RequestHeader</a></li>
-</ul>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#order">Order of Processing</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#early">Early and Late Processing</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+</ul><h3 class="directives">Directives</h3>
+<ul id="toc">
+<li><img alt="" src="../images/down.gif" /> <a href="#header">Header</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#requestheader">RequestHeader</a></li>
+</ul>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="order" id="order">Order of Processing</a></h2>
+
+    <p>The directives provided by <code class="module"><a href="../mod/mod_headers.html">mod_headers</a></code> can
+    occur almost anywhere within the server configuration, and can be
+    limited in scope by enclosing them in <a href="../sections.html">configuration sections</a>.</p>
+
+    <p>Order of processing is important and is affected both by the
+    order in the configuration file and by placement in <a href="../sections.html#mergin">configuration sections</a>. These
+    two directives have a different effect if reversed:</p>
+
+    <pre class="prettyprint lang-config">RequestHeader append MirrorID "mirror 12"
+RequestHeader unset MirrorID</pre>
+
+
+    <p>This way round, the <code>MirrorID</code> header is not set. If
+    reversed, the MirrorID header is set to "mirror 12".</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="early" id="early">Early and Late Processing</a></h2>
+    <p><code class="module"><a href="../mod/mod_headers.html">mod_headers</a></code> can be applied either early or late
+    in the request.  The normal mode is late, when <em>Request</em> Headers are
+    set immediately before running the content generator and <em>Response</em>
+    Headers just as the response is sent down the wire.  Always use
+    Late mode in an operational server.</p>
+
+    <p>Early mode is designed as a test/debugging aid for developers.
+    Directives defined using the <code>early</code> keyword are set
+    right at the beginning of processing the request.  This means
+    they can be used to simulate different requests and set up test
+    cases, but it also means that headers may be changed at any time
+    by other modules before generating a Response.</p>
+
+    <p>Because early directives are processed before the request path's
+    configuration is traversed, early headers can only be set in a
+    main server or virtual host context.  Early directives cannot depend
+    on a request path, so they will fail in contexts such as
+    <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code> or
+    <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code>.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="examples" id="examples">Examples</a></h2>
+
+    <ol>
+      <li>
+        Copy all request headers that begin with "TS" to the
+        response headers:
+
+        <pre class="prettyprint lang-config">Header echo ^TS</pre>
+
+      </li>
+
+      <li>
+        Add a header, <code>MyHeader</code>, to the response including a
+        timestamp for when the request was received and how long it
+        took to begin serving the request. This header can be used by
+        the client to intuit load on the server or in isolating
+        bottlenecks between the client and the server.
+
+        <pre class="prettyprint lang-config">Header set MyHeader "%D %t"</pre>
+
+
+        <p>results in this header being added to the response:</p>
+
+        <div class="example"><p><code>
+          MyHeader: D=3775428 t=991424704447256
+        </code></p></div>
+      </li>
+
+      <li>
+        Say hello to Joe
+
+        <pre class="prettyprint lang-config">Header set MyHeader "Hello Joe. It took %D microseconds for Apache to serve this request."</pre>
+
+
+        <p>results in this header being added to the response:</p>
+
+        <div class="example"><p><code>
+          MyHeader: Hello Joe. It took D=3775428 microseconds for Apache
+          to serve this request.
+        </code></p></div>
+      </li>
+
+      <li>
+        Conditionally send <code>MyHeader</code> on the response if and
+        only if header <code>MyRequestHeader</code> is present on the request.
+        This is useful for constructing headers in response to some client
+        stimulus. Note that this example requires the services of the
+        <code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code> module.
+
+        <pre class="prettyprint lang-config">SetEnvIf MyRequestHeader myvalue HAVE_MyRequestHeader
+Header set MyHeader "%D %t mytext" env=HAVE_MyRequestHeader</pre>
+
+
+        <p>If the header <code>MyRequestHeader: myvalue</code> is present on
+        the HTTP request, the response will contain the following header:</p>
+
+        <div class="example"><p><code>
+          MyHeader: D=3775428 t=991424704447256 mytext
+        </code></p></div>
+      </li>
+
+      <li>
+        Enable DAV to work with Apache running HTTP through SSL hardware
+        (<a href="http://svn.haxx.se/users/archive-2006-03/0549.shtml">problem
+        description</a>) by replacing <var>https:</var> with
+        <var>http:</var> in the <var>Destination</var> header:
+
+        <pre class="prettyprint lang-config">RequestHeader edit Destination ^https: http: early</pre>
+
+      </li>
+
+      <li>
+        Set the same header value under multiple nonexclusive conditions,
+        but do not duplicate the value in the final header.
+        If all of the following conditions applied to a request (i.e.,
+        if the <code>CGI</code>, <code>NO_CACHE</code> and
+        <code>NO_STORE</code> environment variables all existed for the
+        request):
+
+        <pre class="prettyprint lang-config">Header merge Cache-Control no-cache env=CGI
+Header merge Cache-Control no-cache env=NO_CACHE
+Header merge Cache-Control no-store env=NO_STORE</pre>
+
+
+        <p>then the response would contain the following header:</p>
+
+        <div class="example"><p><code>
+          Cache-Control: no-cache, no-store
+        </code></p></div>
+
+        <p>If <code>append</code> was used instead of <code>merge</code>,
+        then the response would contain the following header:</p>
+
+        <div class="example"><p><code>
+          Cache-Control: no-cache, no-cache, no-store
+        </code></p></div>
+      </li>
+      <li>
+        Set a test cookie if and only if the client didn't send us a cookie
+        <pre class="prettyprint lang-config">Header set Set-Cookie testcookie "expr=-z %{req:Cookie}"</pre>
+
+      </li>
+      <li>
+        Append a Caching header for responses with a HTTP status code of 200
+        <pre class="prettyprint lang-config">Header append Cache-Control s-maxage=600 "expr=%{REQUEST_STATUS} == 200"</pre>
+
+      </li>
+
+    </ol>
+</div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="Header" id="Header">Header</a> <a name="header" id="header">Directive</a></h2>
 <table class="directive">
@@ -392,158 +544,6 @@ available in 2.4.10 and later</td></tr>
     input filters to be overridden or modified.</p>
 
 </div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="order" id="order">Order of Processing</a></h2>
-
-    <p>The directives provided by <code class="module"><a href="../mod/mod_headers.html">mod_headers</a></code> can
-    occur almost anywhere within the server configuration, and can be
-    limited in scope by enclosing them in <a href="../sections.html">configuration sections</a>.</p>
-
-    <p>Order of processing is important and is affected both by the
-    order in the configuration file and by placement in <a href="../sections.html#mergin">configuration sections</a>. These
-    two directives have a different effect if reversed:</p>
-
-    <pre class="prettyprint lang-config">RequestHeader append MirrorID "mirror 12"
-RequestHeader unset MirrorID</pre>
-
-
-    <p>This way round, the <code>MirrorID</code> header is not set. If
-    reversed, the MirrorID header is set to "mirror 12".</p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="early" id="early">Early and Late Processing</a></h2>
-    <p><code class="module"><a href="../mod/mod_headers.html">mod_headers</a></code> can be applied either early or late
-    in the request.  The normal mode is late, when <em>Request</em> Headers are
-    set immediately before running the content generator and <em>Response</em>
-    Headers just as the response is sent down the wire.  Always use
-    Late mode in an operational server.</p>
-
-    <p>Early mode is designed as a test/debugging aid for developers.
-    Directives defined using the <code>early</code> keyword are set
-    right at the beginning of processing the request.  This means
-    they can be used to simulate different requests and set up test
-    cases, but it also means that headers may be changed at any time
-    by other modules before generating a Response.</p>
-
-    <p>Because early directives are processed before the request path's
-    configuration is traversed, early headers can only be set in a
-    main server or virtual host context.  Early directives cannot depend
-    on a request path, so they will fail in contexts such as
-    <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code> or
-    <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code>.</p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="examples" id="examples">Examples</a></h2>
-
-    <ol>
-      <li>
-        Copy all request headers that begin with "TS" to the
-        response headers:
-
-        <pre class="prettyprint lang-config">Header echo ^TS</pre>
-
-      </li>
-
-      <li>
-        Add a header, <code>MyHeader</code>, to the response including a
-        timestamp for when the request was received and how long it
-        took to begin serving the request. This header can be used by
-        the client to intuit load on the server or in isolating
-        bottlenecks between the client and the server.
-
-        <pre class="prettyprint lang-config">Header set MyHeader "%D %t"</pre>
-
-
-        <p>results in this header being added to the response:</p>
-
-        <div class="example"><p><code>
-          MyHeader: D=3775428 t=991424704447256
-        </code></p></div>
-      </li>
-
-      <li>
-        Say hello to Joe
-
-        <pre class="prettyprint lang-config">Header set MyHeader "Hello Joe. It took %D microseconds for Apache to serve this request."</pre>
-
-
-        <p>results in this header being added to the response:</p>
-
-        <div class="example"><p><code>
-          MyHeader: Hello Joe. It took D=3775428 microseconds for Apache
-          to serve this request.
-        </code></p></div>
-      </li>
-
-      <li>
-        Conditionally send <code>MyHeader</code> on the response if and
-        only if header <code>MyRequestHeader</code> is present on the request.
-        This is useful for constructing headers in response to some client
-        stimulus. Note that this example requires the services of the
-        <code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code> module.
-
-        <pre class="prettyprint lang-config">SetEnvIf MyRequestHeader myvalue HAVE_MyRequestHeader
-Header set MyHeader "%D %t mytext" env=HAVE_MyRequestHeader</pre>
-
-
-        <p>If the header <code>MyRequestHeader: myvalue</code> is present on
-        the HTTP request, the response will contain the following header:</p>
-
-        <div class="example"><p><code>
-          MyHeader: D=3775428 t=991424704447256 mytext
-        </code></p></div>
-      </li>
-
-      <li>
-        Enable DAV to work with Apache running HTTP through SSL hardware
-        (<a href="http://svn.haxx.se/users/archive-2006-03/0549.shtml">problem
-        description</a>) by replacing <var>https:</var> with
-        <var>http:</var> in the <var>Destination</var> header:
-
-        <pre class="prettyprint lang-config">RequestHeader edit Destination ^https: http: early</pre>
-
-      </li>
-
-      <li>
-        Set the same header value under multiple nonexclusive conditions,
-        but do not duplicate the value in the final header.
-        If all of the following conditions applied to a request (i.e.,
-        if the <code>CGI</code>, <code>NO_CACHE</code> and
-        <code>NO_STORE</code> environment variables all existed for the
-        request):
-
-        <pre class="prettyprint lang-config">Header merge Cache-Control no-cache env=CGI
-Header merge Cache-Control no-cache env=NO_CACHE
-Header merge Cache-Control no-store env=NO_STORE</pre>
-
-
-        <p>then the response would contain the following header:</p>
-
-        <div class="example"><p><code>
-          Cache-Control: no-cache, no-store
-        </code></p></div>
-
-        <p>If <code>append</code> was used instead of <code>merge</code>,
-        then the response would contain the following header:</p>
-
-        <div class="example"><p><code>
-          Cache-Control: no-cache, no-cache, no-store
-        </code></p></div>
-      </li>
-      <li>
-        Set a test cookie if and only if the client didn't send us a cookie
-        <pre class="prettyprint lang-config">Header set Set-Cookie testcookie "expr=-z %{req:Cookie}"</pre>
-
-      </li>
-      <li>
-        Append a Caching header for responses with a HTTP status code of 200
-        <pre class="prettyprint lang-config">Header append Cache-Control s-maxage=600 "expr=%{REQUEST_STATUS} == 200"</pre>
-
-      </li>
-
-    </ol>
-</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_headers.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_heartbeat.html.en b/docs/manual/mod/mod_heartbeat.html.en
index 3916389814..5e5d62eecc 100644
--- a/docs/manual/mod/mod_heartbeat.html.en
+++ b/docs/manual/mod/mod_heartbeat.html.en
@@ -52,33 +52,14 @@ of <code class="directive"><a href="../mod/mod_proxy.html#proxypass">ProxyPass</
     </div>
 
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#consuming">Consuming mod_heartbeat Output</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#heartbeataddress">HeartbeatAddress</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#consuming">Consuming mod_heartbeat Output</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="HeartbeatAddress" id="HeartbeatAddress">HeartbeatAddress</a> <a name="heartbeataddress" id="heartbeataddress">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Multicast address for heartbeat packets</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>HeartbeatAddress <var>addr:port</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>disabled</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_heartbeat</td></tr>
-</table>
-<p>The <code class="directive">HeartbeatAddress</code> directive specifies the
-multicast address to which <code class="module"><a href="../mod/mod_heartbeat.html">mod_heartbeat</a></code> will send
-status information. This address will usually correspond to a configured
- <code class="directive"><a href="../mod/mod_heartmonitor.html#heartbeatlisten">HeartbeatListen</a></code> on a
-frontend proxy system.</p>
-<pre class="prettyprint lang-config">HeartbeatAddress 239.0.0.1:27999</pre>
-    
-
-</div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="consuming" id="consuming">Consuming mod_heartbeat Output</a></h2>
@@ -99,6 +80,25 @@ v=1&amp;ready=75&amp;busy=0
     separated by '&amp;', being added in the future.
   </p>
 
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="HeartbeatAddress" id="HeartbeatAddress">HeartbeatAddress</a> <a name="heartbeataddress" id="heartbeataddress">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Multicast address for heartbeat packets</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>HeartbeatAddress <var>addr:port</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>disabled</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_heartbeat</td></tr>
+</table>
+<p>The <code class="directive">HeartbeatAddress</code> directive specifies the
+multicast address to which <code class="module"><a href="../mod/mod_heartbeat.html">mod_heartbeat</a></code> will send
+status information. This address will usually correspond to a configured
+ <code class="directive"><a href="../mod/mod_heartmonitor.html#heartbeatlisten">HeartbeatListen</a></code> on a
+frontend proxy system.</p>
+<pre class="prettyprint lang-config">HeartbeatAddress 239.0.0.1:27999</pre>
+    
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_heartmonitor.html.en b/docs/manual/mod/mod_heartmonitor.html.en
index f086d62645..8d8c7c2eeb 100644
--- a/docs/manual/mod/mod_heartmonitor.html.en
+++ b/docs/manual/mod/mod_heartmonitor.html.en
@@ -61,6 +61,7 @@ use <code class="module"><a href="../mod/mod_slotmem_shm.html">mod_slotmem_shm</
 <li><img alt="" src="../images/down.gif" /> <a href="#heartbeatstorage">HeartbeatStorage</a></li>
 </ul>
 <ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="HeartbeatListen" id="HeartbeatListen">HeartbeatListen</a> <a name="heartbeatlisten" id="heartbeatlisten">Directive</a></h2>
 <table class="directive">
@@ -115,7 +116,6 @@ heartbeat requests to this server</td></tr>
     <code class="module"><a href="../mod/mod_slotmem_shm.html">mod_slotmem_shm</a></code> is not loaded.</p>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_heartmonitor.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_ident.html.en b/docs/manual/mod/mod_ident.html.en
index a27189d427..2b990a3890 100644
--- a/docs/manual/mod/mod_ident.html.en
+++ b/docs/manual/mod/mod_ident.html.en
@@ -48,6 +48,7 @@
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="IdentityCheck" id="IdentityCheck">IdentityCheck</a> <a name="identitycheck" id="identitycheck">Directive</a></h2>
 <table class="directive">
@@ -95,7 +96,6 @@ user</td></tr>
     timeout value according to your local network speed.</p>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_ident.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_imagemap.html.en b/docs/manual/mod/mod_imagemap.html.en
index 68204cb92a..f2c0d400c9 100644
--- a/docs/manual/mod/mod_imagemap.html.en
+++ b/docs/manual/mod/mod_imagemap.html.en
@@ -56,107 +56,19 @@
     <p>However, we are trying to phase out "magic MIME types" so we
     are deprecating this method.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#imapbase">ImapBase</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#imapdefault">ImapDefault</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#imapmenu">ImapMenu</a></li>
-</ul>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#features">New Features</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#imapfile">Imagemap File</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#example">Example Mapfile</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#referencing">Referencing your mapfile</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ImapBase" id="ImapBase">ImapBase</a> <a name="imapbase" id="imapbase">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Default <code>base</code> for imagemap files</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ImapBase map|referer|<var>URL</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ImapBase http://servername/</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>Indexes</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_imagemap</td></tr>
-</table>
-    <p>The <code class="directive">ImapBase</code> directive sets the default
-    <code>base</code> used in the imagemap files. Its value is
-    overridden by a <code>base</code> directive within the imagemap
-    file. If not present, the <code>base</code> defaults to
-    <code>http://<var>servername</var>/</code>.</p>
-
-<h3>See also</h3>
-<ul>
-<li><code class="directive"><a href="../mod/core.html#usecanonicalname">UseCanonicalName</a></code></li>
+</ul><h3 class="directives">Directives</h3>
+<ul id="toc">
+<li><img alt="" src="../images/down.gif" /> <a href="#imapbase">ImapBase</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#imapdefault">ImapDefault</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#imapmenu">ImapMenu</a></li>
 </ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ImapDefault" id="ImapDefault">ImapDefault</a> <a name="imapdefault" id="imapdefault">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Default action when an imagemap is called with coordinates
-that are not explicitly mapped</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ImapDefault error|nocontent|map|referer|<var>URL</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ImapDefault nocontent</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>Indexes</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_imagemap</td></tr>
-</table>
-    <p>The <code class="directive">ImapDefault</code> directive sets the default
-    <code>default</code> used in the imagemap files. Its value is
-    overridden by a <code>default</code> directive within the
-    imagemap file. If not present, the <code>default</code> action
-    is <code>nocontent</code>, which means that a <code>204 No
-    Content</code> is sent to the client. In this case, the client
-    should continue to display the original page.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ImapMenu" id="ImapMenu">ImapMenu</a> <a name="imapmenu" id="imapmenu">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Action if no coordinates are given when calling
-an imagemap</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ImapMenu none|formatted|semiformatted|unformatted</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ImapMenu formatted</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>Indexes</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_imagemap</td></tr>
-</table>
-    <p>The <code class="directive">ImapMenu</code> directive determines the
-    action taken if an imagemap file is called without valid
-    coordinates.</p>
-
-    <dl>
-      <dt><code>none</code></dt>
-      <dd>If ImapMenu is <code>none</code>, no menu is generated,
-      and the <code>default</code> action is performed.</dd>
-
-      <dt><code>formatted</code></dt>
-      <dd>A <code>formatted</code> menu is the simplest menu.
-      Comments in the imagemap file are ignored. A level one header
-      is printed, then an hrule, then the links each on a separate
-      line. The menu has a consistent, plain look close to that of
-      a directory listing.</dd>
-
-      <dt><code>semiformatted</code></dt>
-      <dd>In the <code>semiformatted</code> menu, comments are
-      printed where they occur in the imagemap file. Blank lines
-      are turned into HTML breaks. No header or hrule is printed,
-      but otherwise the menu is the same as a
-      <code>formatted</code> menu.</dd>
-
-      <dt><code>unformatted</code></dt>
-      <dd>Comments are printed, blank lines are ignored. Nothing is
-      printed that does not appear in the imagemap file. All breaks
-      and headers must be included as comments in the imagemap
-      file. This gives you the most flexibility over the appearance
-      of your menus, but requires you to treat your map files as
-      HTML instead of plaintext.</dd>
-    </dl>
-
-</div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="features" id="features">New Features</a></h2>
@@ -379,6 +291,94 @@ an imagemap</td></tr>
       &lt;/a&gt;
     </code></p></div>
 
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ImapBase" id="ImapBase">ImapBase</a> <a name="imapbase" id="imapbase">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Default <code>base</code> for imagemap files</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ImapBase map|referer|<var>URL</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ImapBase http://servername/</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>Indexes</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_imagemap</td></tr>
+</table>
+    <p>The <code class="directive">ImapBase</code> directive sets the default
+    <code>base</code> used in the imagemap files. Its value is
+    overridden by a <code>base</code> directive within the imagemap
+    file. If not present, the <code>base</code> defaults to
+    <code>http://<var>servername</var>/</code>.</p>
+
+<h3>See also</h3>
+<ul>
+<li><code class="directive"><a href="../mod/core.html#usecanonicalname">UseCanonicalName</a></code></li>
+</ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ImapDefault" id="ImapDefault">ImapDefault</a> <a name="imapdefault" id="imapdefault">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Default action when an imagemap is called with coordinates
+that are not explicitly mapped</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ImapDefault error|nocontent|map|referer|<var>URL</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ImapDefault nocontent</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>Indexes</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_imagemap</td></tr>
+</table>
+    <p>The <code class="directive">ImapDefault</code> directive sets the default
+    <code>default</code> used in the imagemap files. Its value is
+    overridden by a <code>default</code> directive within the
+    imagemap file. If not present, the <code>default</code> action
+    is <code>nocontent</code>, which means that a <code>204 No
+    Content</code> is sent to the client. In this case, the client
+    should continue to display the original page.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ImapMenu" id="ImapMenu">ImapMenu</a> <a name="imapmenu" id="imapmenu">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Action if no coordinates are given when calling
+an imagemap</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ImapMenu none|formatted|semiformatted|unformatted</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ImapMenu formatted</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>Indexes</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_imagemap</td></tr>
+</table>
+    <p>The <code class="directive">ImapMenu</code> directive determines the
+    action taken if an imagemap file is called without valid
+    coordinates.</p>
+
+    <dl>
+      <dt><code>none</code></dt>
+      <dd>If ImapMenu is <code>none</code>, no menu is generated,
+      and the <code>default</code> action is performed.</dd>
+
+      <dt><code>formatted</code></dt>
+      <dd>A <code>formatted</code> menu is the simplest menu.
+      Comments in the imagemap file are ignored. A level one header
+      is printed, then an hrule, then the links each on a separate
+      line. The menu has a consistent, plain look close to that of
+      a directory listing.</dd>
+
+      <dt><code>semiformatted</code></dt>
+      <dd>In the <code>semiformatted</code> menu, comments are
+      printed where they occur in the imagemap file. Blank lines
+      are turned into HTML breaks. No header or hrule is printed,
+      but otherwise the menu is the same as a
+      <code>formatted</code> menu.</dd>
+
+      <dt><code>unformatted</code></dt>
+      <dd>Comments are printed, blank lines are ignored. Nothing is
+      printed that does not appear in the imagemap file. All breaks
+      and headers must be included as comments in the imagemap
+      file. This gives you the most flexibility over the appearance
+      of your menus, but requires you to treat your map files as
+      HTML instead of plaintext.</dd>
+    </dl>
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_include.html.en b/docs/manual/mod/mod_include.html.en
index 1a4f2d7950..01de35bb3e 100644
--- a/docs/manual/mod/mod_include.html.en
+++ b/docs/manual/mod/mod_include.html.en
@@ -41,7 +41,16 @@
     inclusion of other files or programs, as well as the setting and
     printing of environment variables.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#enabling">Enabling Server-Side Includes</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#pathinfo">PATH_INFO with Server Side Includes</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#elements">Available Elements</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#includevars">Include Variables</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#substitution">Variable Substitution</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#flowctrl">Flow Control Elements</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#legacyexpr">Legacy expression syntax</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#ssiendtag">SSIEndTag</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#ssierrormsg">SSIErrorMsg</a></li>
@@ -53,16 +62,7 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#ssiundefinedecho">SSIUndefinedEcho</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#xbithack">XBitHack</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#enabling">Enabling Server-Side Includes</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#pathinfo">PATH_INFO with Server Side Includes</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#elements">Available Elements</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#includevars">Include Variables</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#substitution">Variable Substitution</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#flowctrl">Flow Control Elements</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#legacyexpr">Legacy expression syntax</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="directive"><a href="../mod/core.html#options">Options</a></code></li>
 <li><code class="directive"><a href="../mod/core.html#acceptpathinfo">AcceptPathInfo</a></code></li>
@@ -70,736 +70,458 @@
 <li><a href="../howto/ssi.html">SSI Tutorial</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="SSIEndTag" id="SSIEndTag">SSIEndTag</a> <a name="ssiendtag" id="ssiendtag">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>String that ends an include element</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSIEndTag <var>tag</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SSIEndTag "--&gt;"</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
-</table>
-    <p>This directive changes the string that <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>
-    looks for to mark the end of an include element.</p>
-
-    <pre class="prettyprint lang-config">SSIEndTag "%&gt;"</pre>
+<div class="section">
+<h2><a name="enabling" id="enabling">Enabling Server-Side Includes</a></h2>
+    
 
+    <p>Server Side Includes are implemented by the
+    <code>INCLUDES</code> <a href="../filter.html">filter</a>. If
+    documents containing server-side include directives are given
+    the extension .shtml, the following directives will make Apache
+    parse them and assign the resulting document the mime type of
+    <code>text/html</code>:</p>
 
+    <pre class="prettyprint lang-config">AddType text/html .shtml
+AddOutputFilter INCLUDES .shtml</pre>
 
-<h3>See also</h3>
-<ul>
-<li><code class="directive"><a href="#ssistarttag">SSIStartTag</a></code></li>
-</ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="SSIErrorMsg" id="SSIErrorMsg">SSIErrorMsg</a> <a name="ssierrormsg" id="ssierrormsg">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Error message displayed when there is an SSI
-error</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSIErrorMsg <var>message</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SSIErrorMsg "[an error occurred while processing this
-directive]"</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
-</table>
-    <p>The <code class="directive">SSIErrorMsg</code> directive changes the error
-    message displayed when <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> encounters an
-    error. For production servers you may consider changing the default
-    error message to <code>"&lt;!-- Error --&gt;"</code> so that
-    the message is not presented to the user.</p>
 
-    <p>This directive has the same effect as the <code>&lt;!--#config
-    errmsg=<var>message</var> --&gt;</code> element.</p>
+    <p>The following directive must be given for the directories
+    containing the shtml files (typically in a
+    <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code> section,
+    but this directive is also valid in <code>.htaccess</code> files if
+    <code class="directive"><a href="../mod/core.html#allowoverride">AllowOverride</a></code> <code>Options</code>
+    is set):</p>
 
-    <pre class="prettyprint lang-config">SSIErrorMsg "&lt;!-- Error --&gt;"</pre>
+    <pre class="prettyprint lang-config">Options +Includes</pre>
 
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="SSIETag" id="SSIETag">SSIETag</a> <a name="ssietag" id="ssietag">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Controls whether ETags are generated by the server.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSIETag on|off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SSIETag off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.2.15 and later.</td></tr>
-</table>
-      <p>Under normal circumstances, a file filtered by <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>
-        may contain elements that are either dynamically generated, or that may
-        have changed independently of the original file. As a result, by default
-        the server is asked not to generate an <code>ETag</code> header for the
-        response by adding <code>no-etag</code> to the request notes.</p>
+    <p>For backwards compatibility, the <code>server-parsed</code>
+    <a href="../handler.html">handler</a> also activates the
+    INCLUDES filter. As well, Apache will activate the INCLUDES
+    filter for any document with mime type
+    <code>text/x-server-parsed-html</code> or
+    <code>text/x-server-parsed-html3</code> (and the resulting
+    output will have the mime type <code>text/html</code>).</p>
 
-      <p>The <code class="directive">SSIETag</code> directive suppresses this
-        behaviour, and allows the server to generate an <code>ETag</code> header.
-        This can be used to enable caching of the output. Note that a backend server
-        or dynamic content generator may generate an ETag of its own, ignoring
-        <code>no-etag</code>, and this ETag will be passed by
-        <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> regardless of the value of this setting.
-        <code class="directive">SSIETag</code> can take on the following values:</p>
+    <p>For more information, see our <a href="../howto/ssi.html">Tutorial on Server Side Includes</a>.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="pathinfo" id="pathinfo">PATH_INFO with Server Side Includes</a></h2>
+    
 
-      <dl>
+    <p>Files processed for server-side includes no longer accept
+    requests with <code>PATH_INFO</code> (trailing pathname information)
+    by default.  You can use the <code class="directive"><a href="../mod/core.html#acceptpathinfo">AcceptPathInfo</a></code> directive to
+    configure the server to accept requests with <code>PATH_INFO</code>.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="elements" id="elements">Available Elements</a></h2>
+    <p>The document is parsed as an HTML document, with special
+    commands embedded as SGML comments. A command has the syntax: </p>
 
-        <dt><code>off</code></dt>
-        <dd><code>no-etag</code> will be added to the request notes, and the server
-          is asked not to generate an ETag. Where a server ignores the value of
-          <code>no-etag</code> and generates an ETag anyway, the ETag will be
-          respected.</dd>
+    <div class="example"><p><code>
+      &lt;!--#<var>element</var> <var>attribute</var>=<var>value</var>
+      <var>attribute</var>=<var>value</var> ... --&gt;
+    </code></p></div>
 
-        <dt><code>on</code></dt>
-        <dd>Existing ETags will be respected, and ETags generated by the server will
-          be passed on in the response.</dd>
+    <p>The value will often be enclosed in double quotes, but single
+    quotes (<code>'</code>) and backticks (<code>`</code>) are also
+    possible. Many commands only allow a single attribute-value pair.
+    Note that the comment terminator (<code>--&gt;</code>) should be
+    preceded by whitespace to ensure that it isn't considered part of
+    an SSI token. Note that the leading <code>&lt;!--#</code> is <em>one</em>
+    token and may not contain any whitespaces.</p>
 
-      </dl>
+    <p>The allowed elements are listed in the following table:</p>
 
+    <table class="bordered">
+    <tr><th>Element</th><th>Description</th></tr>
+    <tr><td><code><a href="#element.config">config</a></code></td>
+        <td>configure output formats</td></tr>
+    <tr><td><code><a href="#element.echo">echo</a></code></td>
+        <td>print variables</td></tr>
+    <tr><td><code><a href="#element.exec">exec</a></code></td>
+        <td>execute external programs</td></tr>
+    <tr><td><code><a href="#element.fsize">fsize</a></code></td>
+        <td>print size of a file</td></tr>
+    <tr><td><code><a href="#element.flastmod">flastmod</a></code></td>
+        <td>print last modification time of a file</td></tr>
+    <tr><td><code><a href="#element.include">include</a></code></td>
+        <td>include a file</td></tr>
+    <tr><td><code><a href="#element.printenv">printenv</a></code></td>
+        <td>print all available variables</td></tr>
+    <tr><td><code><a href="#element.set">set</a></code></td>
+        <td>set a value of a variable</td></tr>
+    </table>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="SSILastModified" id="SSILastModified">SSILastModified</a> <a name="ssilastmodified" id="ssilastmodified">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Controls whether <code>Last-Modified</code> headers are generated by the
-server.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSILastModified on|off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SSILastModified off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.2.15 and later.</td></tr>
-</table>
-      <p>Under normal circumstances, a file filtered by <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>
-        may contain elements that are either dynamically generated, or that may
-        have changed independently of the original file. As a result, by default
-        the <code>Last-Modified</code> header is stripped from the response.</p>
+    <p>SSI elements may be defined by modules other than
+    <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>. In fact, the <code><a href="#element.exec">exec</a></code> element is provided by
+    <code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code>, and will only be available if this
+    module is loaded.</p>
 
-      <p>The <code class="directive">SSILastModified</code> directive overrides this
-        behaviour, and allows the <code>Last-Modified</code> header to be respected
-        if already present, or set if the header is not already present. This can
-        be used to enable caching of the output. <code class="directive">SSILastModified</code>
-        can take on the following values:</p>
+    <h3><a name="element.config" id="element.config">The config Element</a></h3>
+      <p>This command controls various aspects of the parsing. The
+      valid attributes are:</p>
 
       <dl>
+      <dt><code>echomsg</code> (<em>Apache 2.1 and later</em>)</dt>
+      <dd>
+      <p>The value is a message that is sent back to the
+      client if the <code><a href="#element.echo">echo</a></code> element
+      attempts to echo an undefined variable. This overrides any <code class="directive"><a href="#ssiundefinedecho">SSIUndefinedEcho</a></code> directives.</p>
 
-        <dt><code>off</code></dt>
-        <dd>The <code>Last-Modified</code> header will be stripped from responses,
-          unless the <code class="directive"><a href="#xbithack">XBitHack</a></code> directive
-          is set to <code>full</code> as described below.</dd>
+      <div class="example"><p><code>
+        &lt;!--#config echomsg="[Value Undefined]" --&gt;
+      </code></p></div>
+      </dd>
 
-        <dt><code>on</code></dt>
-        <dd>The <code>Last-Modified</code> header will be respected if already
-          present in a response, and added to the response if the response is a
-          file and the header is missing. The
-          <code class="directive"><a href="#ssilastmodified">SSILastModified</a></code> directive
-          takes precedence over <code class="directive"><a href="#xbithack">XBitHack</a></code>.</dd>
+      <dt><code>errmsg</code></dt>
+      <dd><p>The value is a message that is sent back to the
+      client if an error occurs while parsing the
+      document. This overrides any <code class="directive"><a href="#ssierrormsg">SSIErrorMsg</a></code> directives.</p>
+      
+      <div class="example"><p><code>
+       &lt;!--#config errmsg="[Oops, something broke.]" --&gt;
+      </code></p></div>
+      </dd>
 
-      </dl>
+      <dt><code>sizefmt</code></dt>
+      <dd><p>The value sets the format to be used when displaying
+      the size of a file. Valid values are <code>bytes</code>
+      for a count in bytes, or <code>abbrev</code> for a count
+      in Kb or Mb as appropriate, for example a size of 1024 bytes
+      will be printed as "1K".</p>
 
+      <div class="example"><p><code>
+      &lt;!--#config sizefmt="abbrev" --&gt;
+      </code></p></div>
+      </dd>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="SSILegacyExprParser" id="SSILegacyExprParser">SSILegacyExprParser</a> <a name="ssilegacyexprparser" id="ssilegacyexprparser">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable compatibility mode for conditional expressions.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSILegacyExprParser on|off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SSILegacyExprParser off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.13 and later.</td></tr>
-</table>
-    <p>As of version 2.3.13, <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> has switched to the
-    new <a href="../expr.html">ap_expr</a> syntax for conditional expressions
-    in <code>#if</code> flow control elements.  This directive allows to
-    switch to the <a href="#legacyexpr">old syntax</a> which is compatible
-    with Apache HTTPD version 2.2.x and earlier.
-    </p>
+      <dt><code>timefmt</code></dt>
+      <dd><p>The value is a string to be used by the
+      <code>strftime(3)</code> library routine when printing
+      dates.</p>
+      
+      <div class="example"><p><code>
+      &lt;!--#config timefmt=""%R, %B %d, %Y"" --&gt;
+      </code></p></div>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="SSIStartTag" id="SSIStartTag">SSIStartTag</a> <a name="ssistarttag" id="ssistarttag">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>String that starts an include element</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSIStartTag <var>tag</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SSIStartTag "&lt;!--#"</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
-</table>
-    <p>This directive changes the string that <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>
-    looks for to mark an include element to process.</p>
+      </dd>
+      
+      </dl>
+     
 
-    <p>You may want to use this option if you have 2 servers parsing the
-    output of a file each processing different commands (possibly at
-    different times).</p>
+    <h3><a name="element.echo" id="element.echo">The echo Element</a></h3>
+      <p>This command prints one of the <a href="#includevars">include
+      variables</a> defined below. If the variable is unset, the result is
+      determined by the <code class="directive"><a href="#ssiundefinedecho">SSIUndefinedEcho</a></code> directive. Any dates printed are
+      subject to the currently configured <code>timefmt</code>.</p>
 
-    <pre class="prettyprint lang-config">      SSIStartTag "&lt;%"<br />
-      SSIEndTag   "%&gt;"</pre>
+      <p>Attributes:</p>
 
+      <dl>
+      <dt><code>var</code></dt>
+      <dd>The value is the name of the variable to print.</dd>
 
-    <p>The example given above, which also specifies a matching
-    <code class="directive"><a href="#ssiendtag">SSIEndTag</a></code>, will
-    allow you to use SSI directives as shown in the example
-    below:</p>
+      <dt><code>decoding</code></dt>
+      <dd><p>Specifies whether Apache should strip an encoding from
+      the variable before processing the variable further. The default
+      is <code>none</code>, where no decoding will be done. If set to
+      <code>url</code>, then URL decoding (also known as %-encoding;
+      this is appropriate for use within URLs in links, etc.) will be
+      performed. If set to <code>urlencoded</code>,
+      application/x-www-form-urlencoded compatible encoding (found in
+      query strings) will be stripped. If set to <code>base64</code>,
+      base64 will be decoded, and if set to <code>entity</code>, HTML
+      entity encoding will be stripped. Decoding is done prior to any
+      further encoding on the variable. Multiple encodings can be
+      stripped by specifying more than one comma separated encoding.
+      The decoding setting will remain in effect until the next decoding
+      attribute is encountered, or the element ends.</p>
 
-    <div class="example"><h3>SSI directives with alternate start and end tags</h3><p><code>
-      &lt;%printenv %&gt;
-    </code></p></div>
+      <p>The <code>decoding</code> attribute must <em>precede</em> the
+      corresponding <code>var</code> attribute to be effective.</p>
+      </dd>
 
-<h3>See also</h3>
-<ul>
-<li><code class="directive"><a href="#ssiendtag">SSIEndTag</a></code></li>
-</ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="SSITimeFormat" id="SSITimeFormat">SSITimeFormat</a> <a name="ssitimeformat" id="ssitimeformat">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Configures the format in which date strings are
-displayed</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSITimeFormat <var>formatstring</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SSITimeFormat "%A, %d-%b-%Y %H:%M:%S %Z"</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
-</table>
-<p>This directive changes the format in which date strings are displayed
-    when echoing <code>DATE</code> environment variables. The
-    <var>formatstring</var> is as in <code>strftime(3)</code> from the
-    C standard library.</p>
+      <dt><code>encoding</code></dt>
+      <dd><p>Specifies how Apache should encode special characters
+      contained in the variable before outputting them. If set
+      to <code>none</code>, no encoding will be done. If set to
+      <code>url</code>, then URL encoding (also known as %-encoding;
+      this is appropriate for use within URLs in links, etc.) will be
+      performed. If set to <code>urlencoded</code>,
+      application/x-www-form-urlencoded compatible encoding will be
+      performed instead, and should be used with query strings. If set
+      to <code>base64</code>, base64 encoding will be performed. At
+      the start of an <code>echo</code> element, the default is set to
+      <code>entity</code>, resulting in entity encoding (which is
+      appropriate in the context of a block-level HTML element,
+      <em>e.g.</em> a paragraph of text). This can be changed by adding
+      an <code>encoding</code> attribute, which will remain in effect
+      until the next <code>encoding</code> attribute is encountered or
+      the element ends, whichever comes first.</p>
 
-    <p>This directive has the same effect as the <code>&lt;!--#config
-    timefmt=<var>formatstring</var> --&gt;</code> element.</p>
+      <p>The <code>encoding</code> attribute must <em>precede</em> the
+      corresponding <code>var</code> attribute to be effective.</p>
 
-    <pre class="prettyprint lang-config">SSITimeFormat "%R, %B %d, %Y"</pre>
+      <div class="warning">
+        In order to avoid cross-site scripting issues, you should
+        <em>always</em> encode user supplied data.
+      </div>
 
+      <div class="example"><h3>Example</h3><p><code>
+        &lt;!--#echo encoding="entity" var="QUERY_STRING" --&gt;
+      </code></p></div>
+      </dd>
+      </dl>
+     
 
-    <p>The above directive would cause times to be displayed in the
-    format "22:26, June 14, 2002".</p>
+    <h3><a name="element.exec" id="element.exec">The exec Element</a></h3>
+      <p>The <code>exec</code> command executes a given shell command or
+      CGI script. It requires <code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code> to be present
+      in the server. If <code class="directive"><a href="../mod/core.html#options">Options</a></code>
+      <code>IncludesNOEXEC</code> is set, this command is completely
+      disabled. The valid attributes are:</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="SSIUndefinedEcho" id="SSIUndefinedEcho">SSIUndefinedEcho</a> <a name="ssiundefinedecho" id="ssiundefinedecho">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>String displayed when an unset variable is echoed</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSIUndefinedEcho <var>string</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SSIUndefinedEcho "(none)"</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
-</table>
-    <p>This directive changes the string that <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>
-    displays when a variable is not set and "echoed".</p>
+      <dl>
+      <dt><code>cgi</code></dt>
+      <dd><p>The value specifies a (%-encoded) URL-path to
+      the CGI script. If the path does not begin with a slash (/),
+      then it is taken to be relative to the current
+      document. The document referenced by this path is
+      invoked as a CGI script, even if the server would not
+      normally recognize it as such. However, the directory
+      containing the script must be enabled for CGI scripts
+      (with <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code>
+      or <code class="directive"><a href="../mod/core.html#options">Options</a></code>
+      <code>ExecCGI</code>).</p>
 
-    <pre class="prettyprint lang-config">SSIUndefinedEcho "&lt;!-- undef --&gt;"</pre>
+      <p>The CGI script is given the <code>PATH_INFO</code> and query
+      string (<code>QUERY_STRING</code>) of the original request from the
+      client; these <em>cannot</em> be specified in the URL path. The
+      include variables will be available to the script in addition to
+      the standard <a href="mod_cgi.html">CGI</a> environment.</p>
 
+      <div class="example"><h3>Example</h3><p><code>
+        &lt;!--#exec cgi="/cgi-bin/example.cgi" --&gt;
+      </code></p></div>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="XBitHack" id="XBitHack">XBitHack</a> <a name="xbithack" id="xbithack">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Parse SSI directives in files with the execute bit
-set</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>XBitHack on|off|full</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>XBitHack off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>Options</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
-</table>
-    <p>The <code class="directive">XBitHack</code> directive controls the parsing
-    of ordinary html documents. This directive only affects files associated
-    with the <a class="glossarylink" href="../glossary.html#mime-type" title="see glossary">MIME-type</a> <code>text/html</code>. <code class="directive">XBitHack</code> can take on the following values:</p>
+      <p>If the script returns a <code>Location:</code> header instead of
+      output, then this will be translated into an HTML anchor.</p>
 
-    <dl>
-      <dt><code>off</code></dt>
-      <dd>No special treatment of executable files.</dd>
+      <p>The <code><a href="#includevirtual">include virtual</a></code>
+      element should be used in preference to <code>exec cgi</code>. In
+      particular, if you need to pass additional arguments to a CGI program,
+      using the query string, this cannot be done with <code>exec
+      cgi</code>, but can be done with <code>include virtual</code>, as
+      shown here:</p>
 
-      <dt><code>on</code></dt>
-      <dd>Any <code>text/html</code> file that has the user-execute bit
-      set will be treated as a server-parsed html document.</dd>
+      <div class="example"><p><code>
+        &lt;!--#include virtual="/cgi-bin/example.cgi?argument=value" --&gt;
+      </code></p></div>
+      </dd>
 
-      <dt><code>full</code></dt>
-      <dd>As for <code>on</code> but also test the group-execute bit.
-      If it is set, then set the <code>Last-modified</code> date of the
-      returned file to be the last modified time of the file. If
-      it is not set, then no last-modified date is sent. Setting
-      this bit allows clients and proxies to cache the result of
-      the request.
+      <dt><code>cmd</code></dt>
+      <dd><p>The server will execute the given string using
+      <code>/bin/sh</code>. The <a href="#includevars">include variables</a> are available to the command, in addition
+      to the usual set of CGI variables.</p>
 
-      <div class="note"><h3>Note</h3>
-      <p>You would not want to use the full option, unless you assure the
-      group-execute bit is unset for every SSI script which might <code>#include</code> a CGI or otherwise produces different output on
-      each hit (or could potentially change on subsequent requests).</p>
+      <p>The use of <code><a href="#includevirtual">#include virtual</a></code> is almost always prefered to using
+      either <code>#exec cgi</code> or <code>#exec cmd</code>. The former
+      (<code>#include virtual</code>) uses the standard Apache sub-request
+      mechanism to include files or scripts. It is much better tested and
+      maintained.</p>
 
-      <p>The <code class="directive"><a href="#ssilastmodified">SSILastModified</a></code>
-      directive takes precedence over the
-      <code class="directive"><a href="#xbithack">XBitHack</a></code> directive when
-      <code class="directive"><a href="#ssilastmodified">SSILastModified</a></code> is set to
-      <code>on</code>.</p>
-      </div>
+      <p>In addition, on some platforms, like Win32, and on unix when
+      using <a href="../suexec.html">suexec</a>, you cannot pass arguments
+      to a command in an <code>exec</code> directive, or otherwise include
+      spaces in the command. Thus, while the following will work under a
+      non-suexec configuration on unix, it will not produce the desired
+      result under Win32, or when running suexec:</p>
 
+      <div class="example"><p><code>
+        &lt;!--#exec cmd="perl /path/to/perlscript arg1 arg2" --&gt;
+      </code></p></div>
       </dd>
-    </dl>
-
+      </dl>
+     
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="enabling" id="enabling">Enabling Server-Side Includes</a></h2>
-    
+    <h3><a name="element.fsize" id="element.fsize">The fsize Element</a></h3>
+      <p>This command prints the size of the specified file, subject
+      to the <code>sizefmt</code> format specification. Attributes:</p>
 
-    <p>Server Side Includes are implemented by the
-    <code>INCLUDES</code> <a href="../filter.html">filter</a>. If
-    documents containing server-side include directives are given
-    the extension .shtml, the following directives will make Apache
-    parse them and assign the resulting document the mime type of
-    <code>text/html</code>:</p>
+      <dl>
+      <dt><code>file</code></dt>
+      <dd>The value is a path relative to the directory
+      containing the current document being parsed.
 
-    <pre class="prettyprint lang-config">AddType text/html .shtml
-AddOutputFilter INCLUDES .shtml</pre>
+    <div class="example"><p><code>
+        This file is &lt;!--#fsize file="mod_include.html" --&gt; bytes.
+    </code></p></div>
 
+    The value of <code>file</code> cannot start with a slash
+    (<code>/</code>), nor can it contain <code>../</code> so as to 
+    refer to a file above the current directory or outside of the
+    document root. Attempting to so will result in the error message:
+    <code>The given path was above the root path</code>.
+      </dd>
 
-    <p>The following directive must be given for the directories
-    containing the shtml files (typically in a
-    <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code> section,
-    but this directive is also valid in <code>.htaccess</code> files if
-    <code class="directive"><a href="../mod/core.html#allowoverride">AllowOverride</a></code> <code>Options</code>
-    is set):</p>
-
-    <pre class="prettyprint lang-config">Options +Includes</pre>
-
-
-    <p>For backwards compatibility, the <code>server-parsed</code>
-    <a href="../handler.html">handler</a> also activates the
-    INCLUDES filter. As well, Apache will activate the INCLUDES
-    filter for any document with mime type
-    <code>text/x-server-parsed-html</code> or
-    <code>text/x-server-parsed-html3</code> (and the resulting
-    output will have the mime type <code>text/html</code>).</p>
-
-    <p>For more information, see our <a href="../howto/ssi.html">Tutorial on Server Side Includes</a>.</p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="pathinfo" id="pathinfo">PATH_INFO with Server Side Includes</a></h2>
-    
-
-    <p>Files processed for server-side includes no longer accept
-    requests with <code>PATH_INFO</code> (trailing pathname information)
-    by default.  You can use the <code class="directive"><a href="../mod/core.html#acceptpathinfo">AcceptPathInfo</a></code> directive to
-    configure the server to accept requests with <code>PATH_INFO</code>.</p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="elements" id="elements">Available Elements</a></h2>
-    <p>The document is parsed as an HTML document, with special
-    commands embedded as SGML comments. A command has the syntax: </p>
+      <dt><code>virtual</code></dt>
+      <dd>The value is a (%-encoded) URL-path. If it does not begin with
+      a slash (/) then it is taken to be relative to the current document.
+      Note, that this does <em>not</em> print the size of any CGI output,
+      but the size of the CGI script itself.</dd>
+      </dl>
 
     <div class="example"><p><code>
-      &lt;!--#<var>element</var> <var>attribute</var>=<var>value</var>
-      <var>attribute</var>=<var>value</var> ... --&gt;
+        This file is &lt;!--#fsize virtual="/docs/mod/mod_include.html" --&gt; bytes.
     </code></p></div>
 
-    <p>The value will often be enclosed in double quotes, but single
-    quotes (<code>'</code>) and backticks (<code>`</code>) are also
-    possible. Many commands only allow a single attribute-value pair.
-    Note that the comment terminator (<code>--&gt;</code>) should be
-    preceded by whitespace to ensure that it isn't considered part of
-    an SSI token. Note that the leading <code>&lt;!--#</code> is <em>one</em>
-    token and may not contain any whitespaces.</p>
-
-    <p>The allowed elements are listed in the following table:</p>
+      <p>Note that in many cases these two are exactly the same thing.
+      However, the <code>file</code> attribute doesn't respect URL-space
+      aliases.</p>
+     
 
-    <table class="bordered">
-    <tr><th>Element</th><th>Description</th></tr>
-    <tr><td><code><a href="#element.config">config</a></code></td>
-        <td>configure output formats</td></tr>
-    <tr><td><code><a href="#element.echo">echo</a></code></td>
-        <td>print variables</td></tr>
-    <tr><td><code><a href="#element.exec">exec</a></code></td>
-        <td>execute external programs</td></tr>
-    <tr><td><code><a href="#element.fsize">fsize</a></code></td>
-        <td>print size of a file</td></tr>
-    <tr><td><code><a href="#element.flastmod">flastmod</a></code></td>
-        <td>print last modification time of a file</td></tr>
-    <tr><td><code><a href="#element.include">include</a></code></td>
-        <td>include a file</td></tr>
-    <tr><td><code><a href="#element.printenv">printenv</a></code></td>
-        <td>print all available variables</td></tr>
-    <tr><td><code><a href="#element.set">set</a></code></td>
-        <td>set a value of a variable</td></tr>
-    </table>
+    <h3><a name="element.flastmod" id="element.flastmod">The flastmod Element</a></h3>
+      <p>This command prints the last modification date of the
+      specified file, subject to the <code>timefmt</code> format
+      specification. The attributes are the same as for the
+      <code><a href="#element.fsize">fsize</a></code> command.</p>
+     
 
-    <p>SSI elements may be defined by modules other than
-    <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>. In fact, the <code><a href="#element.exec">exec</a></code> element is provided by
-    <code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code>, and will only be available if this
-    module is loaded.</p>
+    <h3><a name="element.include" id="element.include">The include Element</a></h3>
+      <p>This command inserts the text of another document or file
+      into the parsed file. Any included file is subject to the usual
+      access control. If the directory containing the parsed file has
+      <a href="core.html#options">Options</a>
+      <code>IncludesNOEXEC</code> set, then only documents with a text
+      <a class="glossarylink" href="../glossary.html#mime-type" title="see glossary">MIME-type</a> (<code>text/plain</code>,
+      <code>text/html</code> etc.) will be included. Otherwise CGI
+      scripts are invoked as normal using the complete URL given in
+      the command, including any query string.</p>
 
-    <h3><a name="element.config" id="element.config">The config Element</a></h3>
-      <p>This command controls various aspects of the parsing. The
-      valid attributes are:</p>
+      <p>An attribute defines the location of the document, and may
+      appear more than once in an include element; an inclusion is
+      done for each attribute given to the include command in turn.
+      The valid attributes are:</p>
 
       <dl>
-      <dt><code>echomsg</code> (<em>Apache 2.1 and later</em>)</dt>
-      <dd>
-      <p>The value is a message that is sent back to the
-      client if the <code><a href="#element.echo">echo</a></code> element
-      attempts to echo an undefined variable. This overrides any <code class="directive"><a href="#ssiundefinedecho">SSIUndefinedEcho</a></code> directives.</p>
+      <dt><code>file</code></dt>
+      <dd>The value is a path relative to the directory
+      containing the current document being parsed. It cannot
+      contain <code>../</code>, nor can it be an absolute path.
+      Therefore, you cannot include files that are outside of the
+      document root, or above the current document in the directory
+      structure. The <code>virtual</code> attribute should always be
+      used in preference to this one.</dd>
 
-      <div class="example"><p><code>
-        &lt;!--#config echomsg="[Value Undefined]" --&gt;
-      </code></p></div>
-      </dd>
+      <dt><code><a id="includevirtual" name="includevirtual">virtual</a></code></dt>
+      <dd><p>The value is a (%-encoded) URL-path. The URL cannot contain a
+      scheme or hostname, only a path and an optional query string. If it
+      does not begin with a slash (/) then it is taken to be relative to the
+      current document.</p>
+
+      <p>A URL is constructed from the attribute, and the output the
+      server would return if the URL were accessed by the client is
+      included in the parsed output. Thus included files can be nested.</p>
+
+      <p>If the specified URL is a CGI program, the program will be
+      executed and its output inserted in place of the directive in the
+      parsed file. You may include a query string in a CGI url:</p>
 
-      <dt><code>errmsg</code></dt>
-      <dd><p>The value is a message that is sent back to the
-      client if an error occurs while parsing the
-      document. This overrides any <code class="directive"><a href="#ssierrormsg">SSIErrorMsg</a></code> directives.</p>
-      
       <div class="example"><p><code>
-       &lt;!--#config errmsg="[Oops, something broke.]" --&gt;
+        &lt;!--#include virtual="/cgi-bin/example.cgi?argument=value" --&gt;
       </code></p></div>
+
+      <p><code>include virtual</code> should be used in preference
+      to <code>exec cgi</code> to include the output of CGI programs
+      into an HTML document.</p>
+
+      <p>If the <code class="directive"><a href="../mod/mod_request.html#keptbodysize">KeptBodySize</a></code>
+      directive is correctly configured and valid for this included
+      file, attempts to POST requests to the enclosing HTML document
+      will be passed through to subrequests as POST requests as well.
+      Without the directive, all subrequests are processed as GET
+      requests.</p>
+
       </dd>
 
-      <dt><code>sizefmt</code></dt>
-      <dd><p>The value sets the format to be used when displaying
-      the size of a file. Valid values are <code>bytes</code>
-      for a count in bytes, or <code>abbrev</code> for a count
-      in Kb or Mb as appropriate, for example a size of 1024 bytes
-      will be printed as "1K".</p>
+      <dt><code>onerror</code></dt>
+      <dd><p>The value is a (%-encoded) URL-path which is shown should a
+      previous attempt to include a file or virtual attribute failed.
+      To be effective, this attribute must be specified after the
+      file or virtual attributes being covered. If the attempt to
+      include the onerror path fails, or if onerror is not specified, the
+      default error message will be included.</p>
 
       <div class="example"><p><code>
-      &lt;!--#config sizefmt="abbrev" --&gt;
+        # Simple example<br />
+        &lt;!--#include virtual="/not-exist.html" onerror="/error.html" --&gt;
       </code></p></div>
-      </dd>
 
-      <dt><code>timefmt</code></dt>
-      <dd><p>The value is a string to be used by the
-      <code>strftime(3)</code> library routine when printing
-      dates.</p>
-      
       <div class="example"><p><code>
-      &lt;!--#config timefmt=""%R, %B %d, %Y"" --&gt;
+        # Dedicated onerror paths<br />
+        &lt;!--#include virtual="/path-a.html" onerror="/error-a.html" virtual="/path-b.html" onerror="/error-b.html" --&gt;
       </code></p></div>
 
       </dd>
-      
       </dl>
      
 
-    <h3><a name="element.echo" id="element.echo">The echo Element</a></h3>
-      <p>This command prints one of the <a href="#includevars">include
-      variables</a> defined below. If the variable is unset, the result is
-      determined by the <code class="directive"><a href="#ssiundefinedecho">SSIUndefinedEcho</a></code> directive. Any dates printed are
-      subject to the currently configured <code>timefmt</code>.</p>
+    <h3><a name="element.printenv" id="element.printenv">The printenv Element</a></h3>
+      <p>This prints out a plain text listing of all existing variables and
+      their values. Special characters are entity encoded (see the <code><a href="#element.echo">echo</a></code> element for details)
+      before being output. There are no attributes.</p>
 
-      <p>Attributes:</p>
+      <div class="example"><h3>Example</h3><p><code>
+        &lt;pre&gt;
+          &lt;!--#printenv --&gt;
+        &lt;/pre&gt;
+      </code></p></div>
+     
+
+    <h3><a name="element.set" id="element.set">The set Element</a></h3>
+      <p>This sets the value of a variable. Attributes:</p>
 
       <dl>
       <dt><code>var</code></dt>
-      <dd>The value is the name of the variable to print.</dd>
+      <dd>The name of the variable to set.</dd>
+
+      <dt><code>value</code></dt>
+      <dd>The value to give a variable.</dd>
 
       <dt><code>decoding</code></dt>
       <dd><p>Specifies whether Apache should strip an encoding from
       the variable before processing the variable further. The default
       is <code>none</code>, where no decoding will be done. If set to
-      <code>url</code>, then URL decoding (also known as %-encoding;
-      this is appropriate for use within URLs in links, etc.) will be
-      performed. If set to <code>urlencoded</code>,
-      application/x-www-form-urlencoded compatible encoding (found in
-      query strings) will be stripped. If set to <code>base64</code>,
-      base64 will be decoded, and if set to <code>entity</code>, HTML
-      entity encoding will be stripped. Decoding is done prior to any
-      further encoding on the variable. Multiple encodings can be
-      stripped by specifying more than one comma separated encoding.
-      The decoding setting will remain in effect until the next decoding
-      attribute is encountered, or the element ends.</p>
-
-      <p>The <code>decoding</code> attribute must <em>precede</em> the
-      corresponding <code>var</code> attribute to be effective.</p>
+      <code>url</code>, <code>urlencoded</code>, <code>base64</code>
+      or <code>entity</code>, URL decoding,
+      application/x-www-form-urlencoded decoding, base64 decoding or HTML
+      entity decoding will be performed respectively. More than one
+      decoding can be specified by separating with commas. The decoding
+      setting will remain in effect until the next decoding attribute
+      is encountered, or the element ends. The <code>decoding</code>
+      attribute must <em>precede</em> the corresponding
+      <code>var</code> attribute to be effective.</p>
       </dd>
 
       <dt><code>encoding</code></dt>
       <dd><p>Specifies how Apache should encode special characters
-      contained in the variable before outputting them. If set
-      to <code>none</code>, no encoding will be done. If set to
-      <code>url</code>, then URL encoding (also known as %-encoding;
-      this is appropriate for use within URLs in links, etc.) will be
-      performed. If set to <code>urlencoded</code>,
-      application/x-www-form-urlencoded compatible encoding will be
-      performed instead, and should be used with query strings. If set
-      to <code>base64</code>, base64 encoding will be performed. At
-      the start of an <code>echo</code> element, the default is set to
-      <code>entity</code>, resulting in entity encoding (which is
-      appropriate in the context of a block-level HTML element,
-      <em>e.g.</em> a paragraph of text). This can be changed by adding
-      an <code>encoding</code> attribute, which will remain in effect
-      until the next <code>encoding</code> attribute is encountered or
-      the element ends, whichever comes first.</p>
-
-      <p>The <code>encoding</code> attribute must <em>precede</em> the
-      corresponding <code>var</code> attribute to be effective.</p>
-
-      <div class="warning">
-        In order to avoid cross-site scripting issues, you should
-        <em>always</em> encode user supplied data.
-      </div>
-
-      <div class="example"><h3>Example</h3><p><code>
-        &lt;!--#echo encoding="entity" var="QUERY_STRING" --&gt;
-      </code></p></div>
-      </dd>
-      </dl>
-     
-
-    <h3><a name="element.exec" id="element.exec">The exec Element</a></h3>
-      <p>The <code>exec</code> command executes a given shell command or
-      CGI script. It requires <code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code> to be present
-      in the server. If <code class="directive"><a href="../mod/core.html#options">Options</a></code>
-      <code>IncludesNOEXEC</code> is set, this command is completely
-      disabled. The valid attributes are:</p>
-
-      <dl>
-      <dt><code>cgi</code></dt>
-      <dd><p>The value specifies a (%-encoded) URL-path to
-      the CGI script. If the path does not begin with a slash (/),
-      then it is taken to be relative to the current
-      document. The document referenced by this path is
-      invoked as a CGI script, even if the server would not
-      normally recognize it as such. However, the directory
-      containing the script must be enabled for CGI scripts
-      (with <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code>
-      or <code class="directive"><a href="../mod/core.html#options">Options</a></code>
-      <code>ExecCGI</code>).</p>
-
-      <p>The CGI script is given the <code>PATH_INFO</code> and query
-      string (<code>QUERY_STRING</code>) of the original request from the
-      client; these <em>cannot</em> be specified in the URL path. The
-      include variables will be available to the script in addition to
-      the standard <a href="mod_cgi.html">CGI</a> environment.</p>
-
-      <div class="example"><h3>Example</h3><p><code>
-        &lt;!--#exec cgi="/cgi-bin/example.cgi" --&gt;
-      </code></p></div>
-
-      <p>If the script returns a <code>Location:</code> header instead of
-      output, then this will be translated into an HTML anchor.</p>
-
-      <p>The <code><a href="#includevirtual">include virtual</a></code>
-      element should be used in preference to <code>exec cgi</code>. In
-      particular, if you need to pass additional arguments to a CGI program,
-      using the query string, this cannot be done with <code>exec
-      cgi</code>, but can be done with <code>include virtual</code>, as
-      shown here:</p>
-
-      <div class="example"><p><code>
-        &lt;!--#include virtual="/cgi-bin/example.cgi?argument=value" --&gt;
-      </code></p></div>
-      </dd>
-
-      <dt><code>cmd</code></dt>
-      <dd><p>The server will execute the given string using
-      <code>/bin/sh</code>. The <a href="#includevars">include variables</a> are available to the command, in addition
-      to the usual set of CGI variables.</p>
-
-      <p>The use of <code><a href="#includevirtual">#include virtual</a></code> is almost always prefered to using
-      either <code>#exec cgi</code> or <code>#exec cmd</code>. The former
-      (<code>#include virtual</code>) uses the standard Apache sub-request
-      mechanism to include files or scripts. It is much better tested and
-      maintained.</p>
-
-      <p>In addition, on some platforms, like Win32, and on unix when
-      using <a href="../suexec.html">suexec</a>, you cannot pass arguments
-      to a command in an <code>exec</code> directive, or otherwise include
-      spaces in the command. Thus, while the following will work under a
-      non-suexec configuration on unix, it will not produce the desired
-      result under Win32, or when running suexec:</p>
-
-      <div class="example"><p><code>
-        &lt;!--#exec cmd="perl /path/to/perlscript arg1 arg2" --&gt;
-      </code></p></div>
-      </dd>
-      </dl>
-     
-
-    <h3><a name="element.fsize" id="element.fsize">The fsize Element</a></h3>
-      <p>This command prints the size of the specified file, subject
-      to the <code>sizefmt</code> format specification. Attributes:</p>
-
-      <dl>
-      <dt><code>file</code></dt>
-      <dd>The value is a path relative to the directory
-      containing the current document being parsed.
-
-    <div class="example"><p><code>
-        This file is &lt;!--#fsize file="mod_include.html" --&gt; bytes.
-    </code></p></div>
-
-    The value of <code>file</code> cannot start with a slash
-    (<code>/</code>), nor can it contain <code>../</code> so as to 
-    refer to a file above the current directory or outside of the
-    document root. Attempting to so will result in the error message:
-    <code>The given path was above the root path</code>.
-      </dd>
-
-      <dt><code>virtual</code></dt>
-      <dd>The value is a (%-encoded) URL-path. If it does not begin with
-      a slash (/) then it is taken to be relative to the current document.
-      Note, that this does <em>not</em> print the size of any CGI output,
-      but the size of the CGI script itself.</dd>
-      </dl>
-
-    <div class="example"><p><code>
-        This file is &lt;!--#fsize virtual="/docs/mod/mod_include.html" --&gt; bytes.
-    </code></p></div>
-
-      <p>Note that in many cases these two are exactly the same thing.
-      However, the <code>file</code> attribute doesn't respect URL-space
-      aliases.</p>
-     
-
-    <h3><a name="element.flastmod" id="element.flastmod">The flastmod Element</a></h3>
-      <p>This command prints the last modification date of the
-      specified file, subject to the <code>timefmt</code> format
-      specification. The attributes are the same as for the
-      <code><a href="#element.fsize">fsize</a></code> command.</p>
-     
-
-    <h3><a name="element.include" id="element.include">The include Element</a></h3>
-      <p>This command inserts the text of another document or file
-      into the parsed file. Any included file is subject to the usual
-      access control. If the directory containing the parsed file has
-      <a href="core.html#options">Options</a>
-      <code>IncludesNOEXEC</code> set, then only documents with a text
-      <a class="glossarylink" href="../glossary.html#mime-type" title="see glossary">MIME-type</a> (<code>text/plain</code>,
-      <code>text/html</code> etc.) will be included. Otherwise CGI
-      scripts are invoked as normal using the complete URL given in
-      the command, including any query string.</p>
-
-      <p>An attribute defines the location of the document, and may
-      appear more than once in an include element; an inclusion is
-      done for each attribute given to the include command in turn.
-      The valid attributes are:</p>
-
-      <dl>
-      <dt><code>file</code></dt>
-      <dd>The value is a path relative to the directory
-      containing the current document being parsed. It cannot
-      contain <code>../</code>, nor can it be an absolute path.
-      Therefore, you cannot include files that are outside of the
-      document root, or above the current document in the directory
-      structure. The <code>virtual</code> attribute should always be
-      used in preference to this one.</dd>
-
-      <dt><code><a id="includevirtual" name="includevirtual">virtual</a></code></dt>
-      <dd><p>The value is a (%-encoded) URL-path. The URL cannot contain a
-      scheme or hostname, only a path and an optional query string. If it
-      does not begin with a slash (/) then it is taken to be relative to the
-      current document.</p>
-
-      <p>A URL is constructed from the attribute, and the output the
-      server would return if the URL were accessed by the client is
-      included in the parsed output. Thus included files can be nested.</p>
-
-      <p>If the specified URL is a CGI program, the program will be
-      executed and its output inserted in place of the directive in the
-      parsed file. You may include a query string in a CGI url:</p>
-
-      <div class="example"><p><code>
-        &lt;!--#include virtual="/cgi-bin/example.cgi?argument=value" --&gt;
-      </code></p></div>
-
-      <p><code>include virtual</code> should be used in preference
-      to <code>exec cgi</code> to include the output of CGI programs
-      into an HTML document.</p>
-
-      <p>If the <code class="directive"><a href="../mod/mod_request.html#keptbodysize">KeptBodySize</a></code>
-      directive is correctly configured and valid for this included
-      file, attempts to POST requests to the enclosing HTML document
-      will be passed through to subrequests as POST requests as well.
-      Without the directive, all subrequests are processed as GET
-      requests.</p>
-
-      </dd>
-
-      <dt><code>onerror</code></dt>
-      <dd><p>The value is a (%-encoded) URL-path which is shown should a
-      previous attempt to include a file or virtual attribute failed.
-      To be effective, this attribute must be specified after the
-      file or virtual attributes being covered. If the attempt to
-      include the onerror path fails, or if onerror is not specified, the
-      default error message will be included.</p>
-
-      <div class="example"><p><code>
-        # Simple example<br />
-        &lt;!--#include virtual="/not-exist.html" onerror="/error.html" --&gt;
-      </code></p></div>
-
-      <div class="example"><p><code>
-        # Dedicated onerror paths<br />
-        &lt;!--#include virtual="/path-a.html" onerror="/error-a.html" virtual="/path-b.html" onerror="/error-b.html" --&gt;
-      </code></p></div>
-
-      </dd>
-      </dl>
-     
-
-    <h3><a name="element.printenv" id="element.printenv">The printenv Element</a></h3>
-      <p>This prints out a plain text listing of all existing variables and
-      their values. Special characters are entity encoded (see the <code><a href="#element.echo">echo</a></code> element for details)
-      before being output. There are no attributes.</p>
-
-      <div class="example"><h3>Example</h3><p><code>
-        &lt;pre&gt;
-          &lt;!--#printenv --&gt;
-        &lt;/pre&gt;
-      </code></p></div>
-     
-
-    <h3><a name="element.set" id="element.set">The set Element</a></h3>
-      <p>This sets the value of a variable. Attributes:</p>
-
-      <dl>
-      <dt><code>var</code></dt>
-      <dd>The name of the variable to set.</dd>
-
-      <dt><code>value</code></dt>
-      <dd>The value to give a variable.</dd>
-
-      <dt><code>decoding</code></dt>
-      <dd><p>Specifies whether Apache should strip an encoding from
-      the variable before processing the variable further. The default
-      is <code>none</code>, where no decoding will be done. If set to
-      <code>url</code>, <code>urlencoded</code>, <code>base64</code>
-      or <code>entity</code>, URL decoding,
-      application/x-www-form-urlencoded decoding, base64 decoding or HTML
-      entity decoding will be performed respectively. More than one
-      decoding can be specified by separating with commas. The decoding
-      setting will remain in effect until the next decoding attribute
-      is encountered, or the element ends. The <code>decoding</code>
-      attribute must <em>precede</em> the corresponding
-      <code>var</code> attribute to be effective.</p>
-      </dd>
-
-      <dt><code>encoding</code></dt>
-      <dd><p>Specifies how Apache should encode special characters
-      contained in the variable before setting them. The default is
-      <code>none</code>, where no encoding will be done. If set to
-      <code>url</code>, <code>urlencoding</code>, <code>base64</code>
-      or <code>entity</code>, URL encoding,
-      application/x-www-form-urlencoded encoding, base64 encoding or
-      HTML entity encoding will be performed respectively. More than
-      one encoding can be specified by separating with commas. The
-      encoding setting will remain in effect until the next encoding
-      attribute is encountered, or the element ends. The
-      <code>encoding</code> attribute must <em>precede</em> the
-      corresponding <code>var</code> attribute to be effective.
-      Encodings are applied after all decodings have been
-      stripped.</p>
-      </dd>
-      </dl>
+      contained in the variable before setting them. The default is
+      <code>none</code>, where no encoding will be done. If set to
+      <code>url</code>, <code>urlencoding</code>, <code>base64</code>
+      or <code>entity</code>, URL encoding,
+      application/x-www-form-urlencoded encoding, base64 encoding or
+      HTML entity encoding will be performed respectively. More than
+      one encoding can be specified by separating with commas. The
+      encoding setting will remain in effect until the next encoding
+      attribute is encountered, or the element ends. The
+      <code>encoding</code> attribute must <em>precede</em> the
+      corresponding <code>var</code> attribute to be effective.
+      Encodings are applied after all decodings have been
+      stripped.</p>
+      </dd>
+      </dl>
 
       <div class="example"><h3>Example</h3><p><code>
         &lt;!--#set var="category" value="help" --&gt;
@@ -1081,6 +803,284 @@ AddOutputFilter INCLUDES .shtml</pre>
      be escaped.  This is regardless of their meaning to the regex engine.</p>
     </div>
 
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="SSIEndTag" id="SSIEndTag">SSIEndTag</a> <a name="ssiendtag" id="ssiendtag">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>String that ends an include element</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSIEndTag <var>tag</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SSIEndTag "--&gt;"</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
+</table>
+    <p>This directive changes the string that <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>
+    looks for to mark the end of an include element.</p>
+
+    <pre class="prettyprint lang-config">SSIEndTag "%&gt;"</pre>
+
+
+
+<h3>See also</h3>
+<ul>
+<li><code class="directive"><a href="#ssistarttag">SSIStartTag</a></code></li>
+</ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="SSIErrorMsg" id="SSIErrorMsg">SSIErrorMsg</a> <a name="ssierrormsg" id="ssierrormsg">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Error message displayed when there is an SSI
+error</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSIErrorMsg <var>message</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SSIErrorMsg "[an error occurred while processing this
+directive]"</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
+</table>
+    <p>The <code class="directive">SSIErrorMsg</code> directive changes the error
+    message displayed when <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> encounters an
+    error. For production servers you may consider changing the default
+    error message to <code>"&lt;!-- Error --&gt;"</code> so that
+    the message is not presented to the user.</p>
+
+    <p>This directive has the same effect as the <code>&lt;!--#config
+    errmsg=<var>message</var> --&gt;</code> element.</p>
+
+    <pre class="prettyprint lang-config">SSIErrorMsg "&lt;!-- Error --&gt;"</pre>
+
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="SSIETag" id="SSIETag">SSIETag</a> <a name="ssietag" id="ssietag">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Controls whether ETags are generated by the server.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSIETag on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SSIETag off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.2.15 and later.</td></tr>
+</table>
+      <p>Under normal circumstances, a file filtered by <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>
+        may contain elements that are either dynamically generated, or that may
+        have changed independently of the original file. As a result, by default
+        the server is asked not to generate an <code>ETag</code> header for the
+        response by adding <code>no-etag</code> to the request notes.</p>
+
+      <p>The <code class="directive">SSIETag</code> directive suppresses this
+        behaviour, and allows the server to generate an <code>ETag</code> header.
+        This can be used to enable caching of the output. Note that a backend server
+        or dynamic content generator may generate an ETag of its own, ignoring
+        <code>no-etag</code>, and this ETag will be passed by
+        <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> regardless of the value of this setting.
+        <code class="directive">SSIETag</code> can take on the following values:</p>
+
+      <dl>
+
+        <dt><code>off</code></dt>
+        <dd><code>no-etag</code> will be added to the request notes, and the server
+          is asked not to generate an ETag. Where a server ignores the value of
+          <code>no-etag</code> and generates an ETag anyway, the ETag will be
+          respected.</dd>
+
+        <dt><code>on</code></dt>
+        <dd>Existing ETags will be respected, and ETags generated by the server will
+          be passed on in the response.</dd>
+
+      </dl>
+
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="SSILastModified" id="SSILastModified">SSILastModified</a> <a name="ssilastmodified" id="ssilastmodified">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Controls whether <code>Last-Modified</code> headers are generated by the
+server.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSILastModified on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SSILastModified off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.2.15 and later.</td></tr>
+</table>
+      <p>Under normal circumstances, a file filtered by <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>
+        may contain elements that are either dynamically generated, or that may
+        have changed independently of the original file. As a result, by default
+        the <code>Last-Modified</code> header is stripped from the response.</p>
+
+      <p>The <code class="directive">SSILastModified</code> directive overrides this
+        behaviour, and allows the <code>Last-Modified</code> header to be respected
+        if already present, or set if the header is not already present. This can
+        be used to enable caching of the output. <code class="directive">SSILastModified</code>
+        can take on the following values:</p>
+
+      <dl>
+
+        <dt><code>off</code></dt>
+        <dd>The <code>Last-Modified</code> header will be stripped from responses,
+          unless the <code class="directive"><a href="#xbithack">XBitHack</a></code> directive
+          is set to <code>full</code> as described below.</dd>
+
+        <dt><code>on</code></dt>
+        <dd>The <code>Last-Modified</code> header will be respected if already
+          present in a response, and added to the response if the response is a
+          file and the header is missing. The
+          <code class="directive"><a href="#ssilastmodified">SSILastModified</a></code> directive
+          takes precedence over <code class="directive"><a href="#xbithack">XBitHack</a></code>.</dd>
+
+      </dl>
+
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="SSILegacyExprParser" id="SSILegacyExprParser">SSILegacyExprParser</a> <a name="ssilegacyexprparser" id="ssilegacyexprparser">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable compatibility mode for conditional expressions.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSILegacyExprParser on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SSILegacyExprParser off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.13 and later.</td></tr>
+</table>
+    <p>As of version 2.3.13, <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> has switched to the
+    new <a href="../expr.html">ap_expr</a> syntax for conditional expressions
+    in <code>#if</code> flow control elements.  This directive allows to
+    switch to the <a href="#legacyexpr">old syntax</a> which is compatible
+    with Apache HTTPD version 2.2.x and earlier.
+    </p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="SSIStartTag" id="SSIStartTag">SSIStartTag</a> <a name="ssistarttag" id="ssistarttag">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>String that starts an include element</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSIStartTag <var>tag</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SSIStartTag "&lt;!--#"</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
+</table>
+    <p>This directive changes the string that <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>
+    looks for to mark an include element to process.</p>
+
+    <p>You may want to use this option if you have 2 servers parsing the
+    output of a file each processing different commands (possibly at
+    different times).</p>
+
+    <pre class="prettyprint lang-config">      SSIStartTag "&lt;%"<br />
+      SSIEndTag   "%&gt;"</pre>
+
+
+    <p>The example given above, which also specifies a matching
+    <code class="directive"><a href="#ssiendtag">SSIEndTag</a></code>, will
+    allow you to use SSI directives as shown in the example
+    below:</p>
+
+    <div class="example"><h3>SSI directives with alternate start and end tags</h3><p><code>
+      &lt;%printenv %&gt;
+    </code></p></div>
+
+<h3>See also</h3>
+<ul>
+<li><code class="directive"><a href="#ssiendtag">SSIEndTag</a></code></li>
+</ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="SSITimeFormat" id="SSITimeFormat">SSITimeFormat</a> <a name="ssitimeformat" id="ssitimeformat">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Configures the format in which date strings are
+displayed</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSITimeFormat <var>formatstring</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SSITimeFormat "%A, %d-%b-%Y %H:%M:%S %Z"</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
+</table>
+<p>This directive changes the format in which date strings are displayed
+    when echoing <code>DATE</code> environment variables. The
+    <var>formatstring</var> is as in <code>strftime(3)</code> from the
+    C standard library.</p>
+
+    <p>This directive has the same effect as the <code>&lt;!--#config
+    timefmt=<var>formatstring</var> --&gt;</code> element.</p>
+
+    <pre class="prettyprint lang-config">SSITimeFormat "%R, %B %d, %Y"</pre>
+
+
+    <p>The above directive would cause times to be displayed in the
+    format "22:26, June 14, 2002".</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="SSIUndefinedEcho" id="SSIUndefinedEcho">SSIUndefinedEcho</a> <a name="ssiundefinedecho" id="ssiundefinedecho">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>String displayed when an unset variable is echoed</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSIUndefinedEcho <var>string</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SSIUndefinedEcho "(none)"</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
+</table>
+    <p>This directive changes the string that <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>
+    displays when a variable is not set and "echoed".</p>
+
+    <pre class="prettyprint lang-config">SSIUndefinedEcho "&lt;!-- undef --&gt;"</pre>
+
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="XBitHack" id="XBitHack">XBitHack</a> <a name="xbithack" id="xbithack">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Parse SSI directives in files with the execute bit
+set</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>XBitHack on|off|full</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>XBitHack off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>Options</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_include</td></tr>
+</table>
+    <p>The <code class="directive">XBitHack</code> directive controls the parsing
+    of ordinary html documents. This directive only affects files associated
+    with the <a class="glossarylink" href="../glossary.html#mime-type" title="see glossary">MIME-type</a> <code>text/html</code>. <code class="directive">XBitHack</code> can take on the following values:</p>
+
+    <dl>
+      <dt><code>off</code></dt>
+      <dd>No special treatment of executable files.</dd>
+
+      <dt><code>on</code></dt>
+      <dd>Any <code>text/html</code> file that has the user-execute bit
+      set will be treated as a server-parsed html document.</dd>
+
+      <dt><code>full</code></dt>
+      <dd>As for <code>on</code> but also test the group-execute bit.
+      If it is set, then set the <code>Last-modified</code> date of the
+      returned file to be the last modified time of the file. If
+      it is not set, then no last-modified date is sent. Setting
+      this bit allows clients and proxies to cache the result of
+      the request.
+
+      <div class="note"><h3>Note</h3>
+      <p>You would not want to use the full option, unless you assure the
+      group-execute bit is unset for every SSI script which might <code>#include</code> a CGI or otherwise produces different output on
+      each hit (or could potentially change on subsequent requests).</p>
+
+      <p>The <code class="directive"><a href="#ssilastmodified">SSILastModified</a></code>
+      directive takes precedence over the
+      <code class="directive"><a href="#xbithack">XBitHack</a></code> directive when
+      <code class="directive"><a href="#ssilastmodified">SSILastModified</a></code> is set to
+      <code>on</code>.</p>
+      </div>
+
+      </dd>
+    </dl>
+
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_info.html.en b/docs/manual/mod/mod_info.html.en
index 79b5b0a86c..1da505339f 100644
--- a/docs/manual/mod/mod_info.html.en
+++ b/docs/manual/mod/mod_info.html.en
@@ -58,37 +58,17 @@ configuration</td></tr>
     <p>Once configured, the server information is obtained by
     accessing <code>http://your.host.example.com/server-info</code></p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#addmoduleinfo">AddModuleInfo</a></li>
-</ul>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#security">Security Issues</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#queries">Selecting the information shown</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#startup">Dumping the configuration on startup</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#limitations">Known Limitations</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="AddModuleInfo" id="AddModuleInfo">AddModuleInfo</a> <a name="addmoduleinfo" id="addmoduleinfo">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Adds additional information to the module
-information displayed by the server-info handler</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AddModuleInfo <var>module-name</var> <var>string</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_info</td></tr>
-</table>
-    <p>This allows the content of <var>string</var> to be shown as
-    HTML interpreted, <strong>Additional Information</strong> for
-    the module <var>module-name</var>. Example:</p>
-
-    <pre class="prettyprint lang-config">AddModuleInfo mod_deflate.c 'See &lt;a \
-    href="http://httpd.apache.org/docs/2.4/mod/mod_deflate.html"&gt;\
-    http://httpd.apache.org/docs/2.4/mod/mod_deflate.html&lt;/a&gt;'</pre>
-
-
-</div>
+</ul><h3 class="directives">Directives</h3>
+<ul id="toc">
+<li><img alt="" src="../images/down.gif" /> <a href="#addmoduleinfo">AddModuleInfo</a></li>
+</ul>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="security" id="security">Security Issues</a></h2>
@@ -187,6 +167,26 @@ information displayed by the server-info handler</td></tr>
       <li>Directives generated by third party modules such as <a href="http://perl.apache.org">mod_perl</a>
           might not be listed.</li>
     </ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="AddModuleInfo" id="AddModuleInfo">AddModuleInfo</a> <a name="addmoduleinfo" id="addmoduleinfo">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Adds additional information to the module
+information displayed by the server-info handler</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AddModuleInfo <var>module-name</var> <var>string</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_info</td></tr>
+</table>
+    <p>This allows the content of <var>string</var> to be shown as
+    HTML interpreted, <strong>Additional Information</strong> for
+    the module <var>module-name</var>. Example:</p>
+
+    <pre class="prettyprint lang-config">AddModuleInfo mod_deflate.c 'See &lt;a \
+    href="http://httpd.apache.org/docs/2.4/mod/mod_deflate.html"&gt;\
+    http://httpd.apache.org/docs/2.4/mod/mod_deflate.html&lt;/a&gt;'</pre>
+
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_isapi.html.en b/docs/manual/mod/mod_isapi.html.en
index 5ec80d1684..d2225ceb97 100644
--- a/docs/manual/mod/mod_isapi.html.en
+++ b/docs/manual/mod/mod_isapi.html.en
@@ -47,7 +47,12 @@
     extension. <strong>Please <em>do not</em> post such problems to
     Apache's lists or bug reporting pages.</strong></p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#usage">Usage</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#notes">Additional Notes</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#journal">Programmer's Journal</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#isapiappendlogtoerrors">ISAPIAppendLogToErrors</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#isapiappendlogtoquery">ISAPIAppendLogToQuery</a></li>
@@ -56,115 +61,7 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#isapilognotsupported">ISAPILogNotSupported</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#isapireadaheadbuffer">ISAPIReadAheadBuffer</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#usage">Usage</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#notes">Additional Notes</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#journal">Programmer's Journal</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ISAPIAppendLogToErrors" id="ISAPIAppendLogToErrors">ISAPIAppendLogToErrors</a> <a name="isapiappendlogtoerrors" id="isapiappendlogtoerrors">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Record <code>HSE_APPEND_LOG_PARAMETER</code> requests from
-ISAPI extensions to the error log</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ISAPIAppendLogToErrors on|off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ISAPIAppendLogToErrors off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_isapi</td></tr>
-</table>
-    <p>Record <code>HSE_APPEND_LOG_PARAMETER</code> requests from ISAPI
-    extensions to the server error log.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ISAPIAppendLogToQuery" id="ISAPIAppendLogToQuery">ISAPIAppendLogToQuery</a> <a name="isapiappendlogtoquery" id="isapiappendlogtoquery">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Record <code>HSE_APPEND_LOG_PARAMETER</code> requests from
-ISAPI extensions to the query field</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ISAPIAppendLogToQuery on|off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ISAPIAppendLogToQuery on</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_isapi</td></tr>
-</table>
-    <p>Record <code>HSE_APPEND_LOG_PARAMETER</code> requests from ISAPI
-    extensions to the query field (appended to the <code class="directive"><a href="../mod/mod_log_config.html#customlog">CustomLog</a></code> <code>%q</code>
-    component).</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ISAPICacheFile" id="ISAPICacheFile">ISAPICacheFile</a> <a name="isapicachefile" id="isapicachefile">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>ISAPI .dll files to be loaded at startup</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ISAPICacheFile <var>file-path</var> [<var>file-path</var>]
-...</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_isapi</td></tr>
-</table>
-    <p>Specifies a space-separated list of file names to be loaded
-    when the Apache server is launched, and remain loaded until the
-    server is shut down. This directive may be repeated for every
-    ISAPI .dll file desired. The full path name of each file should
-    be specified. If the path name is not absolute, it will be treated
-    relative to <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ISAPIFakeAsync" id="ISAPIFakeAsync">ISAPIFakeAsync</a> <a name="isapifakeasync" id="isapifakeasync">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Fake asynchronous support for ISAPI callbacks</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ISAPIFakeAsync on|off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ISAPIFakeAsync off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_isapi</td></tr>
-</table>
-    <p>While set to on, asynchronous support for ISAPI callbacks is
-    simulated.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ISAPILogNotSupported" id="ISAPILogNotSupported">ISAPILogNotSupported</a> <a name="isapilognotsupported" id="isapilognotsupported">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Log unsupported feature requests from ISAPI
-extensions</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ISAPILogNotSupported on|off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ISAPILogNotSupported off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_isapi</td></tr>
-</table>
-    <p>Logs all requests for unsupported features from ISAPI
-    extensions in the server error log. This may help administrators
-    to track down problems. Once set to on and all desired ISAPI modules
-    are functioning, it should be set back to off.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ISAPIReadAheadBuffer" id="ISAPIReadAheadBuffer">ISAPIReadAheadBuffer</a> <a name="isapireadaheadbuffer" id="isapireadaheadbuffer">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Size of the Read Ahead Buffer sent to ISAPI
-extensions</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ISAPIReadAheadBuffer <var>size</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ISAPIReadAheadBuffer 49152</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_isapi</td></tr>
-</table>
-    <p>Defines the maximum size of the Read Ahead Buffer sent to
-    ISAPI extensions when they are initially invoked. All remaining
-    data must be retrieved using the <code>ReadClient</code> callback; some
-    ISAPI extensions may not support the <code>ReadClient</code> function.
-    Refer questions to the ISAPI extension's author.</p>
-
-</div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="usage" id="usage">Usage</a></h2>
@@ -335,6 +232,109 @@ extensions</td></tr>
     <code>TransmitFile</code> semantics. Apache httpd also supports preloading
     ISAPI .dlls for performance.</p>
 </div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ISAPIAppendLogToErrors" id="ISAPIAppendLogToErrors">ISAPIAppendLogToErrors</a> <a name="isapiappendlogtoerrors" id="isapiappendlogtoerrors">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Record <code>HSE_APPEND_LOG_PARAMETER</code> requests from
+ISAPI extensions to the error log</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ISAPIAppendLogToErrors on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ISAPIAppendLogToErrors off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_isapi</td></tr>
+</table>
+    <p>Record <code>HSE_APPEND_LOG_PARAMETER</code> requests from ISAPI
+    extensions to the server error log.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ISAPIAppendLogToQuery" id="ISAPIAppendLogToQuery">ISAPIAppendLogToQuery</a> <a name="isapiappendlogtoquery" id="isapiappendlogtoquery">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Record <code>HSE_APPEND_LOG_PARAMETER</code> requests from
+ISAPI extensions to the query field</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ISAPIAppendLogToQuery on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ISAPIAppendLogToQuery on</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_isapi</td></tr>
+</table>
+    <p>Record <code>HSE_APPEND_LOG_PARAMETER</code> requests from ISAPI
+    extensions to the query field (appended to the <code class="directive"><a href="../mod/mod_log_config.html#customlog">CustomLog</a></code> <code>%q</code>
+    component).</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ISAPICacheFile" id="ISAPICacheFile">ISAPICacheFile</a> <a name="isapicachefile" id="isapicachefile">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>ISAPI .dll files to be loaded at startup</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ISAPICacheFile <var>file-path</var> [<var>file-path</var>]
+...</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_isapi</td></tr>
+</table>
+    <p>Specifies a space-separated list of file names to be loaded
+    when the Apache server is launched, and remain loaded until the
+    server is shut down. This directive may be repeated for every
+    ISAPI .dll file desired. The full path name of each file should
+    be specified. If the path name is not absolute, it will be treated
+    relative to <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ISAPIFakeAsync" id="ISAPIFakeAsync">ISAPIFakeAsync</a> <a name="isapifakeasync" id="isapifakeasync">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Fake asynchronous support for ISAPI callbacks</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ISAPIFakeAsync on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ISAPIFakeAsync off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_isapi</td></tr>
+</table>
+    <p>While set to on, asynchronous support for ISAPI callbacks is
+    simulated.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ISAPILogNotSupported" id="ISAPILogNotSupported">ISAPILogNotSupported</a> <a name="isapilognotsupported" id="isapilognotsupported">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Log unsupported feature requests from ISAPI
+extensions</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ISAPILogNotSupported on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ISAPILogNotSupported off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_isapi</td></tr>
+</table>
+    <p>Logs all requests for unsupported features from ISAPI
+    extensions in the server error log. This may help administrators
+    to track down problems. Once set to on and all desired ISAPI modules
+    are functioning, it should be set back to off.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ISAPIReadAheadBuffer" id="ISAPIReadAheadBuffer">ISAPIReadAheadBuffer</a> <a name="isapireadaheadbuffer" id="isapireadaheadbuffer">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Size of the Read Ahead Buffer sent to ISAPI
+extensions</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ISAPIReadAheadBuffer <var>size</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ISAPIReadAheadBuffer 49152</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_isapi</td></tr>
+</table>
+    <p>Defines the maximum size of the Read Ahead Buffer sent to
+    ISAPI extensions when they are initially invoked. All remaining
+    data must be retrieved using the <code>ReadClient</code> callback; some
+    ISAPI extensions may not support the <code>ReadClient</code> function.
+    Refer questions to the ISAPI extension's author.</p>
+
+</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_isapi.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_lbmethod_bybusyness.html.en b/docs/manual/mod/mod_lbmethod_bybusyness.html.en
index c195bee6e0..79dc1d2846 100644
--- a/docs/manual/mod/mod_lbmethod_bybusyness.html.en
+++ b/docs/manual/mod/mod_lbmethod_bybusyness.html.en
@@ -38,13 +38,13 @@
 It requires the services of <code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code>, and
 provides the <code>bybusyness</code> load balancing method.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<p>This module provides no
-            directives.</p>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#busyness">Pending Request Counting Algorithm</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<p>This module provides no
+            directives.</p>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code></li>
 <li><code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code></li>
diff --git a/docs/manual/mod/mod_lbmethod_byrequests.html.en b/docs/manual/mod/mod_lbmethod_byrequests.html.en
index 8a868f31e2..8bb9ae6559 100644
--- a/docs/manual/mod/mod_lbmethod_byrequests.html.en
+++ b/docs/manual/mod/mod_lbmethod_byrequests.html.en
@@ -38,13 +38,13 @@
 It requires the services of <code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code>, and
 provides the <code>byrequests</code> load balancing method..</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<p>This module provides no
-            directives.</p>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#requests">Request Counting Algorithm</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<p>This module provides no
+            directives.</p>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code></li>
 <li><code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code></li>
diff --git a/docs/manual/mod/mod_lbmethod_bytraffic.html.en b/docs/manual/mod/mod_lbmethod_bytraffic.html.en
index 122ffe0862..b8764b5cf2 100644
--- a/docs/manual/mod/mod_lbmethod_bytraffic.html.en
+++ b/docs/manual/mod/mod_lbmethod_bytraffic.html.en
@@ -38,13 +38,13 @@
 It requires the services of <code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code>, and
 provides the <code>bytraffic</code> load balancing method..</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<p>This module provides no
-            directives.</p>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#traffic">Weighted Traffic Counting Algorithm</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<p>This module provides no
+            directives.</p>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code></li>
 <li><code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code></li>
diff --git a/docs/manual/mod/mod_lbmethod_heartbeat.html.en b/docs/manual/mod/mod_lbmethod_heartbeat.html.en
index 80ec10490e..83c839e4c1 100644
--- a/docs/manual/mod/mod_lbmethod_heartbeat.html.en
+++ b/docs/manual/mod/mod_lbmethod_heartbeat.html.en
@@ -53,6 +53,7 @@ assumption that they are not fully initialized.</p>
 <li><code class="module"><a href="../mod/mod_heartbeat.html">mod_heartbeat</a></code></li>
 <li><code class="module"><a href="../mod/mod_heartmonitor.html">mod_heartmonitor</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="HeartbeatStorage" id="HeartbeatStorage">HeartbeatStorage</a> <a name="heartbeatstorage" id="heartbeatstorage">Directive</a></h2>
 <table class="directive">
@@ -68,7 +69,6 @@ assumption that they are not fully initialized.</p>
     <code class="module"><a href="../mod/mod_slotmem_shm.html">mod_slotmem_shm</a></code> is not loaded.</p>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_lbmethod_heartbeat.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_ldap.html.en b/docs/manual/mod/mod_ldap.html.en
index 8136f64d27..b42bd36c89 100644
--- a/docs/manual/mod/mod_ldap.html.en
+++ b/docs/manual/mod/mod_ldap.html.en
@@ -55,7 +55,14 @@ by other LDAP modules</td></tr>
     website for details.</p>
 
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#exampleconfig">Example Configuration</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#pool">LDAP Connection Pool</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#cache">LDAP Cache</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#usingssltls">Using SSL/TLS</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#settingcerts">SSL/TLS Certificates</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#ldapcacheentries">LDAPCacheEntries</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#ldapcachettl">LDAPCacheTTL</a></li>
@@ -76,537 +83,115 @@ by other LDAP modules</td></tr>
 <li><img alt="" src="../images/down.gif" /> <a href="#ldaptrustedmode">LDAPTrustedMode</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#ldapverifyservercert">LDAPVerifyServerCert</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#exampleconfig">Example Configuration</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#pool">LDAP Connection Pool</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#cache">LDAP Cache</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#usingssltls">Using SSL/TLS</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#settingcerts">SSL/TLS Certificates</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPCacheEntries" id="LDAPCacheEntries">LDAPCacheEntries</a> <a name="ldapcacheentries" id="ldapcacheentries">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maximum number of entries in the primary LDAP cache</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPCacheEntries <var>number</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPCacheEntries 1024</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-</table>
-    <p>Specifies the maximum size of the primary LDAP cache. This
-    cache contains successful search/binds. Set it to 0 to turn off
-    search/bind caching. The default size is 1024 cached
-    searches.</p>
+<div class="section">
+<h2><a name="exampleconfig" id="exampleconfig">Example Configuration</a></h2>
+    <p>The following is an example configuration that uses
+    <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> to increase the performance of HTTP Basic
+    authentication provided by <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code>.</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPCacheTTL" id="LDAPCacheTTL">LDAPCacheTTL</a> <a name="ldapcachettl" id="ldapcachettl">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Time that cached items remain valid</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPCacheTTL <var>seconds</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPCacheTTL 600</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-</table>
-    <p>Specifies the time (in seconds) that an item in the
-    search/bind cache remains valid. The default is 600 seconds (10
-    minutes).</p>
+    <pre class="prettyprint lang-config"># Enable the LDAP connection pool and shared
+# memory cache. Enable the LDAP cache status
+# handler. Requires that mod_ldap and mod_authnz_ldap
+# be loaded. Change the "yourdomain.example.com" to
+# match your domain.
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPConnectionPoolTTL" id="LDAPConnectionPoolTTL">LDAPConnectionPoolTTL</a> <a name="ldapconnectionpoolttl" id="ldapconnectionpoolttl">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Discard backend connections that have been sitting in the connection pool too long</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPConnectionPoolTTL <var>n</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPConnectionPoolTTL -1</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Apache HTTP Server 2.3.12 and later</td></tr>
-</table>
-    <p>Specifies the maximum age, in seconds, that a pooled LDAP connection can remain idle
-    and still be available for use.  Connections are cleaned up when they are next needed,
-    not asynchronously.</p>
+LDAPSharedCacheSize 500000
+LDAPCacheEntries 1024
+LDAPCacheTTL 600
+LDAPOpCacheEntries 1024
+LDAPOpCacheTTL 600
 
-    <p>A setting of 0 causes connections to never be saved in the backend
-    connection pool.  The default value of -1, and any other negative value,
-    allows connections of any age to be reused.</p>
+&lt;Location "/ldap-status"&gt;
+    SetHandler ldap-status
 
-    <p>For performance reasons, the reference time used by this directive is 
-    based on when the LDAP connection is returned to the pool, not the time
-    of the last successful I/O with the LDAP server.  </p>
+    Require host yourdomain.example.com
 
-    <p>Since 2.4.10, new measures are in place to avoid the reference time
-    from being inflated by cache hits or slow requests.  First, the reference
-    time is not updated if no backend LDAP conncetions were needed. Second,
-    the reference time uses the time the HTTP request was received instead
-    of the time the request is completed.</p>
-    
-    <div class="note"><p>This timeout defaults to units of seconds, but accepts
-    suffixes for milliseconds (ms), minutes (min), and hours (h).
-    </p></div>
+    Satisfy any
+    AuthType Basic
+    AuthName "LDAP Protected"
+    AuthBasicProvider ldap
+    AuthLDAPURL "ldap://127.0.0.1/dc=example,dc=com?uid?one"
+    Require valid-user
+&lt;/Location&gt;</pre>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPConnectionTimeout" id="LDAPConnectionTimeout">LDAPConnectionTimeout</a> <a name="ldapconnectiontimeout" id="ldapconnectiontimeout">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies the socket connection timeout in seconds</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPConnectionTimeout <var>seconds</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-</table>
-    <p>This directive configures the LDAP_OPT_NETWORK_TIMEOUT (or LDAP_OPT_CONNECT_TIMEOUT)
-    option in the underlying LDAP client library, when available.  This value
-    typically controls how long the LDAP client library will wait for the TCP
-    connection to the LDAP server to complete.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="pool" id="pool">LDAP Connection Pool</a></h2>
 
-    <p> If a connection is not successful with the timeout period, either an error will be
-    returned or the LDAP client library will attempt to connect to a secondary LDAP
-    server if one is specified (via a space-separated list of hostnames in the
-    <code class="directive"><a href="../mod/mod_authnz_ldap.html#authldapurl">AuthLDAPURL</a></code>).</p>
+    <p>LDAP connections are pooled from request to request. This
+    allows the LDAP server to remain connected and bound ready for
+    the next request, without the need to unbind/connect/rebind.
+    The performance advantages are similar to the effect of HTTP
+    keepalives.</p>
 
-    <p>The default is 10 seconds, if the LDAP client library linked with the
-    server supports the LDAP_OPT_NETWORK_TIMEOUT option.</p>
+    <p>On a busy server it is possible that many requests will try
+    and access the same LDAP server connection simultaneously.
+    Where an LDAP connection is in use, Apache will create a new
+    connection alongside the original one. This ensures that the
+    connection pool does not become a bottleneck.</p>
 
-    <div class="note">LDAPConnectionTimeout is only available when the LDAP client library linked
-    with the server supports the LDAP_OPT_NETWORK_TIMEOUT
-    (or LDAP_OPT_CONNECT_TIMEOUT) option, and the ultimate behavior is
-    dictated entirely by the LDAP client library.
-    </div>
+    <p>There is no need to manually enable connection pooling in
+    the Apache configuration. Any module using this module for
+    access to LDAP services will share the connection pool.</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPLibraryDebug" id="LDAPLibraryDebug">LDAPLibraryDebug</a> <a name="ldaplibrarydebug" id="ldaplibrarydebug">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable debugging in the LDAP SDK</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPLibraryDebug <var>7</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>disabled</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-</table>
-    <p>Turns on SDK-specific LDAP debug options that generally cause the LDAP
-    SDK to log verbose trace information to the main Apache error log.
-    The trace messages from the LDAP SDK provide gory details that
-    can be useful during debugging of connectivity problems with backend LDAP servers</p>
+    <p>LDAP connections can keep track of the ldap client
+    credentials used when binding to an LDAP server. These
+    credentials can be provided to LDAP servers that do not
+    allow anonymous binds during referral chasing. To control
+    this feature, see the
+    <code class="directive"><a href="#ldapreferrals">LDAPReferrals</a></code> and
+    <code class="directive"><a href="#ldapreferralhoplimit">LDAPReferralHopLimit</a></code>
+    directives. By default, this feature is enabled.</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="cache" id="cache">LDAP Cache</a></h2>
 
-    <p>This option is only configurable when Apache HTTP Server is linked with
-    an LDAP SDK that implements <code>LDAP_OPT_DEBUG</code> or
-    <code>LDAP_OPT_DEBUG_LEVEL</code>, such as OpenLDAP (a value of 7 is verbose)
-    or Tivoli Directory Server (a value of 65535 is verbose).</p>
+    <p>For improved performance, <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> uses an aggressive
+    caching strategy to minimize the number of times that the LDAP
+    server must be contacted. Caching can easily double or triple
+    the throughput of Apache when it is serving pages protected
+    with mod_authnz_ldap. In addition, the load on the LDAP server
+    will be significantly decreased.</p>
 
-    <div class="warning">
-    <p>The logged information will likely contain plaintext credentials being used or
-    validated by LDAP authentication, so care should be taken in protecting and purging
-    the error log when this directive is used.</p>
-    </div>
+    <p><code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> supports two types of LDAP caching during
+    the search/bind phase with a <em>search/bind cache</em> and
+    during the compare phase with two <em>operation
+    caches</em>. Each LDAP URL that is used by the server has
+    its own set of these three caches.</p>
 
+    <h3><a name="search-bind" id="search-bind">The Search/Bind Cache</a></h3>
+      <p>The process of doing a search and then a bind is the
+      most time-consuming aspect of LDAP operation, especially if
+      the directory is large. The search/bind cache is used to
+      cache all searches that resulted in successful binds.
+      Negative results (<em>i.e.</em>, unsuccessful searches, or searches
+      that did not result in a successful bind) are not cached.
+      The rationale behind this decision is that connections with
+      invalid credentials are only a tiny percentage of the total
+      number of connections, so by not caching invalid
+      credentials, the size of the cache is reduced.</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPOpCacheEntries" id="LDAPOpCacheEntries">LDAPOpCacheEntries</a> <a name="ldapopcacheentries" id="ldapopcacheentries">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Number of entries used to cache LDAP compare
-operations</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPOpCacheEntries <var>number</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPOpCacheEntries 1024</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-</table>
-    <p>This specifies the number of entries <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code>
-    will use to cache LDAP compare operations. The default is 1024
-    entries.  Setting it to 0 disables operation caching.</p>
+      <p><code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> stores the username, the DN
+      retrieved, the password used to bind, and the time of the bind
+      in the cache. Whenever a new connection is initiated with the
+      same username, <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> compares the password
+      of the new connection with the password in the cache. If the
+      passwords match, and if the cached entry is not too old,
+      <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> bypasses the search/bind phase.</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPOpCacheTTL" id="LDAPOpCacheTTL">LDAPOpCacheTTL</a> <a name="ldapopcachettl" id="ldapopcachettl">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Time that entries in the operation cache remain
-valid</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPOpCacheTTL <var>seconds</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPOpCacheTTL 600</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-</table>
-    <p>Specifies the time (in seconds) that entries in the
-    operation cache remain valid. The default is 600 seconds.</p>
+      <p>The search and bind cache is controlled with the <code class="directive"><a href="#ldapcacheentries">LDAPCacheEntries</a></code> and <code class="directive"><a href="#ldapcachettl">LDAPCacheTTL</a></code> directives.</p>
+    
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPReferralHopLimit" id="LDAPReferralHopLimit">LDAPReferralHopLimit</a> <a name="ldapreferralhoplimit" id="ldapreferralhoplimit">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The maximum number of referral hops to chase before terminating an LDAP query.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPReferralHopLimit <var>number</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SDK dependent, typically between 5 and 10</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-</table>
-    <p>This directive, if enabled by the <code class="directive">LDAPReferrals</code> directive,
-    limits the number of referral hops that are followed before terminating an
-    LDAP query.</p>
-
-<div class="warning">
-<p> Support for this tunable is uncommon in LDAP SDKs.</p>
-</div>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPReferrals" id="LDAPReferrals">LDAPReferrals</a> <a name="ldapreferrals" id="ldapreferrals">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable referral chasing during queries to the LDAP server.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPReferrals <var>On|Off|default</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPReferrals On</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>The <var>default</var> parameter is available in Apache 2.4.7 and later</td></tr>
-</table>
-    <p>Some LDAP servers divide their directory among multiple domains and use referrals
-    to direct a client when a domain boundary is crossed. This is similar to a HTTP redirect.
-    LDAP client libraries may or may not chase referrals by default. This directive
-    explicitly configures the referral chasing in the underlying SDK.</p>
-
-
-    <p><code class="directive">LDAPReferrals</code> takes the following values:</p>
-    <dl>
-     <dt>"on"</dt>
-     <dd> <p> When set to "on", the underlying SDK's referral chasing state
-              is enabled, <code class="directive">LDAPReferralHopLimit</code> is used to
-              override the SDK's hop limit, and an LDAP rebind callback is
-              registered.</p></dd>
-     <dt>"off"</dt>
-     <dd> <p> When set to "off", the underlying SDK's referral chasing state
-              is disabled completely.</p></dd>
-     <dt>"default"</dt>
-     <dd> <p> When set to "default", the underlying SDK's referral chasing state
-              is not changed, <code class="directive">LDAPReferralHopLimit</code> is not
-              used to overide the SDK's hop limit, and no LDAP rebind callback is
-              registered.</p></dd>
-    </dl>
-
-    <p>The directive <code class="directive">LDAPReferralHopLimit</code> works in conjunction with
-    this directive to limit the number of referral hops to follow before terminating the LDAP query.
-    When referral processing is enabled by a value of "On", client credentials will be provided,
-    via a rebind callback, for any LDAP server requiring them.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPRetries" id="LDAPRetries">LDAPRetries</a> <a name="ldapretries" id="ldapretries">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Configures the number of LDAP server retries.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPRetries <var>number-of-retries</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPRetries 3</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-</table>
-    <p>The server will retry failed LDAP requests up to
-    <code class="directive">LDAPRetries</code> times.  Setting this
-    directive to 0 disables retries.</p>
-    <p>LDAP errors such as timeouts and refused connections are retryable.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPRetryDelay" id="LDAPRetryDelay">LDAPRetryDelay</a> <a name="ldapretrydelay" id="ldapretrydelay">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Configures the delay between LDAP server retries.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPRetryDelay <var>seconds</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPRetryDelay 0</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-</table>
-    <p>If <code class="directive">LDAPRetryDelay</code> is set to a non-zero
-    value, the server will delay retrying an LDAP request for the
-    specified amount of time.  Setting this directive to 0 will
-    result in any retry to occur without delay.</p>
-
-    <p>LDAP errors such as timeouts and refused connections are retryable.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPSharedCacheFile" id="LDAPSharedCacheFile">LDAPSharedCacheFile</a> <a name="ldapsharedcachefile" id="ldapsharedcachefile">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets the shared memory cache file</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPSharedCacheFile <var>directory-path/filename</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-</table>
-    <p>Specifies the directory path and file name of the shared memory
-    cache file. If not set, anonymous shared memory will be used if the
-    platform supports it.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPSharedCacheSize" id="LDAPSharedCacheSize">LDAPSharedCacheSize</a> <a name="ldapsharedcachesize" id="ldapsharedcachesize">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Size in bytes of the shared-memory cache</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPSharedCacheSize <var>bytes</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPSharedCacheSize 500000</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-</table>
-    <p>Specifies the number of bytes to allocate for the shared
-    memory cache. The default is 500kb. If set to 0, shared memory
-    caching will not be used and every HTTPD process will create its
-    own cache.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPTimeout" id="LDAPTimeout">LDAPTimeout</a> <a name="ldaptimeout" id="ldaptimeout">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies the timeout for LDAP search and bind operations, in seconds</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPTimeout <var>seconds</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPTimeout 60</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Apache HTTP Server 2.3.5 and later</td></tr>
-</table>
-    <p>This directive configures the timeout for bind and search operations, as well as
-    the LDAP_OPT_TIMEOUT option in the underlying LDAP client library, when available.</p>
-
-    <p> If the timeout expires, httpd will retry in case an existing connection has
-    been silently dropped by a firewall. However, performance will be much better if
-    the firewall is configured to send TCP RST packets instead of silently dropping
-    packets.</p>
-
-    <div class="note">
-    <p>Timeouts for ldap compare operations requires an SDK with LDAP_OPT_TIMEOUT, such as OpenLDAP &gt;= 2.4.4.</p>
-    </div>
-
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPTrustedClientCert" id="LDAPTrustedClientCert">LDAPTrustedClientCert</a> <a name="ldaptrustedclientcert" id="ldaptrustedclientcert">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets the file containing or nickname referring to a per
-connection client certificate. Not all LDAP toolkits support per
-connection client certificates.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPTrustedClientCert <var>type</var> <var>directory-path/filename/nickname</var> <var>[password]</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-</table>
-    <p>It specifies the directory path, file name or nickname of a
-    per connection client certificate used when establishing an SSL
-    or TLS connection to an LDAP server. Different locations or
-    directories may have their own independent client certificate
-    settings. Some LDAP toolkits (notably Novell)
-    do not support per connection client certificates, and will throw an
-    error on LDAP server connection if you try to use this directive
-    (Use the LDAPTrustedGlobalCert directive instead for Novell client
-    certificates - See the SSL/TLS certificate guide above for details).
-    The type specifies the kind of certificate parameter being
-    set, depending on the LDAP toolkit being used. Supported types are:</p>
-    <ul>
-      <li>CA_DER - binary DER encoded CA certificate</li>
-      <li>CA_BASE64 - PEM encoded CA certificate</li>
-      <li>CERT_DER - binary DER encoded client certificate</li>
-      <li>CERT_BASE64 - PEM encoded client certificate</li>
-      <li>CERT_NICKNAME - Client certificate "nickname" (Netscape SDK)</li>
-      <li>KEY_DER - binary DER encoded private key</li>
-      <li>KEY_BASE64 - PEM encoded private key</li>
-    </ul>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPTrustedGlobalCert" id="LDAPTrustedGlobalCert">LDAPTrustedGlobalCert</a> <a name="ldaptrustedglobalcert" id="ldaptrustedglobalcert">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets the file or database containing global trusted
-Certificate Authority or global client certificates</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPTrustedGlobalCert <var>type</var> <var>directory-path/filename</var> <var>[password]</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-</table>
-    <p>It specifies the directory path and file name of the trusted CA
-    certificates and/or system wide client certificates <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code>
-    should use when establishing an SSL or TLS connection to an LDAP
-    server. Note that all certificate information specified using this directive
-    is applied globally to the entire server installation. Some LDAP toolkits
-    (notably Novell) require all client certificates to be set globally using
-    this directive. Most other toolkits require clients certificates to be set
-    per Directory or per Location using LDAPTrustedClientCert. If you get this
-    wrong, an error may be logged when an attempt is made to contact the LDAP
-    server, or the connection may silently fail (See the SSL/TLS certificate
-    guide above for details).
-    The type specifies the kind of certificate parameter being
-    set, depending on the LDAP toolkit being used. Supported types are:</p>
-    <ul>
-      <li>CA_DER - binary DER encoded CA certificate</li>
-      <li>CA_BASE64 - PEM encoded CA certificate</li>
-      <li>CA_CERT7_DB - Netscape cert7.db CA certificate database file</li>
-      <li>CA_SECMOD - Netscape secmod database file</li>
-      <li>CERT_DER - binary DER encoded client certificate</li>
-      <li>CERT_BASE64 - PEM encoded client certificate</li>
-      <li>CERT_KEY3_DB - Netscape key3.db client certificate database file</li>
-      <li>CERT_NICKNAME - Client certificate "nickname" (Netscape SDK)</li>
-      <li>CERT_PFX - PKCS#12 encoded client certificate (Novell SDK)</li>
-      <li>KEY_DER - binary DER encoded private key</li>
-      <li>KEY_BASE64 - PEM encoded private key</li>
-      <li>KEY_PFX - PKCS#12 encoded private key (Novell SDK)</li>
-    </ul>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPTrustedMode" id="LDAPTrustedMode">LDAPTrustedMode</a> <a name="ldaptrustedmode" id="ldaptrustedmode">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies the SSL/TLS mode to be used when connecting to an LDAP server.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPTrustedMode <var>type</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-</table>
-    <p>The following modes are supported:</p>
-    <ul>
-      <li>NONE - no encryption</li>
-      <li>SSL - ldaps:// encryption on default port 636</li>
-      <li>TLS - STARTTLS encryption on default port 389</li>
-    </ul>
-
-    <p>Not all LDAP toolkits support all the above modes. An error message
-    will be logged at runtime if a mode is not supported, and the
-    connection to the LDAP server will fail.
-    </p>
-
-    <p>If an ldaps:// URL is specified, the mode becomes SSL and the setting
-    of LDAPTrustedMode is ignored.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LDAPVerifyServerCert" id="LDAPVerifyServerCert">LDAPVerifyServerCert</a> <a name="ldapverifyservercert" id="ldapverifyservercert">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Force server certificate verification</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPVerifyServerCert <var>On|Off</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPVerifyServerCert On</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
-</table>
-    <p>Specifies whether to force the verification of a
-    server certificate when establishing an SSL connection to the
-    LDAP server.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="exampleconfig" id="exampleconfig">Example Configuration</a></h2>
-    <p>The following is an example configuration that uses
-    <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> to increase the performance of HTTP Basic
-    authentication provided by <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code>.</p>
-
-    <pre class="prettyprint lang-config"># Enable the LDAP connection pool and shared
-# memory cache. Enable the LDAP cache status
-# handler. Requires that mod_ldap and mod_authnz_ldap
-# be loaded. Change the "yourdomain.example.com" to
-# match your domain.
-
-LDAPSharedCacheSize 500000
-LDAPCacheEntries 1024
-LDAPCacheTTL 600
-LDAPOpCacheEntries 1024
-LDAPOpCacheTTL 600
-
-&lt;Location "/ldap-status"&gt;
-    SetHandler ldap-status
-
-    Require host yourdomain.example.com
-
-    Satisfy any
-    AuthType Basic
-    AuthName "LDAP Protected"
-    AuthBasicProvider ldap
-    AuthLDAPURL "ldap://127.0.0.1/dc=example,dc=com?uid?one"
-    Require valid-user
-&lt;/Location&gt;</pre>
-
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="pool" id="pool">LDAP Connection Pool</a></h2>
-
-    <p>LDAP connections are pooled from request to request. This
-    allows the LDAP server to remain connected and bound ready for
-    the next request, without the need to unbind/connect/rebind.
-    The performance advantages are similar to the effect of HTTP
-    keepalives.</p>
-
-    <p>On a busy server it is possible that many requests will try
-    and access the same LDAP server connection simultaneously.
-    Where an LDAP connection is in use, Apache will create a new
-    connection alongside the original one. This ensures that the
-    connection pool does not become a bottleneck.</p>
-
-    <p>There is no need to manually enable connection pooling in
-    the Apache configuration. Any module using this module for
-    access to LDAP services will share the connection pool.</p>
-
-    <p>LDAP connections can keep track of the ldap client
-    credentials used when binding to an LDAP server. These
-    credentials can be provided to LDAP servers that do not
-    allow anonymous binds during referral chasing. To control
-    this feature, see the
-    <code class="directive"><a href="#ldapreferrals">LDAPReferrals</a></code> and
-    <code class="directive"><a href="#ldapreferralhoplimit">LDAPReferralHopLimit</a></code>
-    directives. By default, this feature is enabled.</p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="cache" id="cache">LDAP Cache</a></h2>
-
-    <p>For improved performance, <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> uses an aggressive
-    caching strategy to minimize the number of times that the LDAP
-    server must be contacted. Caching can easily double or triple
-    the throughput of Apache when it is serving pages protected
-    with mod_authnz_ldap. In addition, the load on the LDAP server
-    will be significantly decreased.</p>
-
-    <p><code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> supports two types of LDAP caching during
-    the search/bind phase with a <em>search/bind cache</em> and
-    during the compare phase with two <em>operation
-    caches</em>. Each LDAP URL that is used by the server has
-    its own set of these three caches.</p>
-
-    <h3><a name="search-bind" id="search-bind">The Search/Bind Cache</a></h3>
-      <p>The process of doing a search and then a bind is the
-      most time-consuming aspect of LDAP operation, especially if
-      the directory is large. The search/bind cache is used to
-      cache all searches that resulted in successful binds.
-      Negative results (<em>i.e.</em>, unsuccessful searches, or searches
-      that did not result in a successful bind) are not cached.
-      The rationale behind this decision is that connections with
-      invalid credentials are only a tiny percentage of the total
-      number of connections, so by not caching invalid
-      credentials, the size of the cache is reduced.</p>
-
-      <p><code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> stores the username, the DN
-      retrieved, the password used to bind, and the time of the bind
-      in the cache. Whenever a new connection is initiated with the
-      same username, <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> compares the password
-      of the new connection with the password in the cache. If the
-      passwords match, and if the cached entry is not too old,
-      <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> bypasses the search/bind phase.</p>
-
-      <p>The search and bind cache is controlled with the <code class="directive"><a href="#ldapcacheentries">LDAPCacheEntries</a></code> and <code class="directive"><a href="#ldapcachettl">LDAPCacheTTL</a></code> directives.</p>
-    
-
-    <h3><a name="opcaches" id="opcaches">Operation Caches</a></h3>
-      <p>During attribute and distinguished name comparison
-      functions, <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> uses two operation caches
-      to cache the compare operations. The first compare cache is
-      used to cache the results of compares done to test for LDAP
-      group membership. The second compare cache is used to cache
-      the results of comparisons done between distinguished
-      names.</p>
+    <h3><a name="opcaches" id="opcaches">Operation Caches</a></h3>
+      <p>During attribute and distinguished name comparison
+      functions, <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> uses two operation caches
+      to cache the compare operations. The first compare cache is
+      used to cache the results of compares done to test for LDAP
+      group membership. The second compare cache is used to cache
+      the results of comparisons done between distinguished
+      names.</p>
 
       <p>Note that, when group membership is being checked, any sub-group
       comparison results are cached to speed future sub-group comparisons.</p>
@@ -717,26 +302,97 @@ LDAPTrustedGlobalCert CA_DER "/certs/certfile.der:
         to the certificate "nickname". An optional password may be
         specified to unlock the certificate's private key.</p>
 
-        <p>The SDK supports SSL only. An attempt to use STARTTLS will cause
-        an error when an attempt is made to contact the LDAP server at
-        runtime.</p>
+        <p>The SDK supports SSL only. An attempt to use STARTTLS will cause
+        an error when an attempt is made to contact the LDAP server at
+        runtime.</p>
+
+        <pre class="prettyprint lang-config"># Specify a Netscape CA certificate file
+LDAPTrustedGlobalCert CA_CERT7_DB "/certs/cert7.db"
+# Specify an optional key3.db file for client certificate support
+LDAPTrustedGlobalCert CERT_KEY3_DB "/certs/key3.db"
+# Specify the secmod file if required
+LDAPTrustedGlobalCert CA_SECMOD "/certs/secmod"
+&lt;Location "/ldap-status"&gt;
+    SetHandler ldap-status
+
+    Require host yourdomain.example.com
+
+    Satisfy any
+    AuthType Basic
+    AuthName "LDAP Protected"
+    AuthBasicProvider ldap
+    LDAPTrustedClientCert CERT_NICKNAME &lt;nickname&gt; [password]
+    AuthLDAPURL "ldaps://127.0.0.1/dc=example,dc=com?uid?one"
+    Require valid-user
+&lt;/Location&gt;</pre>
+
+
+    
+
+    <h3><a name="settingcerts-novell" id="settingcerts-novell">Novell SDK</a></h3>
+
+        <p>One or more CA certificates must be specified for the Novell
+        SDK to work correctly. These certificates can be specified as
+        binary DER or Base64 (PEM) encoded files.</p>
+
+        <p>Note: Client certificates are specified globally rather than per
+        connection, and so must be specified with the LDAPTrustedGlobalCert
+        directive as below. Trying to set client certificates via the
+        LDAPTrustedClientCert directive will cause an error to be logged
+        when an attempt is made to connect to the LDAP server..</p>
+
+        <p>The SDK supports both SSL and STARTTLS, set using the
+        LDAPTrustedMode parameter. If an ldaps:// URL is specified,
+        SSL mode is forced, override this directive.</p>
+
+        <pre class="prettyprint lang-config"># Specify two CA certificate files
+LDAPTrustedGlobalCert CA_DER "/certs/cacert1.der"
+LDAPTrustedGlobalCert CA_BASE64 "/certs/cacert2.pem"
+# Specify a client certificate file and key
+LDAPTrustedGlobalCert CERT_BASE64 "/certs/cert1.pem"
+LDAPTrustedGlobalCert KEY_BASE64 "/certs/key1.pem" [password]
+# Do not use this directive, as it will throw an error
+#LDAPTrustedClientCert CERT_BASE64 "/certs/cert1.pem"</pre>
+
+
+    
+
+    <h3><a name="settingcerts-openldap" id="settingcerts-openldap">OpenLDAP SDK</a></h3>
+
+        <p>One or more CA certificates must be specified for the OpenLDAP
+        SDK to work correctly. These certificates can be specified as
+        binary DER or Base64 (PEM) encoded files.</p>
+
+        <p>Both CA and client certificates may be specified globally
+        (LDAPTrustedGlobalCert) or per-connection (LDAPTrustedClientCert).
+        When any settings are specified per-connection, the global
+        settings are superceded.</p>
 
-        <pre class="prettyprint lang-config"># Specify a Netscape CA certificate file
-LDAPTrustedGlobalCert CA_CERT7_DB "/certs/cert7.db"
-# Specify an optional key3.db file for client certificate support
-LDAPTrustedGlobalCert CERT_KEY3_DB "/certs/key3.db"
-# Specify the secmod file if required
-LDAPTrustedGlobalCert CA_SECMOD "/certs/secmod"
+        <p>The documentation for the SDK claims to support both SSL and
+        STARTTLS, however STARTTLS does not seem to work on all versions
+        of the SDK. The SSL/TLS mode can be set using the
+        LDAPTrustedMode parameter. If an ldaps:// URL is specified,
+        SSL mode is forced. The OpenLDAP documentation notes that SSL
+        (ldaps://) support has been deprecated to be replaced with TLS,
+        although the SSL functionality still works.</p>
+
+        <pre class="prettyprint lang-config"># Specify two CA certificate files
+LDAPTrustedGlobalCert CA_DER "/certs/cacert1.der"
+LDAPTrustedGlobalCert CA_BASE64 "/certs/cacert2.pem"
 &lt;Location "/ldap-status"&gt;
     SetHandler ldap-status
 
     Require host yourdomain.example.com
 
+    LDAPTrustedClientCert CERT_BASE64 "/certs/cert1.pem"
+    LDAPTrustedClientCert KEY_BASE64 "/certs/key1.pem"
+    # CA certs respecified due to per-directory client certs
+    LDAPTrustedClientCert CA_DER "/certs/cacert1.der"
+    LDAPTrustedClientCert CA_BASE64 "/certs/cacert2.pem"
     Satisfy any
     AuthType Basic
     AuthName "LDAP Protected"
     AuthBasicProvider ldap
-    LDAPTrustedClientCert CERT_NICKNAME &lt;nickname&gt; [password]
     AuthLDAPURL "ldaps://127.0.0.1/dc=example,dc=com?uid?one"
     Require valid-user
 &lt;/Location&gt;</pre>
@@ -744,98 +400,442 @@ LDAPTrustedGlobalCert CA_SECMOD "/certs/secmod"
 
     
 
-    <h3><a name="settingcerts-novell" id="settingcerts-novell">Novell SDK</a></h3>
+    <h3><a name="settingcerts-solaris" id="settingcerts-solaris">Solaris SDK</a></h3>
 
-        <p>One or more CA certificates must be specified for the Novell
-        SDK to work correctly. These certificates can be specified as
-        binary DER or Base64 (PEM) encoded files.</p>
+        <p>SSL/TLS for the native Solaris LDAP libraries is not yet
+        supported. If required, install and use the OpenLDAP libraries
+        instead.</p>
 
-        <p>Note: Client certificates are specified globally rather than per
-        connection, and so must be specified with the LDAPTrustedGlobalCert
-        directive as below. Trying to set client certificates via the
-        LDAPTrustedClientCert directive will cause an error to be logged
-        when an attempt is made to connect to the LDAP server..</p>
+    
 
-        <p>The SDK supports both SSL and STARTTLS, set using the
-        LDAPTrustedMode parameter. If an ldaps:// URL is specified,
-        SSL mode is forced, override this directive.</p>
+    <h3><a name="settingcerts-microsoft" id="settingcerts-microsoft">Microsoft SDK</a></h3>
 
-        <pre class="prettyprint lang-config"># Specify two CA certificate files
-LDAPTrustedGlobalCert CA_DER "/certs/cacert1.der"
-LDAPTrustedGlobalCert CA_BASE64 "/certs/cacert2.pem"
-# Specify a client certificate file and key
-LDAPTrustedGlobalCert CERT_BASE64 "/certs/cert1.pem"
-LDAPTrustedGlobalCert KEY_BASE64 "/certs/key1.pem" [password]
-# Do not use this directive, as it will throw an error
-#LDAPTrustedClientCert CERT_BASE64 "/certs/cert1.pem"</pre>
+        <p>SSL/TLS certificate configuration for the native Microsoft
+        LDAP libraries is done inside the system registry, and no
+        configuration directives are required.</p>
+
+        <p>Both SSL and TLS are supported by using the ldaps:// URL
+        format, or by using the LDAPTrustedMode directive accordingly.</p>
+
+        <p>Note: The status of support for client certificates is not yet known
+        for this toolkit.</p>
+
+    
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPCacheEntries" id="LDAPCacheEntries">LDAPCacheEntries</a> <a name="ldapcacheentries" id="ldapcacheentries">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maximum number of entries in the primary LDAP cache</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPCacheEntries <var>number</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPCacheEntries 1024</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+</table>
+    <p>Specifies the maximum size of the primary LDAP cache. This
+    cache contains successful search/binds. Set it to 0 to turn off
+    search/bind caching. The default size is 1024 cached
+    searches.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPCacheTTL" id="LDAPCacheTTL">LDAPCacheTTL</a> <a name="ldapcachettl" id="ldapcachettl">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Time that cached items remain valid</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPCacheTTL <var>seconds</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPCacheTTL 600</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+</table>
+    <p>Specifies the time (in seconds) that an item in the
+    search/bind cache remains valid. The default is 600 seconds (10
+    minutes).</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPConnectionPoolTTL" id="LDAPConnectionPoolTTL">LDAPConnectionPoolTTL</a> <a name="ldapconnectionpoolttl" id="ldapconnectionpoolttl">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Discard backend connections that have been sitting in the connection pool too long</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPConnectionPoolTTL <var>n</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPConnectionPoolTTL -1</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Apache HTTP Server 2.3.12 and later</td></tr>
+</table>
+    <p>Specifies the maximum age, in seconds, that a pooled LDAP connection can remain idle
+    and still be available for use.  Connections are cleaned up when they are next needed,
+    not asynchronously.</p>
+
+    <p>A setting of 0 causes connections to never be saved in the backend
+    connection pool.  The default value of -1, and any other negative value,
+    allows connections of any age to be reused.</p>
+
+    <p>For performance reasons, the reference time used by this directive is 
+    based on when the LDAP connection is returned to the pool, not the time
+    of the last successful I/O with the LDAP server.  </p>
+
+    <p>Since 2.4.10, new measures are in place to avoid the reference time
+    from being inflated by cache hits or slow requests.  First, the reference
+    time is not updated if no backend LDAP conncetions were needed. Second,
+    the reference time uses the time the HTTP request was received instead
+    of the time the request is completed.</p>
+    
+    <div class="note"><p>This timeout defaults to units of seconds, but accepts
+    suffixes for milliseconds (ms), minutes (min), and hours (h).
+    </p></div>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPConnectionTimeout" id="LDAPConnectionTimeout">LDAPConnectionTimeout</a> <a name="ldapconnectiontimeout" id="ldapconnectiontimeout">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies the socket connection timeout in seconds</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPConnectionTimeout <var>seconds</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+</table>
+    <p>This directive configures the LDAP_OPT_NETWORK_TIMEOUT (or LDAP_OPT_CONNECT_TIMEOUT)
+    option in the underlying LDAP client library, when available.  This value
+    typically controls how long the LDAP client library will wait for the TCP
+    connection to the LDAP server to complete.</p>
+
+    <p> If a connection is not successful with the timeout period, either an error will be
+    returned or the LDAP client library will attempt to connect to a secondary LDAP
+    server if one is specified (via a space-separated list of hostnames in the
+    <code class="directive"><a href="../mod/mod_authnz_ldap.html#authldapurl">AuthLDAPURL</a></code>).</p>
+
+    <p>The default is 10 seconds, if the LDAP client library linked with the
+    server supports the LDAP_OPT_NETWORK_TIMEOUT option.</p>
+
+    <div class="note">LDAPConnectionTimeout is only available when the LDAP client library linked
+    with the server supports the LDAP_OPT_NETWORK_TIMEOUT
+    (or LDAP_OPT_CONNECT_TIMEOUT) option, and the ultimate behavior is
+    dictated entirely by the LDAP client library.
+    </div>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPLibraryDebug" id="LDAPLibraryDebug">LDAPLibraryDebug</a> <a name="ldaplibrarydebug" id="ldaplibrarydebug">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable debugging in the LDAP SDK</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPLibraryDebug <var>7</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>disabled</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+</table>
+    <p>Turns on SDK-specific LDAP debug options that generally cause the LDAP
+    SDK to log verbose trace information to the main Apache error log.
+    The trace messages from the LDAP SDK provide gory details that
+    can be useful during debugging of connectivity problems with backend LDAP servers</p>
+
+    <p>This option is only configurable when Apache HTTP Server is linked with
+    an LDAP SDK that implements <code>LDAP_OPT_DEBUG</code> or
+    <code>LDAP_OPT_DEBUG_LEVEL</code>, such as OpenLDAP (a value of 7 is verbose)
+    or Tivoli Directory Server (a value of 65535 is verbose).</p>
+
+    <div class="warning">
+    <p>The logged information will likely contain plaintext credentials being used or
+    validated by LDAP authentication, so care should be taken in protecting and purging
+    the error log when this directive is used.</p>
+    </div>
+
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPOpCacheEntries" id="LDAPOpCacheEntries">LDAPOpCacheEntries</a> <a name="ldapopcacheentries" id="ldapopcacheentries">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Number of entries used to cache LDAP compare
+operations</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPOpCacheEntries <var>number</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPOpCacheEntries 1024</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+</table>
+    <p>This specifies the number of entries <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code>
+    will use to cache LDAP compare operations. The default is 1024
+    entries.  Setting it to 0 disables operation caching.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPOpCacheTTL" id="LDAPOpCacheTTL">LDAPOpCacheTTL</a> <a name="ldapopcachettl" id="ldapopcachettl">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Time that entries in the operation cache remain
+valid</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPOpCacheTTL <var>seconds</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPOpCacheTTL 600</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+</table>
+    <p>Specifies the time (in seconds) that entries in the
+    operation cache remain valid. The default is 600 seconds.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPReferralHopLimit" id="LDAPReferralHopLimit">LDAPReferralHopLimit</a> <a name="ldapreferralhoplimit" id="ldapreferralhoplimit">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The maximum number of referral hops to chase before terminating an LDAP query.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPReferralHopLimit <var>number</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SDK dependent, typically between 5 and 10</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+</table>
+    <p>This directive, if enabled by the <code class="directive">LDAPReferrals</code> directive,
+    limits the number of referral hops that are followed before terminating an
+    LDAP query.</p>
+
+<div class="warning">
+<p> Support for this tunable is uncommon in LDAP SDKs.</p>
+</div>
 
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPReferrals" id="LDAPReferrals">LDAPReferrals</a> <a name="ldapreferrals" id="ldapreferrals">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable referral chasing during queries to the LDAP server.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPReferrals <var>On|Off|default</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPReferrals On</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>The <var>default</var> parameter is available in Apache 2.4.7 and later</td></tr>
+</table>
+    <p>Some LDAP servers divide their directory among multiple domains and use referrals
+    to direct a client when a domain boundary is crossed. This is similar to a HTTP redirect.
+    LDAP client libraries may or may not chase referrals by default. This directive
+    explicitly configures the referral chasing in the underlying SDK.</p>
 
-    
 
-    <h3><a name="settingcerts-openldap" id="settingcerts-openldap">OpenLDAP SDK</a></h3>
+    <p><code class="directive">LDAPReferrals</code> takes the following values:</p>
+    <dl>
+     <dt>"on"</dt>
+     <dd> <p> When set to "on", the underlying SDK's referral chasing state
+              is enabled, <code class="directive">LDAPReferralHopLimit</code> is used to
+              override the SDK's hop limit, and an LDAP rebind callback is
+              registered.</p></dd>
+     <dt>"off"</dt>
+     <dd> <p> When set to "off", the underlying SDK's referral chasing state
+              is disabled completely.</p></dd>
+     <dt>"default"</dt>
+     <dd> <p> When set to "default", the underlying SDK's referral chasing state
+              is not changed, <code class="directive">LDAPReferralHopLimit</code> is not
+              used to overide the SDK's hop limit, and no LDAP rebind callback is
+              registered.</p></dd>
+    </dl>
 
-        <p>One or more CA certificates must be specified for the OpenLDAP
-        SDK to work correctly. These certificates can be specified as
-        binary DER or Base64 (PEM) encoded files.</p>
+    <p>The directive <code class="directive">LDAPReferralHopLimit</code> works in conjunction with
+    this directive to limit the number of referral hops to follow before terminating the LDAP query.
+    When referral processing is enabled by a value of "On", client credentials will be provided,
+    via a rebind callback, for any LDAP server requiring them.</p>
 
-        <p>Both CA and client certificates may be specified globally
-        (LDAPTrustedGlobalCert) or per-connection (LDAPTrustedClientCert).
-        When any settings are specified per-connection, the global
-        settings are superceded.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPRetries" id="LDAPRetries">LDAPRetries</a> <a name="ldapretries" id="ldapretries">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Configures the number of LDAP server retries.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPRetries <var>number-of-retries</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPRetries 3</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+</table>
+    <p>The server will retry failed LDAP requests up to
+    <code class="directive">LDAPRetries</code> times.  Setting this
+    directive to 0 disables retries.</p>
+    <p>LDAP errors such as timeouts and refused connections are retryable.</p>
 
-        <p>The documentation for the SDK claims to support both SSL and
-        STARTTLS, however STARTTLS does not seem to work on all versions
-        of the SDK. The SSL/TLS mode can be set using the
-        LDAPTrustedMode parameter. If an ldaps:// URL is specified,
-        SSL mode is forced. The OpenLDAP documentation notes that SSL
-        (ldaps://) support has been deprecated to be replaced with TLS,
-        although the SSL functionality still works.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPRetryDelay" id="LDAPRetryDelay">LDAPRetryDelay</a> <a name="ldapretrydelay" id="ldapretrydelay">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Configures the delay between LDAP server retries.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPRetryDelay <var>seconds</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPRetryDelay 0</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+</table>
+    <p>If <code class="directive">LDAPRetryDelay</code> is set to a non-zero
+    value, the server will delay retrying an LDAP request for the
+    specified amount of time.  Setting this directive to 0 will
+    result in any retry to occur without delay.</p>
 
-        <pre class="prettyprint lang-config"># Specify two CA certificate files
-LDAPTrustedGlobalCert CA_DER "/certs/cacert1.der"
-LDAPTrustedGlobalCert CA_BASE64 "/certs/cacert2.pem"
-&lt;Location "/ldap-status"&gt;
-    SetHandler ldap-status
+    <p>LDAP errors such as timeouts and refused connections are retryable.</p>
 
-    Require host yourdomain.example.com
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPSharedCacheFile" id="LDAPSharedCacheFile">LDAPSharedCacheFile</a> <a name="ldapsharedcachefile" id="ldapsharedcachefile">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets the shared memory cache file</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPSharedCacheFile <var>directory-path/filename</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+</table>
+    <p>Specifies the directory path and file name of the shared memory
+    cache file. If not set, anonymous shared memory will be used if the
+    platform supports it.</p>
 
-    LDAPTrustedClientCert CERT_BASE64 "/certs/cert1.pem"
-    LDAPTrustedClientCert KEY_BASE64 "/certs/key1.pem"
-    # CA certs respecified due to per-directory client certs
-    LDAPTrustedClientCert CA_DER "/certs/cacert1.der"
-    LDAPTrustedClientCert CA_BASE64 "/certs/cacert2.pem"
-    Satisfy any
-    AuthType Basic
-    AuthName "LDAP Protected"
-    AuthBasicProvider ldap
-    AuthLDAPURL "ldaps://127.0.0.1/dc=example,dc=com?uid?one"
-    Require valid-user
-&lt;/Location&gt;</pre>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPSharedCacheSize" id="LDAPSharedCacheSize">LDAPSharedCacheSize</a> <a name="ldapsharedcachesize" id="ldapsharedcachesize">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Size in bytes of the shared-memory cache</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPSharedCacheSize <var>bytes</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPSharedCacheSize 500000</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+</table>
+    <p>Specifies the number of bytes to allocate for the shared
+    memory cache. The default is 500kb. If set to 0, shared memory
+    caching will not be used and every HTTPD process will create its
+    own cache.</p>
 
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPTimeout" id="LDAPTimeout">LDAPTimeout</a> <a name="ldaptimeout" id="ldaptimeout">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies the timeout for LDAP search and bind operations, in seconds</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPTimeout <var>seconds</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPTimeout 60</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Apache HTTP Server 2.3.5 and later</td></tr>
+</table>
+    <p>This directive configures the timeout for bind and search operations, as well as
+    the LDAP_OPT_TIMEOUT option in the underlying LDAP client library, when available.</p>
 
-    
+    <p> If the timeout expires, httpd will retry in case an existing connection has
+    been silently dropped by a firewall. However, performance will be much better if
+    the firewall is configured to send TCP RST packets instead of silently dropping
+    packets.</p>
 
-    <h3><a name="settingcerts-solaris" id="settingcerts-solaris">Solaris SDK</a></h3>
+    <div class="note">
+    <p>Timeouts for ldap compare operations requires an SDK with LDAP_OPT_TIMEOUT, such as OpenLDAP &gt;= 2.4.4.</p>
+    </div>
 
-        <p>SSL/TLS for the native Solaris LDAP libraries is not yet
-        supported. If required, install and use the OpenLDAP libraries
-        instead.</p>
 
-    
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPTrustedClientCert" id="LDAPTrustedClientCert">LDAPTrustedClientCert</a> <a name="ldaptrustedclientcert" id="ldaptrustedclientcert">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets the file containing or nickname referring to a per
+connection client certificate. Not all LDAP toolkits support per
+connection client certificates.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPTrustedClientCert <var>type</var> <var>directory-path/filename/nickname</var> <var>[password]</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+</table>
+    <p>It specifies the directory path, file name or nickname of a
+    per connection client certificate used when establishing an SSL
+    or TLS connection to an LDAP server. Different locations or
+    directories may have their own independent client certificate
+    settings. Some LDAP toolkits (notably Novell)
+    do not support per connection client certificates, and will throw an
+    error on LDAP server connection if you try to use this directive
+    (Use the LDAPTrustedGlobalCert directive instead for Novell client
+    certificates - See the SSL/TLS certificate guide above for details).
+    The type specifies the kind of certificate parameter being
+    set, depending on the LDAP toolkit being used. Supported types are:</p>
+    <ul>
+      <li>CA_DER - binary DER encoded CA certificate</li>
+      <li>CA_BASE64 - PEM encoded CA certificate</li>
+      <li>CERT_DER - binary DER encoded client certificate</li>
+      <li>CERT_BASE64 - PEM encoded client certificate</li>
+      <li>CERT_NICKNAME - Client certificate "nickname" (Netscape SDK)</li>
+      <li>KEY_DER - binary DER encoded private key</li>
+      <li>KEY_BASE64 - PEM encoded private key</li>
+    </ul>
 
-    <h3><a name="settingcerts-microsoft" id="settingcerts-microsoft">Microsoft SDK</a></h3>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPTrustedGlobalCert" id="LDAPTrustedGlobalCert">LDAPTrustedGlobalCert</a> <a name="ldaptrustedglobalcert" id="ldaptrustedglobalcert">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets the file or database containing global trusted
+Certificate Authority or global client certificates</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPTrustedGlobalCert <var>type</var> <var>directory-path/filename</var> <var>[password]</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+</table>
+    <p>It specifies the directory path and file name of the trusted CA
+    certificates and/or system wide client certificates <code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code>
+    should use when establishing an SSL or TLS connection to an LDAP
+    server. Note that all certificate information specified using this directive
+    is applied globally to the entire server installation. Some LDAP toolkits
+    (notably Novell) require all client certificates to be set globally using
+    this directive. Most other toolkits require clients certificates to be set
+    per Directory or per Location using LDAPTrustedClientCert. If you get this
+    wrong, an error may be logged when an attempt is made to contact the LDAP
+    server, or the connection may silently fail (See the SSL/TLS certificate
+    guide above for details).
+    The type specifies the kind of certificate parameter being
+    set, depending on the LDAP toolkit being used. Supported types are:</p>
+    <ul>
+      <li>CA_DER - binary DER encoded CA certificate</li>
+      <li>CA_BASE64 - PEM encoded CA certificate</li>
+      <li>CA_CERT7_DB - Netscape cert7.db CA certificate database file</li>
+      <li>CA_SECMOD - Netscape secmod database file</li>
+      <li>CERT_DER - binary DER encoded client certificate</li>
+      <li>CERT_BASE64 - PEM encoded client certificate</li>
+      <li>CERT_KEY3_DB - Netscape key3.db client certificate database file</li>
+      <li>CERT_NICKNAME - Client certificate "nickname" (Netscape SDK)</li>
+      <li>CERT_PFX - PKCS#12 encoded client certificate (Novell SDK)</li>
+      <li>KEY_DER - binary DER encoded private key</li>
+      <li>KEY_BASE64 - PEM encoded private key</li>
+      <li>KEY_PFX - PKCS#12 encoded private key (Novell SDK)</li>
+    </ul>
 
-        <p>SSL/TLS certificate configuration for the native Microsoft
-        LDAP libraries is done inside the system registry, and no
-        configuration directives are required.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPTrustedMode" id="LDAPTrustedMode">LDAPTrustedMode</a> <a name="ldaptrustedmode" id="ldaptrustedmode">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specifies the SSL/TLS mode to be used when connecting to an LDAP server.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPTrustedMode <var>type</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+</table>
+    <p>The following modes are supported:</p>
+    <ul>
+      <li>NONE - no encryption</li>
+      <li>SSL - ldaps:// encryption on default port 636</li>
+      <li>TLS - STARTTLS encryption on default port 389</li>
+    </ul>
 
-        <p>Both SSL and TLS are supported by using the ldaps:// URL
-        format, or by using the LDAPTrustedMode directive accordingly.</p>
+    <p>Not all LDAP toolkits support all the above modes. An error message
+    will be logged at runtime if a mode is not supported, and the
+    connection to the LDAP server will fail.
+    </p>
 
-        <p>Note: The status of support for client certificates is not yet known
-        for this toolkit.</p>
+    <p>If an ldaps:// URL is specified, the mode becomes SSL and the setting
+    of LDAPTrustedMode is ignored.</p>
 
-    
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LDAPVerifyServerCert" id="LDAPVerifyServerCert">LDAPVerifyServerCert</a> <a name="ldapverifyservercert" id="ldapverifyservercert">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Force server certificate verification</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LDAPVerifyServerCert <var>On|Off</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LDAPVerifyServerCert On</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ldap</td></tr>
+</table>
+    <p>Specifies whether to force the verification of a
+    server certificate when establishing an SSL connection to the
+    LDAP server.</p>
 
 </div>
 </div>
diff --git a/docs/manual/mod/mod_log_config.html.en b/docs/manual/mod/mod_log_config.html.en
index f734a562dc..01a2315ac4 100644
--- a/docs/manual/mod/mod_log_config.html.en
+++ b/docs/manual/mod/mod_log_config.html.en
@@ -50,202 +50,22 @@
     step. The <code class="directive">TransferLog</code> and <code class="directive">CustomLog</code> directives can be used multiple times in each
     server to cause each request to be logged to multiple files.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#formats">Custom Log Formats</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#security">Security Considerations</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#bufferedlogs">BufferedLogs</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#customlog">CustomLog</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#logformat">LogFormat</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#transferlog">TransferLog</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#formats">Custom Log Formats</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#security">Security Considerations</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><a href="../logs.html">Apache Log Files</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="BufferedLogs" id="BufferedLogs">BufferedLogs</a> <a name="bufferedlogs" id="bufferedlogs">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Buffer log entries in memory before writing to disk</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>BufferedLogs On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>BufferedLogs Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_log_config</td></tr>
-</table>
-    <p>The <code class="directive">BufferedLogs</code> directive causes
-    <code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code> to store several log entries in
-    memory and write them together to disk, rather than writing them
-    after each request.  On some systems, this may result in more
-    efficient disk access and hence higher performance.  It may be
-    set only once for the entire server; it cannot be configured
-    per virtual-host.</p>
-
-    <div class="note">This directive should be used with caution as a crash might
-    cause loss of logging data.</div>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="CustomLog" id="CustomLog">CustomLog</a> <a name="customlog" id="customlog">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets filename and format of log file</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>CustomLog  <var>file</var>|<var>pipe</var>
-<var>format</var>|<var>nickname</var>
-[env=[!]<var>environment-variable</var>|
-expr=<var>expression</var>]</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_log_config</td></tr>
-</table>
-    <p>The <code class="directive">CustomLog</code> directive is used to
-    log requests to the server. A log format is specified, and the
-    logging can optionally be made conditional on request
-    characteristics using environment variables.</p>
-
-    <p>The first argument, which specifies the location to which
-    the logs will be written, can take one of the following two
-    types of values:</p>
-
-    <dl>
-      <dt><var>file</var></dt>
-      <dd>A filename, relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</dd>
-
-      <dt><var>pipe</var></dt>
-      <dd>The pipe character "<code>|</code>", followed by the path
-      to a program to receive the log information on its standard
-      input. See the notes on <a href="../logs.html#piped">piped logs</a>
-      for more information.
-
-      <div class="warning"><h3>Security:</h3>
-      <p>If a program is used, then it will be run as the user who
-      started <code class="program"><a href="../programs/httpd.html">httpd</a></code>. This will be root if the server was
-      started by root; be sure that the program is secure.</p>
-      </div>
-      <div class="warning"><h3>Note</h3>
-        <p>When entering a file path on non-Unix platforms, care should be taken
-        to make sure that only forward slashed are used even though the platform
-        may allow the use of back slashes. In general it is a good idea to always
-        use forward slashes throughout the configuration files.</p>
-      </div></dd>
-    </dl>
-
-    <p>The second argument specifies what will be written to the
-    log file. It can specify either a <var>nickname</var> defined by
-    a previous <code class="directive"><a href="#logformat">LogFormat</a></code>
-    directive, or it can be an explicit <var>format</var> string as
-    described in the <a href="#formats">log formats</a> section.</p>
-
-    <p>For example, the following two sets of directives have
-    exactly the same effect:</p>
-
-    <pre class="prettyprint lang-config"># CustomLog with format nickname
-LogFormat "%h %l %u %t \"%r\" %&gt;s %b" common
-CustomLog "logs/access_log" common
-
-# CustomLog with explicit format string
-CustomLog "logs/access_log" "%h %l %u %t \"%r\" %&gt;s %b"</pre>
-
-
-    <p>The third argument is optional and controls whether or
-    not to log a particular request. The condition can be the
-    presence or absence (in the case of a '<code>env=!<var>name</var></code>'
-    clause) of a particular variable in the server
-    <a href="../env.html">environment</a>. Alternatively, the condition
-    can be expressed as arbitrary boolean <a href="../expr.html">expression</a>. If the condition is not satisfied, the request
-    will not be logged. References to HTTP headers  in the expression
-    will not cause the header names to be added to the Vary header.</p>
-
-    <p>Environment variables can be set on a per-request
-    basis using the <code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code>
-    and/or <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> modules. For
-    example, if you want to record requests for all GIF
-    images on your server in a separate logfile but not in your main
-    log, you can use:</p>
-
-    <pre class="prettyprint lang-config">SetEnvIf Request_URI \.gif$ gif-image
-CustomLog "gif-requests.log" common env=gif-image
-CustomLog "nongif-requests.log" common env=!gif-image</pre>
-
-
-    <p>Or, to reproduce the behavior of the old RefererIgnore
-    directive, you might use the following:</p>
-
-    <pre class="prettyprint lang-config">SetEnvIf Referer example\.com localreferer
-CustomLog "referer.log" referer env=!localreferer</pre>
-
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LogFormat" id="LogFormat">LogFormat</a> <a name="logformat" id="logformat">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Describes a format for use in a log file</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LogFormat <var>format</var>|<var>nickname</var>
-[<var>nickname</var>]</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LogFormat "%h %l %u %t \"%r\" %&gt;s %b"</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_log_config</td></tr>
-</table>
-    <p>This directive specifies the format of the access log
-    file.</p>
-
-    <p>The <code class="directive">LogFormat</code> directive can take one of two
-    forms. In the first form, where only one argument is specified,
-    this directive sets the log format which will be used by logs
-    specified in subsequent <code class="directive">TransferLog</code>
-    directives. The single argument can specify an explicit
-    <var>format</var> as discussed in the <a href="#formats">custom log
-    formats</a> section above. Alternatively, it can use a
-    <var>nickname</var> to refer to a log format defined in a
-    previous <code class="directive">LogFormat</code> directive as described
-    below.</p>
-
-    <p>The second form of the <code class="directive">LogFormat</code>
-    directive associates an explicit <var>format</var> with a
-    <var>nickname</var>. This <var>nickname</var> can then be used in
-    subsequent <code class="directive">LogFormat</code> or
-    <code class="directive"><a href="#customlog">CustomLog</a></code> directives
-    rather than repeating the entire format string. A
-    <code class="directive">LogFormat</code> directive that defines a nickname
-    <strong>does nothing else</strong> -- that is, it <em>only</em>
-    defines the nickname, it doesn't actually apply the format and make
-    it the default. Therefore, it will not affect subsequent
-    <code class="directive"><a href="#transferlog">TransferLog</a></code> directives.
-    In addition, <code class="directive">LogFormat</code> cannot use one nickname
-    to define another nickname. Note that the nickname should not contain
-    percent signs (<code>%</code>).</p>
-
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">LogFormat "%v %h %l %u %t \"%r\" %&gt;s %b" vhost_common</pre>
-</div>
-    
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="TransferLog" id="TransferLog">TransferLog</a> <a name="transferlog" id="transferlog">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specify location of a log file</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>TransferLog <var>file</var>|<var>pipe</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_log_config</td></tr>
-</table>
-    <p>This directive has exactly the same arguments and effect as
-    the <code class="directive"><a href="#customlog">CustomLog</a></code>
-    directive, with the exception that it does not allow the log format
-    to be specified explicitly or for conditional logging of requests.
-    Instead, the log format is determined by the most recently specified
-    <code class="directive"><a href="#logformat">LogFormat</a></code> directive
-    which does not define a nickname. Common Log Format is used if no
-    other format has been specified.</p>
-
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">LogFormat "%h %l %u %t \"%r\" %&gt;s %b \"%{Referer}i\" \"%{User-agent}i\""
-TransferLog logs/access_log</pre>
-</div>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="formats" id="formats">Custom Log Formats</a></h2>
 
@@ -528,6 +348,186 @@ TransferLog logs/access_log</pre>
     document for details on why your security could be compromised
     if the directory where logfiles are stored is writable by
     anyone other than the user that starts the server.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="BufferedLogs" id="BufferedLogs">BufferedLogs</a> <a name="bufferedlogs" id="bufferedlogs">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Buffer log entries in memory before writing to disk</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>BufferedLogs On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>BufferedLogs Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_log_config</td></tr>
+</table>
+    <p>The <code class="directive">BufferedLogs</code> directive causes
+    <code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code> to store several log entries in
+    memory and write them together to disk, rather than writing them
+    after each request.  On some systems, this may result in more
+    efficient disk access and hence higher performance.  It may be
+    set only once for the entire server; it cannot be configured
+    per virtual-host.</p>
+
+    <div class="note">This directive should be used with caution as a crash might
+    cause loss of logging data.</div>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="CustomLog" id="CustomLog">CustomLog</a> <a name="customlog" id="customlog">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets filename and format of log file</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>CustomLog  <var>file</var>|<var>pipe</var>
+<var>format</var>|<var>nickname</var>
+[env=[!]<var>environment-variable</var>|
+expr=<var>expression</var>]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_log_config</td></tr>
+</table>
+    <p>The <code class="directive">CustomLog</code> directive is used to
+    log requests to the server. A log format is specified, and the
+    logging can optionally be made conditional on request
+    characteristics using environment variables.</p>
+
+    <p>The first argument, which specifies the location to which
+    the logs will be written, can take one of the following two
+    types of values:</p>
+
+    <dl>
+      <dt><var>file</var></dt>
+      <dd>A filename, relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</dd>
+
+      <dt><var>pipe</var></dt>
+      <dd>The pipe character "<code>|</code>", followed by the path
+      to a program to receive the log information on its standard
+      input. See the notes on <a href="../logs.html#piped">piped logs</a>
+      for more information.
+
+      <div class="warning"><h3>Security:</h3>
+      <p>If a program is used, then it will be run as the user who
+      started <code class="program"><a href="../programs/httpd.html">httpd</a></code>. This will be root if the server was
+      started by root; be sure that the program is secure.</p>
+      </div>
+      <div class="warning"><h3>Note</h3>
+        <p>When entering a file path on non-Unix platforms, care should be taken
+        to make sure that only forward slashed are used even though the platform
+        may allow the use of back slashes. In general it is a good idea to always
+        use forward slashes throughout the configuration files.</p>
+      </div></dd>
+    </dl>
+
+    <p>The second argument specifies what will be written to the
+    log file. It can specify either a <var>nickname</var> defined by
+    a previous <code class="directive"><a href="#logformat">LogFormat</a></code>
+    directive, or it can be an explicit <var>format</var> string as
+    described in the <a href="#formats">log formats</a> section.</p>
+
+    <p>For example, the following two sets of directives have
+    exactly the same effect:</p>
+
+    <pre class="prettyprint lang-config"># CustomLog with format nickname
+LogFormat "%h %l %u %t \"%r\" %&gt;s %b" common
+CustomLog "logs/access_log" common
+
+# CustomLog with explicit format string
+CustomLog "logs/access_log" "%h %l %u %t \"%r\" %&gt;s %b"</pre>
+
+
+    <p>The third argument is optional and controls whether or
+    not to log a particular request. The condition can be the
+    presence or absence (in the case of a '<code>env=!<var>name</var></code>'
+    clause) of a particular variable in the server
+    <a href="../env.html">environment</a>. Alternatively, the condition
+    can be expressed as arbitrary boolean <a href="../expr.html">expression</a>. If the condition is not satisfied, the request
+    will not be logged. References to HTTP headers  in the expression
+    will not cause the header names to be added to the Vary header.</p>
+
+    <p>Environment variables can be set on a per-request
+    basis using the <code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code>
+    and/or <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> modules. For
+    example, if you want to record requests for all GIF
+    images on your server in a separate logfile but not in your main
+    log, you can use:</p>
+
+    <pre class="prettyprint lang-config">SetEnvIf Request_URI \.gif$ gif-image
+CustomLog "gif-requests.log" common env=gif-image
+CustomLog "nongif-requests.log" common env=!gif-image</pre>
+
+
+    <p>Or, to reproduce the behavior of the old RefererIgnore
+    directive, you might use the following:</p>
+
+    <pre class="prettyprint lang-config">SetEnvIf Referer example\.com localreferer
+CustomLog "referer.log" referer env=!localreferer</pre>
+
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LogFormat" id="LogFormat">LogFormat</a> <a name="logformat" id="logformat">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Describes a format for use in a log file</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LogFormat <var>format</var>|<var>nickname</var>
+[<var>nickname</var>]</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LogFormat "%h %l %u %t \"%r\" %&gt;s %b"</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_log_config</td></tr>
+</table>
+    <p>This directive specifies the format of the access log
+    file.</p>
+
+    <p>The <code class="directive">LogFormat</code> directive can take one of two
+    forms. In the first form, where only one argument is specified,
+    this directive sets the log format which will be used by logs
+    specified in subsequent <code class="directive">TransferLog</code>
+    directives. The single argument can specify an explicit
+    <var>format</var> as discussed in the <a href="#formats">custom log
+    formats</a> section above. Alternatively, it can use a
+    <var>nickname</var> to refer to a log format defined in a
+    previous <code class="directive">LogFormat</code> directive as described
+    below.</p>
+
+    <p>The second form of the <code class="directive">LogFormat</code>
+    directive associates an explicit <var>format</var> with a
+    <var>nickname</var>. This <var>nickname</var> can then be used in
+    subsequent <code class="directive">LogFormat</code> or
+    <code class="directive"><a href="#customlog">CustomLog</a></code> directives
+    rather than repeating the entire format string. A
+    <code class="directive">LogFormat</code> directive that defines a nickname
+    <strong>does nothing else</strong> -- that is, it <em>only</em>
+    defines the nickname, it doesn't actually apply the format and make
+    it the default. Therefore, it will not affect subsequent
+    <code class="directive"><a href="#transferlog">TransferLog</a></code> directives.
+    In addition, <code class="directive">LogFormat</code> cannot use one nickname
+    to define another nickname. Note that the nickname should not contain
+    percent signs (<code>%</code>).</p>
+
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">LogFormat "%v %h %l %u %t \"%r\" %&gt;s %b" vhost_common</pre>
+</div>
+    
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="TransferLog" id="TransferLog">TransferLog</a> <a name="transferlog" id="transferlog">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specify location of a log file</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>TransferLog <var>file</var>|<var>pipe</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_log_config</td></tr>
+</table>
+    <p>This directive has exactly the same arguments and effect as
+    the <code class="directive"><a href="#customlog">CustomLog</a></code>
+    directive, with the exception that it does not allow the log format
+    to be specified explicitly or for conditional logging of requests.
+    Instead, the log format is determined by the most recently specified
+    <code class="directive"><a href="#logformat">LogFormat</a></code> directive
+    which does not define a nickname. Common Log Format is used if no
+    other format has been specified.</p>
+
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">LogFormat "%h %l %u %t \"%r\" %&gt;s %b \"%{Referer}i\" \"%{User-agent}i\""
+TransferLog logs/access_log</pre>
+</div>
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_log_debug.html.en b/docs/manual/mod/mod_log_debug.html.en
index 2c11367454..309393bf33 100644
--- a/docs/manual/mod/mod_log_debug.html.en
+++ b/docs/manual/mod/mod_log_debug.html.en
@@ -33,14 +33,61 @@
 <tr><th><a href="module-dict.html#SourceFile">Source File:</a></th><td>mod_log_debug.c</td></tr>
 <tr><th><a href="module-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.3.14 and later</td></tr></table>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#logmessage">LogMessage</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="examples" id="examples">Examples</a></h2>
+
+    <ol>
+      <li>
+        Log message after request to /foo/* is processed:
+
+        <pre class="prettyprint lang-config">&lt;Location "/foo/"&gt;
+  LogMessage "/foo/ has been requested"
+&lt;/Location&gt;</pre>
+
+      </li>
+
+      <li>
+        Log message if request to /foo/* is processed in a sub-request:
+        <pre class="prettyprint lang-config">&lt;Location "/foo/"&gt;
+  LogMessage "subrequest to /foo/" hook=type_checker expr=%{IS_SUBREQ}
+&lt;/Location&gt;</pre>
+
+
+        The default log_transaction hook is not executed for sub-requests,
+        therefore we have to use a different hook.
+      </li>
+
+
+      <li>
+        Log message if an IPv6 client causes a request timeout:
+        <pre class="prettyprint lang-config">LogMessage "IPv6 timeout from %{REMOTE_ADDR}" "expr=-T %{IPV6} &amp;&amp; %{REQUEST_STATUS} = 408"</pre>
+
+        Note the placing of the double quotes for the <code>expr=</code> argument.
+      </li>
+
+      <li>
+        Log the value of the "X-Foo" request environment variable in each
+        stage of the request:
+        <pre class="prettyprint lang-config">&lt;Location "/"&gt;
+  LogMessage "%{reqenv:X-Foo}" hook=all
+&lt;/Location&gt;</pre>
+
+        Together with microsecond time stamps in the error log,
+        <code>hook=all</code> also lets you determine the times spent
+        in the different parts of the request processing.
+      </li>
+
+    </ol>
+</div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="LogMessage" id="LogMessage">LogMessage</a> <a name="logmessage" id="logmessage">Directive</a></h2>
 <table class="directive">
@@ -88,53 +135,6 @@
     headers will not cause the header names to be added to the Vary header.</p>
 
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="examples" id="examples">Examples</a></h2>
-
-    <ol>
-      <li>
-        Log message after request to /foo/* is processed:
-
-        <pre class="prettyprint lang-config">&lt;Location "/foo/"&gt;
-  LogMessage "/foo/ has been requested"
-&lt;/Location&gt;</pre>
-
-      </li>
-
-      <li>
-        Log message if request to /foo/* is processed in a sub-request:
-        <pre class="prettyprint lang-config">&lt;Location "/foo/"&gt;
-  LogMessage "subrequest to /foo/" hook=type_checker expr=%{IS_SUBREQ}
-&lt;/Location&gt;</pre>
-
-
-        The default log_transaction hook is not executed for sub-requests,
-        therefore we have to use a different hook.
-      </li>
-
-
-      <li>
-        Log message if an IPv6 client causes a request timeout:
-        <pre class="prettyprint lang-config">LogMessage "IPv6 timeout from %{REMOTE_ADDR}" "expr=-T %{IPV6} &amp;&amp; %{REQUEST_STATUS} = 408"</pre>
-
-        Note the placing of the double quotes for the <code>expr=</code> argument.
-      </li>
-
-      <li>
-        Log the value of the "X-Foo" request environment variable in each
-        stage of the request:
-        <pre class="prettyprint lang-config">&lt;Location "/"&gt;
-  LogMessage "%{reqenv:X-Foo}" hook=all
-&lt;/Location&gt;</pre>
-
-        Together with microsecond time stamps in the error log,
-        <code>hook=all</code> also lets you determine the times spent
-        in the different parts of the request processing.
-      </li>
-
-    </ol>
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_log_forensic.html.en b/docs/manual/mod/mod_log_forensic.html.en
index 1b8f56cce6..898a3e7592 100644
--- a/docs/manual/mod/mod_log_forensic.html.en
+++ b/docs/manual/mod/mod_log_forensic.html.en
@@ -55,66 +55,20 @@ version 2.1</td></tr></table>
     distribution's support directory, may be helpful in evaluating the
     forensic log output.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#forensiclog">ForensicLog</a></li>
-</ul>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#formats">Forensic Log Format</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#security">Security Considerations</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<ul id="toc">
+<li><img alt="" src="../images/down.gif" /> <a href="#forensiclog">ForensicLog</a></li>
+</ul>
+<h3>See also</h3>
 <ul class="seealso">
 <li><a href="../logs.html">Apache Log Files</a></li>
 <li><code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ForensicLog" id="ForensicLog">ForensicLog</a> <a name="forensiclog" id="forensiclog">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets filename of the forensic log</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ForensicLog <var>filename</var>|<var>pipe</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_log_forensic</td></tr>
-</table>
-    <p>The <code class="directive">ForensicLog</code> directive is used to
-    log requests to the server for forensic analysis. Each log entry
-    is assigned a unique ID which can be associated with the request
-    using the normal <code class="directive"><a href="../mod/mod_log_config.html#customlog">CustomLog</a></code>
-    directive. <code class="module"><a href="../mod/mod_log_forensic.html">mod_log_forensic</a></code> creates a token called
-    <code>forensic-id</code>, which can be added to the transfer log
-    using the <code>%{forensic-id}n</code> format string.</p>
-
-    <p>The argument, which specifies the location to which
-    the logs will be written, can take one of the following two
-    types of values:</p>
-
-    <dl>
-      <dt><var>filename</var></dt>
-      <dd>A filename, relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</dd>
-
-      <dt><var>pipe</var></dt>
-      <dd>The pipe character "<code>|</code>", followed by the path
-      to a program to receive the log information on its standard
-      input. The program name can be specified relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code> directive.
-
-      <div class="warning"><h3>Security:</h3>
-      <p>If a program is used, then it will be run as the user who
-      started <code class="program"><a href="../programs/httpd.html">httpd</a></code>. This will be root if the server was
-      started by root; be sure that the program is secure or switches to a
-      less privileged user.</p>
-      </div>
-
-      <div class="note"><h3>Note</h3>
-        <p>When entering a file path on non-Unix platforms, care should be taken
-        to make sure that only forward slashes are used even though the platform
-        may allow the use of back slashes. In general it is a good idea to always
-        use forward slashes throughout the configuration files.</p>
-      </div></dd>
-    </dl>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="formats" id="formats">Forensic Log Format</a></h2>
     <p>Each request is logged two times. The first time is <em>before</em> it's
@@ -161,6 +115,52 @@ version 2.1</td></tr></table>
     they should not be readable by anyone except the user that starts the
     server.</p>
 </div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ForensicLog" id="ForensicLog">ForensicLog</a> <a name="forensiclog" id="forensiclog">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets filename of the forensic log</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ForensicLog <var>filename</var>|<var>pipe</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_log_forensic</td></tr>
+</table>
+    <p>The <code class="directive">ForensicLog</code> directive is used to
+    log requests to the server for forensic analysis. Each log entry
+    is assigned a unique ID which can be associated with the request
+    using the normal <code class="directive"><a href="../mod/mod_log_config.html#customlog">CustomLog</a></code>
+    directive. <code class="module"><a href="../mod/mod_log_forensic.html">mod_log_forensic</a></code> creates a token called
+    <code>forensic-id</code>, which can be added to the transfer log
+    using the <code>%{forensic-id}n</code> format string.</p>
+
+    <p>The argument, which specifies the location to which
+    the logs will be written, can take one of the following two
+    types of values:</p>
+
+    <dl>
+      <dt><var>filename</var></dt>
+      <dd>A filename, relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</dd>
+
+      <dt><var>pipe</var></dt>
+      <dd>The pipe character "<code>|</code>", followed by the path
+      to a program to receive the log information on its standard
+      input. The program name can be specified relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code> directive.
+
+      <div class="warning"><h3>Security:</h3>
+      <p>If a program is used, then it will be run as the user who
+      started <code class="program"><a href="../programs/httpd.html">httpd</a></code>. This will be root if the server was
+      started by root; be sure that the program is secure or switches to a
+      less privileged user.</p>
+      </div>
+
+      <div class="note"><h3>Note</h3>
+        <p>When entering a file path on non-Unix platforms, care should be taken
+        to make sure that only forward slashes are used even though the platform
+        may allow the use of back slashes. In general it is a good idea to always
+        use forward slashes throughout the configuration files.</p>
+      </div></dd>
+    </dl>
+
+</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_log_forensic.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_logio.html.en b/docs/manual/mod/mod_logio.html.en
index 3ea52b1a74..fbfa9a3661 100644
--- a/docs/manual/mod/mod_logio.html.en
+++ b/docs/manual/mod/mod_logio.html.en
@@ -52,13 +52,13 @@
     with the request that triggered the renegotiation.</div>
 
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<p>This module provides no
-            directives.</p>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#formats">Custom Log Formats</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<p>This module provides no
+            directives.</p>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code></li>
 <li><a href="../logs.html">Apache Log Files</a></li>
diff --git a/docs/manual/mod/mod_lua.html.en b/docs/manual/mod/mod_lua.html.en
index 93bc7e0f9b..521ad66e4c 100644
--- a/docs/manual/mod/mod_lua.html.en
+++ b/docs/manual/mod/mod_lua.html.en
@@ -58,7 +58,19 @@ trust, as it can be abused to change the internal workings of httpd.</p>
 </div>
 
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#basicconf">Basic Configuration</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#writinghandlers">Writing Handlers</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#writingauthzproviders">Writing Authorization Providers</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#writinghooks">Writing Hooks</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#datastructures">Data Structures</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#functions">Built in functions</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#logging">Logging Functions</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#apache2">apache2 Package</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#modifying_buckets">Modifying contents with Lua filters</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#databases">Database connectivity</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#luaauthzprovider">LuaAuthzProvider</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#luacodecache">LuaCodeCache</a></li>
@@ -81,903 +93,264 @@ trust, as it can be abused to change the internal workings of httpd.</p>
 <li><img alt="" src="../images/down.gif" /> <a href="#luaroot">LuaRoot</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#luascope">LuaScope</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#basicconf">Basic Configuration</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#writinghandlers">Writing Handlers</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#writingauthzproviders">Writing Authorization Providers</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#writinghooks">Writing Hooks</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#datastructures">Data Structures</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#functions">Built in functions</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#logging">Logging Functions</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#apache2">apache2 Package</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#modifying_buckets">Modifying contents with Lua filters</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#databases">Database connectivity</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaAuthzProvider" id="LuaAuthzProvider">LuaAuthzProvider</a> <a name="luaauthzprovider" id="luaauthzprovider">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Plug an authorization provider function into <code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code>
-</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaAuthzProvider provider_name /path/to/lua/script.lua function_name</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>2.4.3 and later</td></tr>
-</table>
-<p>After a lua function has been registered as authorization provider, it can be used
-with the <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> directive:</p>
+<div class="section">
+<h2><a name="basicconf" id="basicconf">Basic Configuration</a></h2>
 
-<pre class="prettyprint lang-config">LuaRoot "/usr/local/apache2/lua"
-LuaAuthzProvider foo authz.lua authz_check_foo
-&lt;Location "/"&gt;
-  Require foo johndoe
-&lt;/Location&gt;</pre>
+<p>The basic module loading directive is</p>
 
-<pre class="prettyprint lang-lua">require "apache2"
-function authz_check_foo(r, who)
-    if r.user ~= who then return apache2.AUTHZ_DENIED
-    return apache2.AUTHZ_GRANTED
-end</pre>
+<pre class="prettyprint lang-config">LoadModule lua_module modules/mod_lua.so</pre>
 
 
+<p>
+<code>mod_lua</code> provides a handler named <code>lua-script</code>,
+which can be used with a <code class="directive"><a href="../mod/core.html#sethandler">SetHandler</a></code> or
+<code class="directive"><a href="../mod/mod_mime.html#addhandler">AddHandler</a></code> directive:</p>
 
+<pre class="prettyprint lang-config">&lt;Files "*.lua"&gt;
+    SetHandler lua-script
+&lt;/Files&gt;</pre>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaCodeCache" id="LuaCodeCache">LuaCodeCache</a> <a name="luacodecache" id="luacodecache">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Configure the compiled code cache.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaCodeCache stat|forever|never</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LuaCodeCache stat</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-</table><p>
-    Specify the behavior of the in-memory code cache. The default
-    is stat, which stats the top level script (not any included
-    ones) each time that file is needed, and reloads it if the
-    modified time indicates it is newer than the one it has
-    already loaded. The other values cause it to keep the file
-    cached forever (don't stat and replace) or to never cache the
-    file.</p>
 
-    <p>In general stat or forever is good for production, and stat or never
-    for development.</p>
+<p>
+This will cause <code>mod_lua</code> to handle requests for files
+ending in <code>.lua</code> by invoking that file's
+<code>handle</code> function.
+</p>
 
-    <div class="example"><h3>Examples:</h3><pre class="prettyprint lang-config">LuaCodeCache stat
-LuaCodeCache forever
-LuaCodeCache never</pre>
-</div>
+<p>For more flexibility, see <code class="directive">LuaMapHandler</code>.
+</p>
 
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="writinghandlers" id="writinghandlers">Writing Handlers</a></h2>
+<p> In the Apache HTTP Server API, the handler is a specific kind of hook
+responsible for generating the response.  Examples of modules that include a
+handler are <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code>, <code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code>,
+and <code class="module"><a href="../mod/mod_status.html">mod_status</a></code>.</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaHookAccessChecker" id="LuaHookAccessChecker">LuaHookAccessChecker</a> <a name="luahookaccesschecker" id="luahookaccesschecker">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the access_checker phase of request processing</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookAccessChecker  /path/to/lua/script.lua  hook_function_name [early|late]</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>The optional third argument is supported in 2.3.15 and later</td></tr>
-</table>
-<p>Add your hook to the access_checker phase.  An access checker
-hook function usually returns OK, DECLINED, or HTTP_FORBIDDEN.</p>
-   <div class="note"><h3>Ordering</h3><p>The optional arguments "early" or "late" 
-   control when this script runs relative to other modules.</p></div>
+<p><code>mod_lua</code> always looks to invoke a Lua function for the handler, rather than
+just evaluating a script body CGI style. A handler function looks
+something like this:</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaHookAuthChecker" id="LuaHookAuthChecker">LuaHookAuthChecker</a> <a name="luahookauthchecker" id="luahookauthchecker">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the auth_checker phase of request processing</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookAuthChecker  /path/to/lua/script.lua hook_function_name [early|late]</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>The optional third argument is supported in 2.3.15 and later</td></tr>
-</table>
-<p>Invoke a lua function in the auth_checker phase of processing
-a request.  This can be used to implement arbitrary authentication
-and authorization checking.  A very simple example:
-</p>
-<pre class="prettyprint lang-lua">require 'apache2'
 
--- fake authcheck hook
--- If request has no auth info, set the response header and
--- return a 401 to ask the browser for basic auth info.
--- If request has auth info, don't actually look at it, just
--- pretend we got userid 'foo' and validated it.
--- Then check if the userid is 'foo' and accept the request.
-function authcheck_hook(r)
+<pre class="prettyprint lang-lua">
+<strong>example.lua</strong><br />
+-- example handler
 
-   -- look for auth info
-   auth = r.headers_in['Authorization']
-   if auth ~= nil then
-     -- fake the user
-     r.user = 'foo'
-   end
+require "string"
 
-   if r.user == nil then
-      r:debug("authcheck: user is nil, returning 401")
-      r.err_headers_out['WWW-Authenticate'] = 'Basic realm="WallyWorld"'
-      return 401
-   elseif r.user == "foo" then
-      r:debug('user foo: OK')
-   else
-      r:debug("authcheck: user='" .. r.user .. "'")
-      r.err_headers_out['WWW-Authenticate'] = 'Basic realm="WallyWorld"'
-      return 401
-   end
-   return apache2.OK
-end</pre>
+--[[
+     This is the default method name for Lua handlers, see the optional
+     function-name in the LuaMapHandler directive to choose a different
+     entry point.
+--]]
+function handle(r)
+    r.content_type = "text/plain"
 
-   <div class="note"><h3>Ordering</h3><p>The optional arguments "early" or "late" 
-   control when this script runs relative to other modules.</p></div>
+    if r.method == 'GET' then
+        r:puts("Hello Lua World!\n")
+        for k, v in pairs( r:parseargs() ) do
+            r:puts( string.format("%s: %s\n", k, v) )
+        end
+    elseif r.method == 'POST' then
+        r:puts("Hello Lua World!\n")
+        for k, v in pairs( r:parsebody() ) do
+            r:puts( string.format("%s: %s\n", k, v) )
+        end
+    elseif r.method == 'PUT' then
+-- use our own Error contents
+        r:puts("Unsupported HTTP method " .. r.method)
+        r.status = 405
+        return apache2.ok
+    else
+-- use the ErrorDocument
+        return 501
+    end
+    return apache2.OK
+end</pre>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaHookCheckUserID" id="LuaHookCheckUserID">LuaHookCheckUserID</a> <a name="luahookcheckuserid" id="luahookcheckuserid">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the check_user_id phase of request processing</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookCheckUserID  /path/to/lua/script.lua hook_function_name [early|late]</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>The optional third argument is supported in 2.3.15 and later</td></tr>
-</table><p>...</p>
-   <div class="note"><h3>Ordering</h3><p>The optional arguments "early" or "late" 
-   control when this script runs relative to other modules.</p></div>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaHookFixups" id="LuaHookFixups">LuaHookFixups</a> <a name="luahookfixups" id="luahookfixups">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the fixups phase of a request
-processing</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookFixups  /path/to/lua/script.lua hook_function_name</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-</table>
 <p>
-    Just like LuaHookTranslateName, but executed at the fixups phase
+This handler function just prints out the uri or form encoded
+arguments to a plaintext page.
 </p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaHookInsertFilter" id="LuaHookInsertFilter">LuaHookInsertFilter</a> <a name="luahookinsertfilter" id="luahookinsertfilter">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the insert_filter phase of request processing</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookInsertFilter  /path/to/lua/script.lua hook_function_name</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-</table><p>Not Yet Implemented</p>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaHookLog" id="LuaHookLog">LuaHookLog</a> <a name="luahooklog" id="luahooklog">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the access log phase of a request
-processing</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookLog  /path/to/lua/script.lua log_function_name</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-</table>
 <p>
-    This simple logging hook allows you to run a function when httpd enters the 
-    logging phase of a request. With it, you can append data to your own logs, 
-    manipulate data before the regular log is written, or prevent a log entry 
-    from being created. To prevent the usual logging from happening, simply return
-    <code>apache2.DONE</code> in your logging handler, otherwise return 
-    <code>apache2.OK</code> to tell httpd to log as normal.
+This means (and in fact encourages) that you can have multiple
+handlers (or hooks, or filters) in the same script.
 </p>
-<p>Example:</p>
-<pre class="prettyprint lang-config">LuaHookLog "/path/to/script.lua" logger</pre>
 
-<pre class="prettyprint lang-lua">-- /path/to/script.lua --
-function logger(r)
-    -- flip a coin:
-    -- If 1, then we write to our own Lua log and tell httpd not to log
-    -- in the main log.
-    -- If 2, then we just sanitize the output a bit and tell httpd to 
-    -- log the sanitized bits.
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="writingauthzproviders" id="writingauthzproviders">Writing Authorization Providers</a></h2>
 
-    if math.random(1,2) == 1 then
-        -- Log stuff ourselves and don't log in the regular log
-        local f = io.open("/foo/secret.log", "a")
-        if f then
-            f:write("Something secret happened at " .. r.uri .. "\n")
-            f:close()
-        end
-        return apache2.DONE -- Tell httpd not to use the regular logging functions
-    else
-        r.uri = r.uri:gsub("somesecretstuff", "") -- sanitize the URI
-        return apache2.OK -- tell httpd to log it.
-    end
-end</pre>
 
+<p><code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code> provides a high-level interface to
+authorization that is much easier to use than using into the relevant
+hooks directly. The first argument to the
+<code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> directive gives
+the name of the responsible authorization provider. For any
+<code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> line,
+<code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code> will call the authorization provider
+of the given name, passing the rest of the line as parameters. The
+provider will then check authorization and pass the result as return
+value.</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaHookMapToStorage" id="LuaHookMapToStorage">LuaHookMapToStorage</a> <a name="luahookmaptostorage" id="luahookmaptostorage">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the map_to_storage phase of request processing</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookMapToStorage  /path/to/lua/script.lua hook_function_name</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-</table>
-    <p>Like <code class="directive">LuaHookTranslateName</code> but executed at the 
-    map-to-storage phase of a request. Modules like mod_cache run at this phase,
-    which makes for an interesting example on what to do here:</p>
-    <pre class="prettyprint lang-config">LuaHookMapToStorage "/path/to/lua/script.lua" check_cache</pre>
+<p>The authz provider is normally called before authentication. If it needs to
+know the authenticated user name (or if the user will be authenticated at
+all), the provider must return <code>apache2.AUTHZ_DENIED_NO_USER</code>.
+This will cause authentication to proceed and the authz provider to be
+called a second time.</p>
 
-    <pre class="prettyprint lang-lua">require"apache2"
-cached_files = {}
+<p>The following authz provider function takes two arguments, one ip
+address and one user name. It will allow access from the given ip address
+without authentication, or if the authenticated user matches the second
+argument:</p>
 
-function read_file(filename) 
-    local input = io.open(filename, "r")
-    if input then
-        local data = input:read("*a")
-        cached_files[filename] = data
-        file = cached_files[filename]
-        input:close()
-    end
-    return cached_files[filename]
-end
+<pre class="prettyprint lang-lua">
+<strong>authz_provider.lua</strong><br />
 
-function check_cache(r)
-    if r.filename:match("%.png$") then -- Only match PNG files
-        local file = cached_files[r.filename] -- Check cache entries
-        if not file then
-            file = read_file(r.filename)  -- Read file into cache
-        end
-        if file then -- If file exists, write it out
-            r.status = 200
-            r:write(file)
-            r:info(("Sent %s to client from cache"):format(r.filename))
-            return apache2.DONE -- skip default handler for PNG files
-        end
+require 'apache2'
+
+function authz_check_foo(r, ip, user)
+    if r.useragent_ip == ip then
+        return apache2.AUTHZ_GRANTED
+    elseif r.user == nil then
+        return apache2.AUTHZ_DENIED_NO_USER
+    elseif r.user == user then
+        return apache2.AUTHZ_GRANTED
+    else
+        return apache2.AUTHZ_DENIED
     end
-    return apache2.DECLINED -- If we had nothing to do, let others serve this.
 end</pre>
 
 
-    
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaHookTranslateName" id="LuaHookTranslateName">LuaHookTranslateName</a> <a name="luahooktranslatename" id="luahooktranslatename">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the translate name phase of request processing</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookTranslateName  /path/to/lua/script.lua  hook_function_name [early|late]</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>The optional third argument is supported in 2.3.15 and later</td></tr>
-</table><p>
-    Add a hook (at APR_HOOK_MIDDLE) to the translate name phase of
-    request processing. The hook function receives a single
-    argument, the request_rec, and should return a status code,
-    which is either an HTTP error code, or the constants defined
-    in the apache2 module: apache2.OK, apache2.DECLINED, or
-    apache2.DONE. </p>
+<p>The following configuration registers this function as provider
+<code>foo</code> and configures it for URL <code>/</code>:</p>
+<pre class="prettyprint lang-config">LuaAuthzProvider foo authz_provider.lua authz_check_foo
+&lt;Location "/"&gt;
+  Require foo 10.1.2.3 john_doe
+&lt;/Location&gt;</pre>
 
-    <p>For those new to hooks, basically each hook will be invoked
-    until one of them returns apache2.OK. If your hook doesn't
-    want to do the translation it should just return
-    apache2.DECLINED. If the request should stop processing, then
-    return apache2.DONE.</p>
 
-    <p>Example:</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="writinghooks" id="writinghooks">Writing Hooks</a></h2>
 
-<pre class="prettyprint lang-config"># httpd.conf
-LuaHookTranslateName "/scripts/conf/hooks.lua" silly_mapper</pre>
+<p>Hook functions are how modules (and Lua scripts) participate in the
+processing of requests. Each type of hook exposed by the server exists for
+a specific purpose, such as mapping requests to the file system,
+performing access control, or setting mime types:</p>
+
+<table class="bordered"><tr class="header">
+        <th>Hook phase</th>
+        <th>mod_lua directive</th>
+        <th>Description</th>
+    </tr>
+<tr>
+        <td>Quick handler</td>
+        <td><code class="directive"><a href="#luaquickhandler">LuaQuickHandler</a></code></td>
+        <td>This is the first hook that will be called after a request has 
+            been mapped to a host or virtual host</td>
+    </tr>
+<tr class="odd">
+        <td>Translate name</td>
+        <td><code class="directive"><a href="#luahooktranslatename">LuaHookTranslateName</a></code></td>
+        <td>This phase translates the requested URI into a filename on the 
+            system. Modules such as <code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code> and
+            <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> operate in this phase.</td>
+    </tr>
+<tr>
+        <td>Map to storage</td>
+        <td><code class="directive"><a href="#luahookmaptostorage">LuaHookMapToStorage</a></code></td>
+        <td>This phase maps files to their physical, cached or external/proxied storage. 
+            It can be used by proxy or caching modules</td>
+    </tr>
+<tr class="odd">
+        <td>Check Access</td>
+        <td><code class="directive"><a href="#luahookaccesschecker">LuaHookAccessChecker</a></code></td>
+        <td>This phase checks whether a client has access to a resource. This 
+            phase is run before the user is authenticated, so beware.
+        </td>
+    </tr>
+<tr>
+        <td>Check User ID</td>
+        <td><code class="directive"><a href="#luahookcheckuserid">LuaHookCheckUserID</a></code></td>
+        <td>This phase it used to check the negotiated user ID</td>
+    </tr>
+<tr class="odd">
+        <td>Check Authorization</td>
+        <td><code class="directive"><a href="#luahookauthchecker">LuaHookAuthChecker</a></code> or 
+            <code class="directive"><a href="#luaauthzprovider">LuaAuthzProvider</a></code></td>
+        <td>This phase authorizes a user based on the negotiated credentials, such as 
+            user ID, client certificate etc.
+        </td>
+    </tr>
+<tr>
+        <td>Check Type</td>
+        <td><code class="directive"><a href="#luahooktypechecker">LuaHookTypeChecker</a></code></td>
+        <td>This phase checks the requested file and assigns a content type and 
+            a handler to it</td>
+    </tr>
+<tr class="odd">
+        <td>Fixups</td>
+        <td><code class="directive"><a href="#luahookfixups">LuaHookFixups</a></code></td>
+        <td>This is the final "fix anything" phase before the content handlers 
+            are run. Any last-minute changes to the request should be made here.</td>
+    </tr>
+<tr>
+        <td>Content handler</td>
+        <td>fx. <code>.lua</code> files or through <code class="directive"><a href="#luamaphandler">LuaMapHandler</a></code></td>
+        <td>This is where the content is handled. Files are read, parsed, some are run, 
+            and the result is sent to the client</td>
+    </tr>
+<tr class="odd">
+        <td>Logging</td>
+        <td><code class="directive"><a href="#luahooklog">LuaHookLog</a></code></td>
+        <td>Once a request has been handled, it enters several logging phases, 
+            which logs the request in either the error or access log. Mod_lua
+            is able to hook into the start of this and control logging output.</td>
+    </tr>
+</table>
+
+<p>Hook functions are passed the request object as their only argument 
+(except for LuaAuthzProvider, which also gets passed the arguments from 
+the Require directive).
+They can return any value, depending on the hook, but most commonly
+they'll return OK, DONE, or DECLINED, which you can write in Lua as
+<code>apache2.OK</code>, <code>apache2.DONE</code>, or
+<code>apache2.DECLINED</code>, or else an HTTP status code.</p>
 
 
-<pre class="prettyprint lang-lua">-- /scripts/conf/hooks.lua --
-require "apache2"
-function silly_mapper(r)
-    if r.uri == "/" then
-        r.filename = "/var/www/home.lua"
+<pre class="prettyprint lang-lua">
+<strong>translate_name.lua</strong><br />
+-- example hook that rewrites the URI to a filesystem path.
+
+require 'apache2'
+
+function translate_name(r)
+    if r.uri == "/translate-name" then
+        r.filename = r.document_root .. "/find_me.txt"
         return apache2.OK
-    else
-        return apache2.DECLINED
     end
+    -- we don't care about this URL, give another module a chance
+    return apache2.DECLINED
 end</pre>
 
 
-   <div class="note"><h3>Context</h3><p>This directive is not valid in <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code>, <code class="directive"><a href="../mod/core.html#files">&lt;Files&gt;</a></code>, or htaccess
-   context.</p></div>
 
-   <div class="note"><h3>Ordering</h3><p>The optional arguments "early" or "late" 
-   control when this script runs relative to other modules.</p></div>
+<pre class="prettyprint lang-lua">
+<strong>translate_name2.lua</strong><br />
+--[[ example hook that rewrites one URI to another URI. It returns a
+     apache2.DECLINED to give other URL mappers a chance to work on the
+     substitution, including the core translate_name hook which maps based
+     on the DocumentRoot.
 
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaHookTypeChecker" id="LuaHookTypeChecker">LuaHookTypeChecker</a> <a name="luahooktypechecker" id="luahooktypechecker">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the type_checker phase of request processing</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookTypeChecker  /path/to/lua/script.lua hook_function_name</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-</table><p>
-    This directive provides a hook for the type_checker phase of the request processing. 
-    This phase is where requests are assigned a content type and a handler, and thus can 
-    be used to modify the type and handler based on input:
-    </p>
-    <pre class="prettyprint lang-config">LuaHookTypeChecker "/path/to/lua/script.lua" type_checker</pre>
-
-    <pre class="prettyprint lang-lua">    function type_checker(r)
-        if r.uri:match("%.to_gif$") then -- match foo.png.to_gif
-            r.content_type = "image/gif" -- assign it the image/gif type
-            r.handler = "gifWizard"      -- tell the gifWizard module to handle this
-            r.filename = r.uri:gsub("%.to_gif$", "") -- fix the filename requested
-            return apache2.OK
-        end
-
-        return apache2.DECLINED
-    end</pre>
-
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaInherit" id="LuaInherit">LuaInherit</a> <a name="luainherit" id="luainherit">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Controls how parent configuration sections are merged into children</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaInherit none|parent-first|parent-last</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LuaInherit parent-first</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>2.4.0 and later</td></tr>
-</table><p>By default, if LuaHook* directives are used in overlapping
-    Directory or Location configuration sections, the scripts defined in the
-    more specific section are run <em>after</em> those defined in the more
-    generic section (LuaInherit parent-first).  You can reverse this order, or
-    make the parent context not apply at all.</p>
-    
-    <p> In previous 2.3.x releases, the default was effectively to ignore LuaHook*
-    directives from parent configuration sections.</p>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaInputFilter" id="LuaInputFilter">LuaInputFilter</a> <a name="luainputfilter" id="luainputfilter">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a Lua function for content input filtering</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaInputFilter filter_name /path/to/lua/script.lua function_name</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>2.4.5 and later</td></tr>
-</table>
-<p>Provides a means of adding a Lua function as an input filter. 
-As with output filters, input filters work as coroutines, 
-first yielding before buffers are sent, then yielding whenever 
-a bucket needs to be passed down the chain, and finally (optionally) 
-yielding anything that needs to be appended to the input data. The 
-global variable <code>bucket</code> holds the buckets as they are passed 
-onto the Lua script:
-</p>
-
-<pre class="prettyprint lang-config">LuaInputFilter myInputFilter "/www/filter.lua" input_filter
-&lt;Files "*.lua"&gt;
-  SetInputFilter myInputFilter
-&lt;/Files&gt;</pre>
-
-<pre class="prettyprint lang-lua">--[[
-    Example input filter that converts all POST data to uppercase.
-]]--
-function input_filter(r)
-    print("luaInputFilter called") -- debug print
-    coroutine.yield() -- Yield and wait for buckets
-    while bucket do -- For each bucket, do...
-        local output = string.upper(bucket) -- Convert all POST data to uppercase
-        coroutine.yield(output) -- Send converted data down the chain
-    end
-    -- No more buckets available.
-    coroutine.yield("&amp;filterSignature=1234") -- Append signature at the end
-end</pre>
-
-<p>
-The input filter supports denying/skipping a filter if it is deemed unwanted:
-</p>
-<pre class="prettyprint lang-lua">function input_filter(r)
-    if not good then
-        return -- Simply deny filtering, passing on the original content instead
-    end
-    coroutine.yield() -- wait for buckets
-    ... -- insert filter stuff here
-end</pre>
-
-<p>
-See "<a href="#modifying_buckets">Modifying contents with Lua 
-filters</a>" for more information.
-</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaMapHandler" id="LuaMapHandler">LuaMapHandler</a> <a name="luamaphandler" id="luamaphandler">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Map a path to a lua handler</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-</table>
-    <p>This directive matches a uri pattern to invoke a specific
-    handler function in a specific file. It uses PCRE regular
-    expressions to match the uri, and supports interpolating
-    match groups into both the file path and the function name. 
-    Be careful writing your regular expressions to avoid security
-    issues.</p>
-   <div class="example"><h3>Examples:</h3><pre class="prettyprint lang-config">LuaMapHandler "/(\w+)/(\w+)" "/scripts/$1.lua" "handle_$2"</pre>
-</div>
-        <p>This would match uri's such as /photos/show?id=9
-        to the file /scripts/photos.lua and invoke the
-        handler function handle_show on the lua vm after
-        loading that file.</p>
-
-<pre class="prettyprint lang-config">LuaMapHandler "/bingo" "/scripts/wombat.lua"</pre>
-
-        <p>This would invoke the "handle" function, which
-        is the default if no specific function name is
-        provided.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaOutputFilter" id="LuaOutputFilter">LuaOutputFilter</a> <a name="luaoutputfilter" id="luaoutputfilter">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a Lua function for content output filtering</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaOutputFilter filter_name /path/to/lua/script.lua function_name</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>2.4.5 and later</td></tr>
-</table>
-<p>Provides a means of adding a Lua function as an output filter. 
-As with input filters, output filters work as coroutines, 
-first yielding before buffers are sent, then yielding whenever 
-a bucket needs to be passed down the chain, and finally (optionally) 
-yielding anything that needs to be appended to the input data. The 
-global variable <code>bucket</code> holds the buckets as they are passed 
-onto the Lua script:
-</p>
-
-<pre class="prettyprint lang-config">LuaOutputFilter myOutputFilter "/www/filter.lua" output_filter
-&lt;Files "*.lua"&gt;
-  SetOutputFilter myOutputFilter
-&lt;/Files&gt;</pre>
-
-<pre class="prettyprint lang-lua">--[[
-    Example output filter that escapes all HTML entities in the output
-]]--
-function output_filter(r)
-    coroutine.yield("(Handled by myOutputFilter)&lt;br/&gt;\n") -- Prepend some data to the output,
-                                                          -- yield and wait for buckets.
-    while bucket do -- For each bucket, do...
-        local output = r:escape_html(bucket) -- Escape all output
-        coroutine.yield(output) -- Send converted data down the chain
-    end
-    -- No more buckets available.
-end</pre>
-
-<p>
-As with the input filter, the output filter supports denying/skipping a filter 
-if it is deemed unwanted:
-</p>
-<pre class="prettyprint lang-lua">function output_filter(r)
-    if not r.content_type:match("text/html") then
-        return -- Simply deny filtering, passing on the original content instead
-    end
-    coroutine.yield() -- wait for buckets
-    ... -- insert filter stuff here
-end</pre>
-
-<div class="note"><h3>Lua filters with <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code></h3>
-<p> When a Lua filter is used as the underlying provider via the 
-<code class="directive"><a href="../mod/mod_filter.html#filterprovider">FilterProvider</a></code> directive, filtering 
-will only work when the <var>filter-name</var> is identical to the <var>provider-name</var>.
-</p> </div>
-
-<p>
-See "<a href="#modifying_buckets">Modifying contents with Lua filters</a>" for more 
-information.
-</p>
-
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaPackageCPath" id="LuaPackageCPath">LuaPackageCPath</a> <a name="luapackagecpath" id="luapackagecpath">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Add a directory to lua's package.cpath</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaPackageCPath /path/to/include/?.soa</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-</table>
-    <p>Add a path to lua's shared library search path. Follows the same
-    conventions as lua. This just munges the package.cpath in the
-    lua vms.</p>
-
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaPackagePath" id="LuaPackagePath">LuaPackagePath</a> <a name="luapackagepath" id="luapackagepath">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Add a directory to lua's package.path</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaPackagePath /path/to/include/?.lua</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-</table><p>Add a path to lua's module search path. Follows the same
-    conventions as lua. This just munges the package.path in the
-    lua vms.</p>
-
-    <div class="example"><h3>Examples:</h3><pre class="prettyprint lang-config">LuaPackagePath "/scripts/lib/?.lua"
-LuaPackagePath "/scripts/lib/?/init.lua"</pre>
-</div>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaQuickHandler" id="LuaQuickHandler">LuaQuickHandler</a> <a name="luaquickhandler" id="luaquickhandler">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the quick handler of request processing</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaQuickHandler /path/to/script.lua hook_function_name</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-</table>
-    <p>
-    This phase is run immediately after the request has been mapped to a virtal host, 
-    and can be used to either do some request processing before the other phases kick 
-    in, or to serve a request without the need to translate, map to storage et cetera. 
-    As this phase is run before anything else, directives such as <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code> or <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code> are void in this phase, just as 
-    URIs have not been properly parsed yet.
-    </p>
-   <div class="note"><h3>Context</h3><p>This directive is not valid in <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code>, <code class="directive"><a href="../mod/core.html#files">&lt;Files&gt;</a></code>, or htaccess
-   context.</p></div>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaRoot" id="LuaRoot">LuaRoot</a> <a name="luaroot" id="luaroot">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specify the base path for resolving relative paths for mod_lua directives</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaRoot /path/to/a/directory</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-</table>
-    <p>Specify the base path which will be used to evaluate all
-    relative paths within mod_lua. If not specified they
-    will be resolved relative to the current working directory,
-    which may not always work well for a server.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LuaScope" id="LuaScope">LuaScope</a> <a name="luascope" id="luascope">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>One of once, request, conn, thread -- default is once</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaScope once|request|conn|thread|server [min] [max]</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LuaScope once</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
-</table>
-    <p>Specify the life cycle scope of the Lua interpreter which will
-    be used by handlers in this "Directory." The default is "once"</p>
-
-   <dl>
-    <dt>once:</dt> <dd>use the interpreter once and throw it away.</dd>
-
-    <dt>request:</dt> <dd>use the interpreter to handle anything based on
-             the same file within this request, which is also
-             request scoped.</dd>
-
-    <dt>conn:</dt> <dd>Same as request but attached to the connection_rec</dd>
-
-    <dt>thread:</dt> <dd>Use the interpreter for the lifetime of the thread 
-            handling the request (only available with threaded MPMs).</dd>
-
-    <dt>server:</dt>  <dd>This one is different than others because the
-            server scope is quite long lived, and multiple threads
-            will have the same server_rec. To accommodate this,
-            server scoped Lua states are stored in an apr
-            resource list. The <code>min</code> and <code>max</code> arguments 
-            specify the minimum and maximum number of Lua states to keep in the 
-            pool.</dd>
-   </dl>
-    <p>
-    Generally speaking, the <code>thread</code> and <code>server</code> scopes 
-    execute roughly 2-3 times faster than the rest, because they don't have to 
-    spawn new Lua states on every request (especially with the event MPM, as 
-    even keepalive requests will use a new thread for each request). If you are 
-    satisfied that your scripts will not have problems reusing a state, then 
-    the <code>thread</code> or <code>server</code> scopes should be used for 
-    maximum performance. While the <code>thread</code> scope will provide the 
-    fastest responses, the <code>server</code> scope will use less memory, as 
-    states are pooled, allowing f.x. 1000 threads to share only 100 Lua states, 
-    thus using only 10% of the memory required by the <code>thread</code> scope.
-    </p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="basicconf" id="basicconf">Basic Configuration</a></h2>
-
-<p>The basic module loading directive is</p>
-
-<pre class="prettyprint lang-config">LoadModule lua_module modules/mod_lua.so</pre>
-
-
-<p>
-<code>mod_lua</code> provides a handler named <code>lua-script</code>,
-which can be used with a <code class="directive"><a href="../mod/core.html#sethandler">SetHandler</a></code> or
-<code class="directive"><a href="../mod/mod_mime.html#addhandler">AddHandler</a></code> directive:</p>
-
-<pre class="prettyprint lang-config">&lt;Files "*.lua"&gt;
-    SetHandler lua-script
-&lt;/Files&gt;</pre>
-
-
-<p>
-This will cause <code>mod_lua</code> to handle requests for files
-ending in <code>.lua</code> by invoking that file's
-<code>handle</code> function.
-</p>
-
-<p>For more flexibility, see <code class="directive">LuaMapHandler</code>.
-</p>
-
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="writinghandlers" id="writinghandlers">Writing Handlers</a></h2>
-<p> In the Apache HTTP Server API, the handler is a specific kind of hook
-responsible for generating the response.  Examples of modules that include a
-handler are <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code>, <code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code>,
-and <code class="module"><a href="../mod/mod_status.html">mod_status</a></code>.</p>
-
-<p><code>mod_lua</code> always looks to invoke a Lua function for the handler, rather than
-just evaluating a script body CGI style. A handler function looks
-something like this:</p>
-
-
-<pre class="prettyprint lang-lua">
-<strong>example.lua</strong><br />
--- example handler
-
-require "string"
-
---[[
-     This is the default method name for Lua handlers, see the optional
-     function-name in the LuaMapHandler directive to choose a different
-     entry point.
---]]
-function handle(r)
-    r.content_type = "text/plain"
-
-    if r.method == 'GET' then
-        r:puts("Hello Lua World!\n")
-        for k, v in pairs( r:parseargs() ) do
-            r:puts( string.format("%s: %s\n", k, v) )
-        end
-    elseif r.method == 'POST' then
-        r:puts("Hello Lua World!\n")
-        for k, v in pairs( r:parsebody() ) do
-            r:puts( string.format("%s: %s\n", k, v) )
-        end
-    elseif r.method == 'PUT' then
--- use our own Error contents
-        r:puts("Unsupported HTTP method " .. r.method)
-        r.status = 405
-        return apache2.ok
-    else
--- use the ErrorDocument
-        return 501
-    end
-    return apache2.OK
-end</pre>
-
-
-<p>
-This handler function just prints out the uri or form encoded
-arguments to a plaintext page.
-</p>
-
-<p>
-This means (and in fact encourages) that you can have multiple
-handlers (or hooks, or filters) in the same script.
-</p>
-
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="writingauthzproviders" id="writingauthzproviders">Writing Authorization Providers</a></h2>
-
-
-<p><code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code> provides a high-level interface to
-authorization that is much easier to use than using into the relevant
-hooks directly. The first argument to the
-<code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> directive gives
-the name of the responsible authorization provider. For any
-<code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> line,
-<code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code> will call the authorization provider
-of the given name, passing the rest of the line as parameters. The
-provider will then check authorization and pass the result as return
-value.</p>
-
-<p>The authz provider is normally called before authentication. If it needs to
-know the authenticated user name (or if the user will be authenticated at
-all), the provider must return <code>apache2.AUTHZ_DENIED_NO_USER</code>.
-This will cause authentication to proceed and the authz provider to be
-called a second time.</p>
-
-<p>The following authz provider function takes two arguments, one ip
-address and one user name. It will allow access from the given ip address
-without authentication, or if the authenticated user matches the second
-argument:</p>
-
-<pre class="prettyprint lang-lua">
-<strong>authz_provider.lua</strong><br />
-
-require 'apache2'
-
-function authz_check_foo(r, ip, user)
-    if r.useragent_ip == ip then
-        return apache2.AUTHZ_GRANTED
-    elseif r.user == nil then
-        return apache2.AUTHZ_DENIED_NO_USER
-    elseif r.user == user then
-        return apache2.AUTHZ_GRANTED
-    else
-        return apache2.AUTHZ_DENIED
-    end
-end</pre>
-
-
-<p>The following configuration registers this function as provider
-<code>foo</code> and configures it for URL <code>/</code>:</p>
-<pre class="prettyprint lang-config">LuaAuthzProvider foo authz_provider.lua authz_check_foo
-&lt;Location "/"&gt;
-  Require foo 10.1.2.3 john_doe
-&lt;/Location&gt;</pre>
-
-
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="writinghooks" id="writinghooks">Writing Hooks</a></h2>
-
-<p>Hook functions are how modules (and Lua scripts) participate in the
-processing of requests. Each type of hook exposed by the server exists for
-a specific purpose, such as mapping requests to the file system,
-performing access control, or setting mime types:</p>
-
-<table class="bordered"><tr class="header">
-        <th>Hook phase</th>
-        <th>mod_lua directive</th>
-        <th>Description</th>
-    </tr>
-<tr>
-        <td>Quick handler</td>
-        <td><code class="directive"><a href="#luaquickhandler">LuaQuickHandler</a></code></td>
-        <td>This is the first hook that will be called after a request has 
-            been mapped to a host or virtual host</td>
-    </tr>
-<tr class="odd">
-        <td>Translate name</td>
-        <td><code class="directive"><a href="#luahooktranslatename">LuaHookTranslateName</a></code></td>
-        <td>This phase translates the requested URI into a filename on the 
-            system. Modules such as <code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code> and
-            <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> operate in this phase.</td>
-    </tr>
-<tr>
-        <td>Map to storage</td>
-        <td><code class="directive"><a href="#luahookmaptostorage">LuaHookMapToStorage</a></code></td>
-        <td>This phase maps files to their physical, cached or external/proxied storage. 
-            It can be used by proxy or caching modules</td>
-    </tr>
-<tr class="odd">
-        <td>Check Access</td>
-        <td><code class="directive"><a href="#luahookaccesschecker">LuaHookAccessChecker</a></code></td>
-        <td>This phase checks whether a client has access to a resource. This 
-            phase is run before the user is authenticated, so beware.
-        </td>
-    </tr>
-<tr>
-        <td>Check User ID</td>
-        <td><code class="directive"><a href="#luahookcheckuserid">LuaHookCheckUserID</a></code></td>
-        <td>This phase it used to check the negotiated user ID</td>
-    </tr>
-<tr class="odd">
-        <td>Check Authorization</td>
-        <td><code class="directive"><a href="#luahookauthchecker">LuaHookAuthChecker</a></code> or 
-            <code class="directive"><a href="#luaauthzprovider">LuaAuthzProvider</a></code></td>
-        <td>This phase authorizes a user based on the negotiated credentials, such as 
-            user ID, client certificate etc.
-        </td>
-    </tr>
-<tr>
-        <td>Check Type</td>
-        <td><code class="directive"><a href="#luahooktypechecker">LuaHookTypeChecker</a></code></td>
-        <td>This phase checks the requested file and assigns a content type and 
-            a handler to it</td>
-    </tr>
-<tr class="odd">
-        <td>Fixups</td>
-        <td><code class="directive"><a href="#luahookfixups">LuaHookFixups</a></code></td>
-        <td>This is the final "fix anything" phase before the content handlers 
-            are run. Any last-minute changes to the request should be made here.</td>
-    </tr>
-<tr>
-        <td>Content handler</td>
-        <td>fx. <code>.lua</code> files or through <code class="directive"><a href="#luamaphandler">LuaMapHandler</a></code></td>
-        <td>This is where the content is handled. Files are read, parsed, some are run, 
-            and the result is sent to the client</td>
-    </tr>
-<tr class="odd">
-        <td>Logging</td>
-        <td><code class="directive"><a href="#luahooklog">LuaHookLog</a></code></td>
-        <td>Once a request has been handled, it enters several logging phases, 
-            which logs the request in either the error or access log. Mod_lua
-            is able to hook into the start of this and control logging output.</td>
-    </tr>
-</table>
-
-<p>Hook functions are passed the request object as their only argument 
-(except for LuaAuthzProvider, which also gets passed the arguments from 
-the Require directive).
-They can return any value, depending on the hook, but most commonly
-they'll return OK, DONE, or DECLINED, which you can write in Lua as
-<code>apache2.OK</code>, <code>apache2.DONE</code>, or
-<code>apache2.DECLINED</code>, or else an HTTP status code.</p>
-
-
-<pre class="prettyprint lang-lua">
-<strong>translate_name.lua</strong><br />
--- example hook that rewrites the URI to a filesystem path.
-
-require 'apache2'
-
-function translate_name(r)
-    if r.uri == "/translate-name" then
-        r.filename = r.document_root .. "/find_me.txt"
-        return apache2.OK
-    end
-    -- we don't care about this URL, give another module a chance
-    return apache2.DECLINED
-end</pre>
-
-
-
-<pre class="prettyprint lang-lua">
-<strong>translate_name2.lua</strong><br />
---[[ example hook that rewrites one URI to another URI. It returns a
-     apache2.DECLINED to give other URL mappers a chance to work on the
-     substitution, including the core translate_name hook which maps based
-     on the DocumentRoot.
-
-     Note: Use the early/late flags in the directive to make it run before
-           or after mod_alias.
---]]
+     Note: Use the early/late flags in the directive to make it run before
+           or after mod_alias.
+--]]
 
 require 'apache2'
 
@@ -1299,566 +672,1193 @@ while we_have_stuff_to_send do
 end</pre>
 
 
-<pre class="prettyprint lang-lua">r:addoutputfilter(name|function) -- add an output filter:
+<pre class="prettyprint lang-lua">r:addoutputfilter(name|function) -- add an output filter:
+
+r:addoutputfilter("fooFilter") -- add the fooFilter to the output stream</pre>
+
+
+<pre class="prettyprint lang-lua">r:sendfile(filename) -- sends an entire file to the client, using sendfile if supported by the current platform:
+
+if use_sendfile_thing then
+    r:sendfile("/var/www/large_file.img")
+end</pre>
+
+
+<pre class="prettyprint lang-lua">r:parseargs() -- returns two tables; one standard key/value table for regular GET data, 
+              -- and one for multi-value data (fx. foo=1&amp;foo=2&amp;foo=3):
+
+local GET, GETMULTI = r:parseargs()
+r:puts("Your name is: " .. GET['name'] or "Unknown")</pre>
+
+
+<pre class="prettyprint lang-lua">r:parsebody([sizeLimit]) -- parse the request body as a POST and return two lua tables,
+                         -- just like r:parseargs().
+                         -- An optional number may be passed to specify the maximum number 
+                         -- of bytes to parse. Default is 8192 bytes:
+                 
+local POST, POSTMULTI = r:parsebody(1024*1024)
+r:puts("Your name is: " .. POST['name'] or "Unknown")</pre>
+
+
+<pre class="prettyprint lang-lua">r:puts("hello", " world", "!") -- print to response body, self explanatory</pre>
+
+
+<pre class="prettyprint lang-lua">r:write("a single string") -- print to response body, self explanatory</pre>
+
+
+<pre class="prettyprint lang-lua">r:escape_html("&lt;html&gt;test&lt;/html&gt;") -- Escapes HTML code and returns the escaped result</pre>
+
+
+<pre class="prettyprint lang-lua">r:base64_encode(string) -- Encodes a string using the Base64 encoding standard:
+
+local encoded = r:base64_encode("This is a test") -- returns VGhpcyBpcyBhIHRlc3Q=</pre>
+
+
+<pre class="prettyprint lang-lua">r:base64_decode(string) -- Decodes a Base64-encoded string:
+
+local decoded = r:base64_decode("VGhpcyBpcyBhIHRlc3Q=") -- returns 'This is a test'</pre>
+
+
+<pre class="prettyprint lang-lua">r:md5(string) -- Calculates and returns the MD5 digest of a string (binary safe):
+
+local hash = r:md5("This is a test") -- returns ce114e4501d2f4e2dcea3e17b546f339</pre>
+
+
+<pre class="prettyprint lang-lua">r:sha1(string) -- Calculates and returns the SHA1 digest of a string (binary safe):
+
+local hash = r:sha1("This is a test") -- returns a54d88e06612d820bc3be72877c74f257b561b19</pre>
+
+
+<pre class="prettyprint lang-lua">r:escape(string) -- URL-Escapes a string:
+
+local url = "http://foo.bar/1 2 3 &amp; 4 + 5"
+local escaped = r:escape(url) -- returns 'http%3a%2f%2ffoo.bar%2f1+2+3+%26+4+%2b+5'</pre>
+
+
+<pre class="prettyprint lang-lua">r:unescape(string) -- Unescapes an URL-escaped string:
+
+local url = "http%3a%2f%2ffoo.bar%2f1+2+3+%26+4+%2b+5"
+local unescaped = r:unescape(url) -- returns 'http://foo.bar/1 2 3 &amp; 4 + 5'</pre>
+
+
+<pre class="prettyprint lang-lua">r:construct_url(string) -- Constructs an URL from an URI
+
+local url = r:construct_url(r.uri)</pre>
+
+
+<pre class="prettyprint lang-lua">r.mpm_query(number) -- Queries the server for MPM information using ap_mpm_query:
+
+local mpm = r.mpm_query(14)
+if mpm == 1 then
+    r:puts("This server uses the Event MPM")
+end</pre>
+
+
+<pre class="prettyprint lang-lua">r:expr(string) -- Evaluates an <a href="../expr.html">expr</a> string.
+
+if r:expr("%{HTTP_HOST} =~ /^www/") then
+    r:puts("This host name starts with www")
+end</pre>
+
+
+<pre class="prettyprint lang-lua">r:scoreboard_process(a) -- Queries the server for information about the process at position <code>a</code>:
+
+local process = r:scoreboard_process(1)
+r:puts("Server 1 has PID " .. process.pid)</pre>
+
+
+<pre class="prettyprint lang-lua">r:scoreboard_worker(a, b) -- Queries for information about the worker thread, <code>b</code>, in process <code>a</code>:
+
+local thread = r:scoreboard_worker(1, 1)
+r:puts("Server 1's thread 1 has thread ID " .. thread.tid .. " and is in " .. thread.status .. " status")</pre>
+
+
+
+<pre class="prettyprint lang-lua">r:clock() -- Returns the current time with microsecond precision</pre>
+
+
+<pre class="prettyprint lang-lua">r:requestbody(filename) -- Reads and returns the request body of a request.
+                -- If 'filename' is specified, it instead saves the
+                -- contents to that file:
+                
+local input = r:requestbody()
+r:puts("You sent the following request body to me:\n")
+r:puts(input)</pre>
+
+
+<pre class="prettyprint lang-lua">r:add_input_filter(filter_name) -- Adds 'filter_name' as an input filter</pre>
+
+
+<pre class="prettyprint lang-lua">r.module_info(module_name) -- Queries the server for information about a module
+
+local mod = r.module_info("mod_lua.c")
+if mod then
+    for k, v in pairs(mod.commands) do
+       r:puts( ("%s: %s\n"):format(k,v)) -- print out all directives accepted by this module
+    end
+end</pre>
+
+
+<pre class="prettyprint lang-lua">r:loaded_modules() -- Returns a list of modules loaded by httpd:
+
+for k, module in pairs(r:loaded_modules()) do
+    r:puts("I have loaded module " .. module .. "\n")
+end</pre>
+
+
+<pre class="prettyprint lang-lua">r:runtime_dir_relative(filename) -- Compute the name of a run-time file (e.g., shared memory "file") 
+                         -- relative to the appropriate run-time directory.</pre>
+
+
+<pre class="prettyprint lang-lua">r:server_info() -- Returns a table containing server information, such as 
+                -- the name of the httpd executable file, mpm used etc.</pre>
+
+
+<pre class="prettyprint lang-lua">r:set_document_root(file_path) -- Sets the document root for the request to file_path</pre>
+
+
+
+
+<pre class="prettyprint lang-lua">r:set_context_info(prefix, docroot) -- Sets the context prefix and context document root for a request</pre>
+
+
+<pre class="prettyprint lang-lua">r:os_escape_path(file_path) -- Converts an OS path to a URL in an OS dependent way</pre>
+
+
+<pre class="prettyprint lang-lua">r:escape_logitem(string) -- Escapes a string for logging</pre>
 
-r:addoutputfilter("fooFilter") -- add the fooFilter to the output stream</pre>
 
+<pre class="prettyprint lang-lua">r.strcmp_match(string, pattern) -- Checks if 'string' matches 'pattern' using strcmp_match (globs).
+                        -- fx. whether 'www.example.com' matches '*.example.com':
+                        
+local match = r.strcmp_match("foobar.com", "foo*.com")
+if match then 
+    r:puts("foobar.com matches foo*.com")
+end</pre>
 
-<pre class="prettyprint lang-lua">r:sendfile(filename) -- sends an entire file to the client, using sendfile if supported by the current platform:
 
-if use_sendfile_thing then
-    r:sendfile("/var/www/large_file.img")
-end</pre>
+<pre class="prettyprint lang-lua">r:set_keepalive() -- Sets the keepalive status for a request. Returns true if possible, false otherwise.</pre>
 
 
-<pre class="prettyprint lang-lua">r:parseargs() -- returns two tables; one standard key/value table for regular GET data, 
-              -- and one for multi-value data (fx. foo=1&amp;foo=2&amp;foo=3):
+<pre class="prettyprint lang-lua">r:make_etag() -- Constructs and returns the etag for the current request.</pre>
 
-local GET, GETMULTI = r:parseargs()
-r:puts("Your name is: " .. GET['name'] or "Unknown")</pre>
 
+<pre class="prettyprint lang-lua">r:send_interim_response(clear) -- Sends an interim (1xx) response to the client.
+                       -- if 'clear' is true, available headers will be sent and cleared.</pre>
 
-<pre class="prettyprint lang-lua">r:parsebody([sizeLimit]) -- parse the request body as a POST and return two lua tables,
-                         -- just like r:parseargs().
-                         -- An optional number may be passed to specify the maximum number 
-                         -- of bytes to parse. Default is 8192 bytes:
-                 
-local POST, POSTMULTI = r:parsebody(1024*1024)
-r:puts("Your name is: " .. POST['name'] or "Unknown")</pre>
 
+<pre class="prettyprint lang-lua">r:custom_response(status_code, string) -- Construct and set a custom response for a given status code.
+                               -- This works much like the ErrorDocument directive:
+                               
+r:custom_response(404, "Baleted!")</pre>
 
-<pre class="prettyprint lang-lua">r:puts("hello", " world", "!") -- print to response body, self explanatory</pre>
 
+<pre class="prettyprint lang-lua">r.exists_config_define(string) -- Checks whether a configuration definition exists or not:
 
-<pre class="prettyprint lang-lua">r:write("a single string") -- print to response body, self explanatory</pre>
+if r.exists_config_define("FOO") then
+    r:puts("httpd was probably run with -DFOO, or it was defined in the configuration")
+end</pre>
 
 
-<pre class="prettyprint lang-lua">r:escape_html("&lt;html&gt;test&lt;/html&gt;") -- Escapes HTML code and returns the escaped result</pre>
+<pre class="prettyprint lang-lua">r:state_query(string) -- Queries the server for state information</pre>
 
 
-<pre class="prettyprint lang-lua">r:base64_encode(string) -- Encodes a string using the Base64 encoding standard:
+<pre class="prettyprint lang-lua">r:stat(filename [,wanted]) -- Runs stat() on a file, and returns a table with file information:
 
-local encoded = r:base64_encode("This is a test") -- returns VGhpcyBpcyBhIHRlc3Q=</pre>
+local info = r:stat("/var/www/foo.txt")
+if info then
+    r:puts("This file exists and was last modified at: " .. info.modified)
+end</pre>
 
 
-<pre class="prettyprint lang-lua">r:base64_decode(string) -- Decodes a Base64-encoded string:
+<pre class="prettyprint lang-lua">r:regex(string, pattern [,flags]) -- Runs a regular expression match on a string, returning captures if matched:
 
-local decoded = r:base64_decode("VGhpcyBpcyBhIHRlc3Q=") -- returns 'This is a test'</pre>
+local matches = r:regex("foo bar baz", [[foo (\w+) (\S*)]])
+if matches then
+    r:puts("The regex matched, and the last word captured ($2) was: " .. matches[2])
+end
 
+-- Example ignoring case sensitivity:
+local matches = r:regex("FOO bar BAz", [[(foo) bar]], 1)
 
-<pre class="prettyprint lang-lua">r:md5(string) -- Calculates and returns the MD5 digest of a string (binary safe):
+-- Flags can be a bitwise combination of:
+-- 0x01: Ignore case
+-- 0x02: Multiline search</pre>
 
-local hash = r:md5("This is a test") -- returns ce114e4501d2f4e2dcea3e17b546f339</pre>
 
+<pre class="prettyprint lang-lua">r.usleep(number_of_microseconds) -- Puts the script to sleep for a given number of microseconds.</pre>
 
-<pre class="prettyprint lang-lua">r:sha1(string) -- Calculates and returns the SHA1 digest of a string (binary safe):
 
-local hash = r:sha1("This is a test") -- returns a54d88e06612d820bc3be72877c74f257b561b19</pre>
+<pre class="prettyprint lang-lua">r:dbacquire(dbType[, dbParams]) -- Acquires a connection to a database and returns a database class.
+                        -- See '<a href="#databases">Database connectivity</a>' for details.</pre>
 
 
-<pre class="prettyprint lang-lua">r:escape(string) -- URL-Escapes a string:
+<pre class="prettyprint lang-lua">r:ivm_set("key", value) -- Set an Inter-VM variable to hold a specific value.
+                        -- These values persist even though the VM is gone or not being used,
+                        -- and so should only be used if MaxConnectionsPerChild is &gt; 0
+                        -- Values can be numbers, strings and booleans, and are stored on a 
+                        -- per process basis (so they won't do much good with a prefork mpm)
+                        
+r:ivm_get("key")        -- Fetches a variable set by ivm_set. Returns the contents of the variable
+                        -- if it exists or nil if no such variable exists.
+                        
+-- An example getter/setter that saves a global variable outside the VM:
+function handle(r)
+    -- First VM to call this will get no value, and will have to create it
+    local foo = r:ivm_get("cached_data")
+    if not foo then
+        foo = do_some_calcs() -- fake some return value
+        r:ivm_set("cached_data", foo) -- set it globally
+    end
+    r:puts("Cached data is: ", foo)
+end</pre>
 
-local url = "http://foo.bar/1 2 3 &amp; 4 + 5"
-local escaped = r:escape(url) -- returns 'http%3a%2f%2ffoo.bar%2f1+2+3+%26+4+%2b+5'</pre>
 
+<pre class="prettyprint lang-lua">r:htpassword(string [,algorithm [,cost]]) -- Creates a password hash from a string.
+                                          -- algorithm: 0 = APMD5 (default), 1 = SHA, 2 = BCRYPT, 3 = CRYPT.
+                                          -- cost: only valid with BCRYPT algorithm (default = 5).</pre>
 
-<pre class="prettyprint lang-lua">r:unescape(string) -- Unescapes an URL-escaped string:
 
-local url = "http%3a%2f%2ffoo.bar%2f1+2+3+%26+4+%2b+5"
-local unescaped = r:unescape(url) -- returns 'http://foo.bar/1 2 3 &amp; 4 + 5'</pre>
+<pre class="prettyprint lang-lua">r:mkdir(dir [,mode]) -- Creates a directory and sets mode to optional mode paramter.</pre>
 
 
-<pre class="prettyprint lang-lua">r:construct_url(string) -- Constructs an URL from an URI
+<pre class="prettyprint lang-lua">r:mkrdir(dir [,mode]) -- Creates directories recursive and sets mode to optional mode paramter.</pre>
 
-local url = r:construct_url(r.uri)</pre>
 
+<pre class="prettyprint lang-lua">r:rmdir(dir) -- Removes a directory.</pre>
 
-<pre class="prettyprint lang-lua">r.mpm_query(number) -- Queries the server for MPM information using ap_mpm_query:
 
-local mpm = r.mpm_query(14)
-if mpm == 1 then
-    r:puts("This server uses the Event MPM")
-end</pre>
+<pre class="prettyprint lang-lua">r:touch(file [,mtime]) -- Sets the file modification time to current time or to optional mtime msec value.</pre>
 
 
-<pre class="prettyprint lang-lua">r:expr(string) -- Evaluates an <a href="../expr.html">expr</a> string.
+<pre class="prettyprint lang-lua">r:get_direntries(dir) -- Returns a table with all directory entries.
 
-if r:expr("%{HTTP_HOST} =~ /^www/") then
-    r:puts("This host name starts with www")
+function handle(r)
+  local dir = r.context_document_root
+  for _, f in ipairs(r:get_direntries(dir)) do
+    local info = r:stat(dir .. "/" .. f)
+    if info then
+      local mtime = os.date(fmt, info.mtime / 1000000)
+      local ftype = (info.filetype == 2) and "[dir] " or "[file]"
+      r:puts( ("%s %s %10i %s\n"):format(ftype, mtime, info.size, f) )
+    end
+  end
 end</pre>
 
 
-<pre class="prettyprint lang-lua">r:scoreboard_process(a) -- Queries the server for information about the process at position <code>a</code>:
+<pre class="prettyprint lang-lua">r.date_parse_rfc(string) -- Parses a date/time string and returns seconds since epoche.</pre>
 
-local process = r:scoreboard_process(1)
-r:puts("Server 1 has PID " .. process.pid)</pre>
 
+<pre class="prettyprint lang-lua">r:getcookie(key) -- Gets a HTTP cookie</pre>
 
-<pre class="prettyprint lang-lua">r:scoreboard_worker(a, b) -- Queries for information about the worker thread, <code>b</code>, in process <code>a</code>:
 
-local thread = r:scoreboard_worker(1, 1)
-r:puts("Server 1's thread 1 has thread ID " .. thread.tid .. " and is in " .. thread.status .. " status")</pre>
+<pre class="prettyprint lang-lua">r:setcookie{
+  key = [key],
+  value = [value],
+  expires = [expiry],
+  secure = [boolean],
+  httponly = [boolean],
+  path = [path],
+  domain = [domain]
+} -- Sets a HTTP cookie, for instance:
 
+r:setcookie{
+  key = "cookie1",
+  value = "HDHfa9eyffh396rt",
+  expires = os.time() + 86400,
+  secure = true
+}</pre>
 
 
-<pre class="prettyprint lang-lua">r:clock() -- Returns the current time with microsecond precision</pre>
+<pre class="prettyprint lang-lua">r:wsupgrade() -- Upgrades a connection to WebSockets if possible (and requested):
+if r:wsupgrade() then -- if we can upgrade:
+    r:wswrite("Welcome to websockets!") -- write something to the client
+    r:wsclose()  -- goodbye!
+end</pre>
 
 
-<pre class="prettyprint lang-lua">r:requestbody(filename) -- Reads and returns the request body of a request.
-                -- If 'filename' is specified, it instead saves the
-                -- contents to that file:
-                
-local input = r:requestbody()
-r:puts("You sent the following request body to me:\n")
-r:puts(input)</pre>
+<pre class="prettyprint lang-lua">r:wsread() -- Reads a WebSocket frame from a WebSocket upgraded connection (see above):
+
+local line, isFinal = r:wsread() -- isFinal denotes whether this is the final frame.
+                                 -- If it isn't, then more frames can be read
+r:wswrite("You wrote: " .. line)</pre>
 
 
-<pre class="prettyprint lang-lua">r:add_input_filter(filter_name) -- Adds 'filter_name' as an input filter</pre>
+<pre class="prettyprint lang-lua">r:wswrite(line) -- Writes a frame to a WebSocket client:
+r:wswrite("Hello, world!")</pre>
 
 
-<pre class="prettyprint lang-lua">r.module_info(module_name) -- Queries the server for information about a module
+<pre class="prettyprint lang-lua">r:wsclose() -- Closes a WebSocket request and terminates it for httpd:
 
-local mod = r.module_info("mod_lua.c")
-if mod then
-    for k, v in pairs(mod.commands) do
-       r:puts( ("%s: %s\n"):format(k,v)) -- print out all directives accepted by this module
-    end
+if r:wsupgrade() then
+    r:wswrite("Write something: ")
+    local line = r:wsread() or "nothing"
+    r:wswrite("You wrote: " .. line);
+    r:wswrite("Goodbye!")
+    r:wsclose()
 end</pre>
 
 
-<pre class="prettyprint lang-lua">r:loaded_modules() -- Returns a list of modules loaded by httpd:
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="logging" id="logging">Logging Functions</a></h2>
 
-for k, module in pairs(r:loaded_modules()) do
-    r:puts("I have loaded module " .. module .. "\n")
+<pre class="prettyprint lang-lua">        -- examples of logging messages<br />
+        r:trace1("This is a trace log message") -- trace1 through trace8 can be used <br />
+        r:debug("This is a debug log message")<br />
+        r:info("This is an info log message")<br />
+        r:notice("This is a notice log message")<br />
+        r:warn("This is a warn log message")<br />
+        r:err("This is an err log message")<br />
+        r:alert("This is an alert log message")<br />
+        r:crit("This is a crit log message")<br />
+        r:emerg("This is an emerg log message")<br />
+</pre>
+
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="apache2" id="apache2">apache2 Package</a></h2>
+<p>A package named <code>apache2</code> is available with (at least) the following contents.</p>
+<dl>
+  <dt>apache2.OK</dt>
+  <dd>internal constant OK.  Handlers should return this if they've
+  handled the request.</dd>
+  <dt>apache2.DECLINED</dt>
+  <dd>internal constant DECLINED.  Handlers should return this if
+  they are not going to handle the request.</dd>
+  <dt>apache2.DONE</dt>
+  <dd>internal constant DONE.</dd>
+  <dt>apache2.version</dt>
+  <dd>Apache HTTP server version string</dd>
+  <dt>apache2.HTTP_MOVED_TEMPORARILY</dt>
+  <dd>HTTP status code</dd>
+  <dt>apache2.PROXYREQ_NONE, apache2.PROXYREQ_PROXY, apache2.PROXYREQ_REVERSE, apache2.PROXYREQ_RESPONSE</dt>
+  <dd>internal constants used by <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code></dd>
+  <dt>apache2.AUTHZ_DENIED, apache2.AUTHZ_GRANTED, apache2.AUTHZ_NEUTRAL, apache2.AUTHZ_GENERAL_ERROR, apache2.AUTHZ_DENIED_NO_USER</dt>
+  <dd>internal constants used by <code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code></dd>
+
+</dl>
+<p>(Other HTTP status codes are not yet implemented.)</p>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="modifying_buckets" id="modifying_buckets">Modifying contents with Lua filters</a></h2>
+    
+    <p>
+    Filter functions implemented via <code class="directive"><a href="#luainputfilter">LuaInputFilter</a></code> 
+    or <code class="directive"><a href="#luaoutputfilter">LuaOutputFilter</a></code> are designed as 
+    three-stage non-blocking functions using coroutines to suspend and resume a 
+    function as buckets are sent down the filter chain. The core structure of 
+    such a function is:
+    </p>
+    <pre class="prettyprint lang-lua">function filter(r)
+    -- Our first yield is to signal that we are ready to receive buckets.
+    -- Before this yield, we can set up our environment, check for conditions,
+    -- and, if we deem it necessary, decline filtering a request alltogether:
+    if something_bad then
+        return -- This would skip this filter.
+    end
+    -- Regardless of whether we have data to prepend, a yield MUST be called here.
+    -- Note that only output filters can prepend data. Input filters must use the 
+    -- final stage to append data to the content.
+    coroutine.yield([optional header to be prepended to the content])
+    
+    -- After we have yielded, buckets will be sent to us, one by one, and we can 
+    -- do whatever we want with them and then pass on the result.
+    -- Buckets are stored in the global variable 'bucket', so we create a loop
+    -- that checks if 'bucket' is not nil:
+    while bucket ~= nil do
+        local output = mangle(bucket) -- Do some stuff to the content
+        coroutine.yield(output) -- Return our new content to the filter chain
+    end
+
+    -- Once the buckets are gone, 'bucket' is set to nil, which will exit the 
+    -- loop and land us here. Anything extra we want to append to the content
+    -- can be done by doing a final yield here. Both input and output filters 
+    -- can append data to the content in this phase.
+    coroutine.yield([optional footer to be appended to the content])
 end</pre>
 
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="databases" id="databases">Database connectivity</a></h2>
+    
+    <p>
+    Mod_lua implements a simple database feature for querying and running commands
+    on the most popular database engines (mySQL, PostgreSQL, FreeTDS, ODBC, SQLite, Oracle)
+    as well as mod_dbd.
+    </p>
+    <p>The example below shows how to acquire a database handle and return information from a table:</p>
+    <pre class="prettyprint lang-lua">function handle(r)
+    -- Acquire a database handle
+    local database, err = r:dbacquire("mysql", "server=localhost,user=someuser,pass=somepass,dbname=mydb")
+    if not err then
+        -- Select some information from it
+        local results, err = database:select(r, "SELECT `name`, `age` FROM `people` WHERE 1")
+        if not err then
+            local rows = results(0) -- fetch all rows synchronously
+            for k, row in pairs(rows) do
+                r:puts( string.format("Name: %s, Age: %s&lt;br/&gt;", row[1], row[2]) )
+            end
+        else
+            r:puts("Database query error: " .. err)
+        end
+        database:close()
+    else
+        r:puts("Could not connect to the database: " .. err)
+    end
+end</pre>
 
-<pre class="prettyprint lang-lua">r:runtime_dir_relative(filename) -- Compute the name of a run-time file (e.g., shared memory "file") 
-                         -- relative to the appropriate run-time directory.</pre>
-
-
-<pre class="prettyprint lang-lua">r:server_info() -- Returns a table containing server information, such as 
-                -- the name of the httpd executable file, mpm used etc.</pre>
+    <p>
+    To utilize <code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code>, specify <code>mod_dbd</code>
+    as the database type, or leave the field blank:
+    </p>
+    <pre class="prettyprint lang-lua">local database = r:dbacquire("mod_dbd")</pre>
 
+    <h3><a name="database_object" id="database_object">Database object and contained functions</a></h3>
+        
+        <p>The database object returned by <code>dbacquire</code> has the following methods:</p>
+        <p><strong>Normal select and query from a database:</strong></p>
+    <pre class="prettyprint lang-lua">-- Run a statement and return the number of rows affected:
+local affected, errmsg = database:query(r, "DELETE FROM `tbl` WHERE 1")
 
-<pre class="prettyprint lang-lua">r:set_document_root(file_path) -- Sets the document root for the request to file_path</pre>
+-- Run a statement and return a result set that can be used synchronously or async:
+local result, errmsg = database:select(r, "SELECT * FROM `people` WHERE 1")</pre>
 
+        <p><strong>Using prepared statements (recommended):</strong></p>
+    <pre class="prettyprint lang-lua">-- Create and run a prepared statement:
+local statement, errmsg = database:prepare(r, "DELETE FROM `tbl` WHERE `age` &gt; %u")
+if not errmsg then
+    local result, errmsg = statement:query(20) -- run the statement with age &gt; 20
+end
 
+-- Fetch a prepared statement from a DBDPrepareSQL directive:
+local statement, errmsg = database:prepared(r, "someTag")
+if not errmsg then
+    local result, errmsg = statement:select("John Doe", 123) -- inject the values "John Doe" and 123 into the statement
+end</pre>
 
+        <p><strong>Escaping values, closing databases etc:</strong></p>
+    <pre class="prettyprint lang-lua">-- Escape a value for use in a statement:
+local escaped = database:escape(r, [["'|blabla]])
 
-<pre class="prettyprint lang-lua">r:set_context_info(prefix, docroot) -- Sets the context prefix and context document root for a request</pre>
+-- Close a database connection and free up handles:
+database:close()
 
+-- Check whether a database connection is up and running:
+local connected = database:active()</pre>
 
-<pre class="prettyprint lang-lua">r:os_escape_path(file_path) -- Converts an OS path to a URL in an OS dependent way</pre>
+    
+    <h3><a name="result_sets" id="result_sets">Working with result sets</a></h3>
+    
+    <p>The result set returned by <code>db:select</code> or by the prepared statement functions 
+    created through <code>db:prepare</code> can be used to
+    fetch rows synchronously or asynchronously, depending on the row number specified:<br />
+    <code>result(0)</code> fetches all rows in a synchronous manner, returning a table of rows.<br />
+    <code>result(-1)</code> fetches the next available row in the set, asynchronously.<br />
+    <code>result(N)</code> fetches row number <code>N</code>, asynchronously:
+    </p>
+    <pre class="prettyprint lang-lua">-- fetch a result set using a regular query:
+local result, err = db:select(r, "SELECT * FROM `tbl` WHERE 1")
 
+local rows = result(0) -- Fetch ALL rows synchronously
+local row = result(-1) -- Fetch the next available row, asynchronously
+local row = result(1234) -- Fetch row number 1234, asynchronously
+local row = result(-1, true) -- Fetch the next available row, using row names as key indexes.</pre>
 
-<pre class="prettyprint lang-lua">r:escape_logitem(string) -- Escapes a string for logging</pre>
+    <p>One can construct a function that returns an iterative function to iterate over all rows 
+    in a synchronous or asynchronous way, depending on the async argument:
+    </p>
+    <pre class="prettyprint lang-lua">function rows(resultset, async)
+    local a = 0
+    local function getnext()
+        a = a + 1
+        local row = resultset(-1)
+        return row and a or nil, row
+    end
+    if not async then
+        return pairs(resultset(0))
+    else
+        return getnext, self
+    end
+end
 
+local statement, err = db:prepare(r, "SELECT * FROM `tbl` WHERE `age` &gt; %u")
+if not err then
+     -- fetch rows asynchronously:
+    local result, err = statement:select(20)
+    if not err then
+        for index, row in rows(result, true) do
+            ....
+        end
+    end
 
-<pre class="prettyprint lang-lua">r.strcmp_match(string, pattern) -- Checks if 'string' matches 'pattern' using strcmp_match (globs).
-                        -- fx. whether 'www.example.com' matches '*.example.com':
-                        
-local match = r.strcmp_match("foobar.com", "foo*.com")
-if match then 
-    r:puts("foobar.com matches foo*.com")
+     -- fetch rows synchronously:
+    local result, err = statement:select(20)
+    if not err then
+        for index, row in rows(result, false) do
+            ....
+        end
+    end
 end</pre>
 
+    
+    <h3><a name="closing_databases" id="closing_databases">Closing a database connection</a></h3>
+        
 
-<pre class="prettyprint lang-lua">r:set_keepalive() -- Sets the keepalive status for a request. Returns true if possible, false otherwise.</pre>
-
-
-<pre class="prettyprint lang-lua">r:make_etag() -- Constructs and returns the etag for the current request.</pre>
-
-
-<pre class="prettyprint lang-lua">r:send_interim_response(clear) -- Sends an interim (1xx) response to the client.
-                       -- if 'clear' is true, available headers will be sent and cleared.</pre>
+    <p>Database handles should be closed using <code>database:close()</code> when they are no longer
+    needed. If you do not close them manually, they will eventually be garbage collected and 
+    closed by mod_lua, but you may end up having too many unused connections to the database 
+    if you leave the closing up to mod_lua. Essentially, the following two measures are
+    the same:
+    </p>
+    <pre class="prettyprint lang-lua">-- Method 1: Manually close a handle
+local database = r:dbacquire("mod_dbd")
+database:close() -- All done
 
+-- Method 2: Letting the garbage collector close it
+local database = r:dbacquire("mod_dbd")
+database = nil -- throw away the reference
+collectgarbage() -- close the handle via GC</pre>
 
-<pre class="prettyprint lang-lua">r:custom_response(status_code, string) -- Construct and set a custom response for a given status code.
-                               -- This works much like the ErrorDocument directive:
-                               
-r:custom_response(404, "Baleted!")</pre>
+    
+    <h3><a name="database_caveat" id="database_caveat">Precautions when working with databases</a></h3>
+    
+    <p>Although the standard <code>query</code> and <code>run</code> functions are freely 
+    available, it is recommended that you use prepared statements whenever possible, to 
+    both optimize performance (if your db handle lives on for a long time) and to minimize 
+    the risk of SQL injection attacks. <code>run</code> and <code>query</code> should only
+    be used when there are no variables inserted into a statement (a static statement). 
+    When using dynamic statements, use <code>db:prepare</code> or <code>db:prepared</code>.
+    </p>
+    
 
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaAuthzProvider" id="LuaAuthzProvider">LuaAuthzProvider</a> <a name="luaauthzprovider" id="luaauthzprovider">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Plug an authorization provider function into <code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code>
+</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaAuthzProvider provider_name /path/to/lua/script.lua function_name</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>2.4.3 and later</td></tr>
+</table>
+<p>After a lua function has been registered as authorization provider, it can be used
+with the <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> directive:</p>
 
-<pre class="prettyprint lang-lua">r.exists_config_define(string) -- Checks whether a configuration definition exists or not:
+<pre class="prettyprint lang-config">LuaRoot "/usr/local/apache2/lua"
+LuaAuthzProvider foo authz.lua authz_check_foo
+&lt;Location "/"&gt;
+  Require foo johndoe
+&lt;/Location&gt;</pre>
 
-if r.exists_config_define("FOO") then
-    r:puts("httpd was probably run with -DFOO, or it was defined in the configuration")
+<pre class="prettyprint lang-lua">require "apache2"
+function authz_check_foo(r, who)
+    if r.user ~= who then return apache2.AUTHZ_DENIED
+    return apache2.AUTHZ_GRANTED
 end</pre>
 
 
-<pre class="prettyprint lang-lua">r:state_query(string) -- Queries the server for state information</pre>
-
-
-<pre class="prettyprint lang-lua">r:stat(filename [,wanted]) -- Runs stat() on a file, and returns a table with file information:
-
-local info = r:stat("/var/www/foo.txt")
-if info then
-    r:puts("This file exists and was last modified at: " .. info.modified)
-end</pre>
-
 
-<pre class="prettyprint lang-lua">r:regex(string, pattern [,flags]) -- Runs a regular expression match on a string, returning captures if matched:
 
-local matches = r:regex("foo bar baz", [[foo (\w+) (\S*)]])
-if matches then
-    r:puts("The regex matched, and the last word captured ($2) was: " .. matches[2])
-end
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaCodeCache" id="LuaCodeCache">LuaCodeCache</a> <a name="luacodecache" id="luacodecache">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Configure the compiled code cache.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaCodeCache stat|forever|never</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LuaCodeCache stat</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+</table><p>
+    Specify the behavior of the in-memory code cache. The default
+    is stat, which stats the top level script (not any included
+    ones) each time that file is needed, and reloads it if the
+    modified time indicates it is newer than the one it has
+    already loaded. The other values cause it to keep the file
+    cached forever (don't stat and replace) or to never cache the
+    file.</p>
 
--- Example ignoring case sensitivity:
-local matches = r:regex("FOO bar BAz", [[(foo) bar]], 1)
+    <p>In general stat or forever is good for production, and stat or never
+    for development.</p>
 
--- Flags can be a bitwise combination of:
--- 0x01: Ignore case
--- 0x02: Multiline search</pre>
+    <div class="example"><h3>Examples:</h3><pre class="prettyprint lang-config">LuaCodeCache stat
+LuaCodeCache forever
+LuaCodeCache never</pre>
+</div>
 
 
-<pre class="prettyprint lang-lua">r.usleep(number_of_microseconds) -- Puts the script to sleep for a given number of microseconds.</pre>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaHookAccessChecker" id="LuaHookAccessChecker">LuaHookAccessChecker</a> <a name="luahookaccesschecker" id="luahookaccesschecker">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the access_checker phase of request processing</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookAccessChecker  /path/to/lua/script.lua  hook_function_name [early|late]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>The optional third argument is supported in 2.3.15 and later</td></tr>
+</table>
+<p>Add your hook to the access_checker phase.  An access checker
+hook function usually returns OK, DECLINED, or HTTP_FORBIDDEN.</p>
+   <div class="note"><h3>Ordering</h3><p>The optional arguments "early" or "late" 
+   control when this script runs relative to other modules.</p></div>
 
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaHookAuthChecker" id="LuaHookAuthChecker">LuaHookAuthChecker</a> <a name="luahookauthchecker" id="luahookauthchecker">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the auth_checker phase of request processing</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookAuthChecker  /path/to/lua/script.lua hook_function_name [early|late]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>The optional third argument is supported in 2.3.15 and later</td></tr>
+</table>
+<p>Invoke a lua function in the auth_checker phase of processing
+a request.  This can be used to implement arbitrary authentication
+and authorization checking.  A very simple example:
+</p>
+<pre class="prettyprint lang-lua">require 'apache2'
 
-<pre class="prettyprint lang-lua">r:dbacquire(dbType[, dbParams]) -- Acquires a connection to a database and returns a database class.
-                        -- See '<a href="#databases">Database connectivity</a>' for details.</pre>
+-- fake authcheck hook
+-- If request has no auth info, set the response header and
+-- return a 401 to ask the browser for basic auth info.
+-- If request has auth info, don't actually look at it, just
+-- pretend we got userid 'foo' and validated it.
+-- Then check if the userid is 'foo' and accept the request.
+function authcheck_hook(r)
 
+   -- look for auth info
+   auth = r.headers_in['Authorization']
+   if auth ~= nil then
+     -- fake the user
+     r.user = 'foo'
+   end
 
-<pre class="prettyprint lang-lua">r:ivm_set("key", value) -- Set an Inter-VM variable to hold a specific value.
-                        -- These values persist even though the VM is gone or not being used,
-                        -- and so should only be used if MaxConnectionsPerChild is &gt; 0
-                        -- Values can be numbers, strings and booleans, and are stored on a 
-                        -- per process basis (so they won't do much good with a prefork mpm)
-                        
-r:ivm_get("key")        -- Fetches a variable set by ivm_set. Returns the contents of the variable
-                        -- if it exists or nil if no such variable exists.
-                        
--- An example getter/setter that saves a global variable outside the VM:
-function handle(r)
-    -- First VM to call this will get no value, and will have to create it
-    local foo = r:ivm_get("cached_data")
-    if not foo then
-        foo = do_some_calcs() -- fake some return value
-        r:ivm_set("cached_data", foo) -- set it globally
-    end
-    r:puts("Cached data is: ", foo)
+   if r.user == nil then
+      r:debug("authcheck: user is nil, returning 401")
+      r.err_headers_out['WWW-Authenticate'] = 'Basic realm="WallyWorld"'
+      return 401
+   elseif r.user == "foo" then
+      r:debug('user foo: OK')
+   else
+      r:debug("authcheck: user='" .. r.user .. "'")
+      r.err_headers_out['WWW-Authenticate'] = 'Basic realm="WallyWorld"'
+      return 401
+   end
+   return apache2.OK
 end</pre>
 
+   <div class="note"><h3>Ordering</h3><p>The optional arguments "early" or "late" 
+   control when this script runs relative to other modules.</p></div>
 
-<pre class="prettyprint lang-lua">r:htpassword(string [,algorithm [,cost]]) -- Creates a password hash from a string.
-                                          -- algorithm: 0 = APMD5 (default), 1 = SHA, 2 = BCRYPT, 3 = CRYPT.
-                                          -- cost: only valid with BCRYPT algorithm (default = 5).</pre>
-
-
-<pre class="prettyprint lang-lua">r:mkdir(dir [,mode]) -- Creates a directory and sets mode to optional mode paramter.</pre>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaHookCheckUserID" id="LuaHookCheckUserID">LuaHookCheckUserID</a> <a name="luahookcheckuserid" id="luahookcheckuserid">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the check_user_id phase of request processing</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookCheckUserID  /path/to/lua/script.lua hook_function_name [early|late]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>The optional third argument is supported in 2.3.15 and later</td></tr>
+</table><p>...</p>
+   <div class="note"><h3>Ordering</h3><p>The optional arguments "early" or "late" 
+   control when this script runs relative to other modules.</p></div>
 
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaHookFixups" id="LuaHookFixups">LuaHookFixups</a> <a name="luahookfixups" id="luahookfixups">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the fixups phase of a request
+processing</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookFixups  /path/to/lua/script.lua hook_function_name</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+</table>
+<p>
+    Just like LuaHookTranslateName, but executed at the fixups phase
+</p>
 
-<pre class="prettyprint lang-lua">r:mkrdir(dir [,mode]) -- Creates directories recursive and sets mode to optional mode paramter.</pre>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaHookInsertFilter" id="LuaHookInsertFilter">LuaHookInsertFilter</a> <a name="luahookinsertfilter" id="luahookinsertfilter">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the insert_filter phase of request processing</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookInsertFilter  /path/to/lua/script.lua hook_function_name</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+</table><p>Not Yet Implemented</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaHookLog" id="LuaHookLog">LuaHookLog</a> <a name="luahooklog" id="luahooklog">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the access log phase of a request
+processing</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookLog  /path/to/lua/script.lua log_function_name</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+</table>
+<p>
+    This simple logging hook allows you to run a function when httpd enters the 
+    logging phase of a request. With it, you can append data to your own logs, 
+    manipulate data before the regular log is written, or prevent a log entry 
+    from being created. To prevent the usual logging from happening, simply return
+    <code>apache2.DONE</code> in your logging handler, otherwise return 
+    <code>apache2.OK</code> to tell httpd to log as normal.
+</p>
+<p>Example:</p>
+<pre class="prettyprint lang-config">LuaHookLog "/path/to/script.lua" logger</pre>
 
+<pre class="prettyprint lang-lua">-- /path/to/script.lua --
+function logger(r)
+    -- flip a coin:
+    -- If 1, then we write to our own Lua log and tell httpd not to log
+    -- in the main log.
+    -- If 2, then we just sanitize the output a bit and tell httpd to 
+    -- log the sanitized bits.
 
-<pre class="prettyprint lang-lua">r:rmdir(dir) -- Removes a directory.</pre>
+    if math.random(1,2) == 1 then
+        -- Log stuff ourselves and don't log in the regular log
+        local f = io.open("/foo/secret.log", "a")
+        if f then
+            f:write("Something secret happened at " .. r.uri .. "\n")
+            f:close()
+        end
+        return apache2.DONE -- Tell httpd not to use the regular logging functions
+    else
+        r.uri = r.uri:gsub("somesecretstuff", "") -- sanitize the URI
+        return apache2.OK -- tell httpd to log it.
+    end
+end</pre>
 
 
-<pre class="prettyprint lang-lua">r:touch(file [,mtime]) -- Sets the file modification time to current time or to optional mtime msec value.</pre>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaHookMapToStorage" id="LuaHookMapToStorage">LuaHookMapToStorage</a> <a name="luahookmaptostorage" id="luahookmaptostorage">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the map_to_storage phase of request processing</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookMapToStorage  /path/to/lua/script.lua hook_function_name</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+</table>
+    <p>Like <code class="directive">LuaHookTranslateName</code> but executed at the 
+    map-to-storage phase of a request. Modules like mod_cache run at this phase,
+    which makes for an interesting example on what to do here:</p>
+    <pre class="prettyprint lang-config">LuaHookMapToStorage "/path/to/lua/script.lua" check_cache</pre>
 
+    <pre class="prettyprint lang-lua">require"apache2"
+cached_files = {}
 
-<pre class="prettyprint lang-lua">r:get_direntries(dir) -- Returns a table with all directory entries.
+function read_file(filename) 
+    local input = io.open(filename, "r")
+    if input then
+        local data = input:read("*a")
+        cached_files[filename] = data
+        file = cached_files[filename]
+        input:close()
+    end
+    return cached_files[filename]
+end
 
-function handle(r)
-  local dir = r.context_document_root
-  for _, f in ipairs(r:get_direntries(dir)) do
-    local info = r:stat(dir .. "/" .. f)
-    if info then
-      local mtime = os.date(fmt, info.mtime / 1000000)
-      local ftype = (info.filetype == 2) and "[dir] " or "[file]"
-      r:puts( ("%s %s %10i %s\n"):format(ftype, mtime, info.size, f) )
+function check_cache(r)
+    if r.filename:match("%.png$") then -- Only match PNG files
+        local file = cached_files[r.filename] -- Check cache entries
+        if not file then
+            file = read_file(r.filename)  -- Read file into cache
+        end
+        if file then -- If file exists, write it out
+            r.status = 200
+            r:write(file)
+            r:info(("Sent %s to client from cache"):format(r.filename))
+            return apache2.DONE -- skip default handler for PNG files
+        end
     end
-  end
+    return apache2.DECLINED -- If we had nothing to do, let others serve this.
 end</pre>
 
 
-<pre class="prettyprint lang-lua">r.date_parse_rfc(string) -- Parses a date/time string and returns seconds since epoche.</pre>
-
-
-<pre class="prettyprint lang-lua">r:getcookie(key) -- Gets a HTTP cookie</pre>
+    
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaHookTranslateName" id="LuaHookTranslateName">LuaHookTranslateName</a> <a name="luahooktranslatename" id="luahooktranslatename">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the translate name phase of request processing</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookTranslateName  /path/to/lua/script.lua  hook_function_name [early|late]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>The optional third argument is supported in 2.3.15 and later</td></tr>
+</table><p>
+    Add a hook (at APR_HOOK_MIDDLE) to the translate name phase of
+    request processing. The hook function receives a single
+    argument, the request_rec, and should return a status code,
+    which is either an HTTP error code, or the constants defined
+    in the apache2 module: apache2.OK, apache2.DECLINED, or
+    apache2.DONE. </p>
 
+    <p>For those new to hooks, basically each hook will be invoked
+    until one of them returns apache2.OK. If your hook doesn't
+    want to do the translation it should just return
+    apache2.DECLINED. If the request should stop processing, then
+    return apache2.DONE.</p>
 
-<pre class="prettyprint lang-lua">r:setcookie{
-  key = [key],
-  value = [value],
-  expires = [expiry],
-  secure = [boolean],
-  httponly = [boolean],
-  path = [path],
-  domain = [domain]
-} -- Sets a HTTP cookie, for instance:
+    <p>Example:</p>
 
-r:setcookie{
-  key = "cookie1",
-  value = "HDHfa9eyffh396rt",
-  expires = os.time() + 86400,
-  secure = true
-}</pre>
+<pre class="prettyprint lang-config"># httpd.conf
+LuaHookTranslateName "/scripts/conf/hooks.lua" silly_mapper</pre>
 
 
-<pre class="prettyprint lang-lua">r:wsupgrade() -- Upgrades a connection to WebSockets if possible (and requested):
-if r:wsupgrade() then -- if we can upgrade:
-    r:wswrite("Welcome to websockets!") -- write something to the client
-    r:wsclose()  -- goodbye!
+<pre class="prettyprint lang-lua">-- /scripts/conf/hooks.lua --
+require "apache2"
+function silly_mapper(r)
+    if r.uri == "/" then
+        r.filename = "/var/www/home.lua"
+        return apache2.OK
+    else
+        return apache2.DECLINED
+    end
 end</pre>
 
 
-<pre class="prettyprint lang-lua">r:wsread() -- Reads a WebSocket frame from a WebSocket upgraded connection (see above):
+   <div class="note"><h3>Context</h3><p>This directive is not valid in <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code>, <code class="directive"><a href="../mod/core.html#files">&lt;Files&gt;</a></code>, or htaccess
+   context.</p></div>
 
-local line, isFinal = r:wsread() -- isFinal denotes whether this is the final frame.
-                                 -- If it isn't, then more frames can be read
-r:wswrite("You wrote: " .. line)</pre>
+   <div class="note"><h3>Ordering</h3><p>The optional arguments "early" or "late" 
+   control when this script runs relative to other modules.</p></div>
 
 
-<pre class="prettyprint lang-lua">r:wswrite(line) -- Writes a frame to a WebSocket client:
-r:wswrite("Hello, world!")</pre>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaHookTypeChecker" id="LuaHookTypeChecker">LuaHookTypeChecker</a> <a name="luahooktypechecker" id="luahooktypechecker">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the type_checker phase of request processing</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaHookTypeChecker  /path/to/lua/script.lua hook_function_name</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+</table><p>
+    This directive provides a hook for the type_checker phase of the request processing. 
+    This phase is where requests are assigned a content type and a handler, and thus can 
+    be used to modify the type and handler based on input:
+    </p>
+    <pre class="prettyprint lang-config">LuaHookTypeChecker "/path/to/lua/script.lua" type_checker</pre>
 
+    <pre class="prettyprint lang-lua">    function type_checker(r)
+        if r.uri:match("%.to_gif$") then -- match foo.png.to_gif
+            r.content_type = "image/gif" -- assign it the image/gif type
+            r.handler = "gifWizard"      -- tell the gifWizard module to handle this
+            r.filename = r.uri:gsub("%.to_gif$", "") -- fix the filename requested
+            return apache2.OK
+        end
 
-<pre class="prettyprint lang-lua">r:wsclose() -- Closes a WebSocket request and terminates it for httpd:
+        return apache2.DECLINED
+    end</pre>
 
-if r:wsupgrade() then
-    r:wswrite("Write something: ")
-    local line = r:wsread() or "nothing"
-    r:wswrite("You wrote: " .. line);
-    r:wswrite("Goodbye!")
-    r:wsclose()
-end</pre>
 
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaInherit" id="LuaInherit">LuaInherit</a> <a name="luainherit" id="luainherit">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Controls how parent configuration sections are merged into children</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaInherit none|parent-first|parent-last</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LuaInherit parent-first</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>2.4.0 and later</td></tr>
+</table><p>By default, if LuaHook* directives are used in overlapping
+    Directory or Location configuration sections, the scripts defined in the
+    more specific section are run <em>after</em> those defined in the more
+    generic section (LuaInherit parent-first).  You can reverse this order, or
+    make the parent context not apply at all.</p>
+    
+    <p> In previous 2.3.x releases, the default was effectively to ignore LuaHook*
+    directives from parent configuration sections.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaInputFilter" id="LuaInputFilter">LuaInputFilter</a> <a name="luainputfilter" id="luainputfilter">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a Lua function for content input filtering</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaInputFilter filter_name /path/to/lua/script.lua function_name</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>2.4.5 and later</td></tr>
+</table>
+<p>Provides a means of adding a Lua function as an input filter. 
+As with output filters, input filters work as coroutines, 
+first yielding before buffers are sent, then yielding whenever 
+a bucket needs to be passed down the chain, and finally (optionally) 
+yielding anything that needs to be appended to the input data. The 
+global variable <code>bucket</code> holds the buckets as they are passed 
+onto the Lua script:
+</p>
 
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="logging" id="logging">Logging Functions</a></h2>
+<pre class="prettyprint lang-config">LuaInputFilter myInputFilter "/www/filter.lua" input_filter
+&lt;Files "*.lua"&gt;
+  SetInputFilter myInputFilter
+&lt;/Files&gt;</pre>
 
-<pre class="prettyprint lang-lua">        -- examples of logging messages<br />
-        r:trace1("This is a trace log message") -- trace1 through trace8 can be used <br />
-        r:debug("This is a debug log message")<br />
-        r:info("This is an info log message")<br />
-        r:notice("This is a notice log message")<br />
-        r:warn("This is a warn log message")<br />
-        r:err("This is an err log message")<br />
-        r:alert("This is an alert log message")<br />
-        r:crit("This is a crit log message")<br />
-        r:emerg("This is an emerg log message")<br />
-</pre>
+<pre class="prettyprint lang-lua">--[[
+    Example input filter that converts all POST data to uppercase.
+]]--
+function input_filter(r)
+    print("luaInputFilter called") -- debug print
+    coroutine.yield() -- Yield and wait for buckets
+    while bucket do -- For each bucket, do...
+        local output = string.upper(bucket) -- Convert all POST data to uppercase
+        coroutine.yield(output) -- Send converted data down the chain
+    end
+    -- No more buckets available.
+    coroutine.yield("&amp;filterSignature=1234") -- Append signature at the end
+end</pre>
 
+<p>
+The input filter supports denying/skipping a filter if it is deemed unwanted:
+</p>
+<pre class="prettyprint lang-lua">function input_filter(r)
+    if not good then
+        return -- Simply deny filtering, passing on the original content instead
+    end
+    coroutine.yield() -- wait for buckets
+    ... -- insert filter stuff here
+end</pre>
 
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="apache2" id="apache2">apache2 Package</a></h2>
-<p>A package named <code>apache2</code> is available with (at least) the following contents.</p>
-<dl>
-  <dt>apache2.OK</dt>
-  <dd>internal constant OK.  Handlers should return this if they've
-  handled the request.</dd>
-  <dt>apache2.DECLINED</dt>
-  <dd>internal constant DECLINED.  Handlers should return this if
-  they are not going to handle the request.</dd>
-  <dt>apache2.DONE</dt>
-  <dd>internal constant DONE.</dd>
-  <dt>apache2.version</dt>
-  <dd>Apache HTTP server version string</dd>
-  <dt>apache2.HTTP_MOVED_TEMPORARILY</dt>
-  <dd>HTTP status code</dd>
-  <dt>apache2.PROXYREQ_NONE, apache2.PROXYREQ_PROXY, apache2.PROXYREQ_REVERSE, apache2.PROXYREQ_RESPONSE</dt>
-  <dd>internal constants used by <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code></dd>
-  <dt>apache2.AUTHZ_DENIED, apache2.AUTHZ_GRANTED, apache2.AUTHZ_NEUTRAL, apache2.AUTHZ_GENERAL_ERROR, apache2.AUTHZ_DENIED_NO_USER</dt>
-  <dd>internal constants used by <code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code></dd>
+<p>
+See "<a href="#modifying_buckets">Modifying contents with Lua 
+filters</a>" for more information.
+</p>
 
-</dl>
-<p>(Other HTTP status codes are not yet implemented.)</p>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="modifying_buckets" id="modifying_buckets">Modifying contents with Lua filters</a></h2>
-    
-    <p>
-    Filter functions implemented via <code class="directive"><a href="#luainputfilter">LuaInputFilter</a></code> 
-    or <code class="directive"><a href="#luaoutputfilter">LuaOutputFilter</a></code> are designed as 
-    three-stage non-blocking functions using coroutines to suspend and resume a 
-    function as buckets are sent down the filter chain. The core structure of 
-    such a function is:
-    </p>
-    <pre class="prettyprint lang-lua">function filter(r)
-    -- Our first yield is to signal that we are ready to receive buckets.
-    -- Before this yield, we can set up our environment, check for conditions,
-    -- and, if we deem it necessary, decline filtering a request alltogether:
-    if something_bad then
-        return -- This would skip this filter.
-    end
-    -- Regardless of whether we have data to prepend, a yield MUST be called here.
-    -- Note that only output filters can prepend data. Input filters must use the 
-    -- final stage to append data to the content.
-    coroutine.yield([optional header to be prepended to the content])
-    
-    -- After we have yielded, buckets will be sent to us, one by one, and we can 
-    -- do whatever we want with them and then pass on the result.
-    -- Buckets are stored in the global variable 'bucket', so we create a loop
-    -- that checks if 'bucket' is not nil:
-    while bucket ~= nil do
-        local output = mangle(bucket) -- Do some stuff to the content
-        coroutine.yield(output) -- Return our new content to the filter chain
-    end
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaMapHandler" id="LuaMapHandler">LuaMapHandler</a> <a name="luamaphandler" id="luamaphandler">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Map a path to a lua handler</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+</table>
+    <p>This directive matches a uri pattern to invoke a specific
+    handler function in a specific file. It uses PCRE regular
+    expressions to match the uri, and supports interpolating
+    match groups into both the file path and the function name. 
+    Be careful writing your regular expressions to avoid security
+    issues.</p>
+   <div class="example"><h3>Examples:</h3><pre class="prettyprint lang-config">LuaMapHandler "/(\w+)/(\w+)" "/scripts/$1.lua" "handle_$2"</pre>
+</div>
+        <p>This would match uri's such as /photos/show?id=9
+        to the file /scripts/photos.lua and invoke the
+        handler function handle_show on the lua vm after
+        loading that file.</p>
 
-    -- Once the buckets are gone, 'bucket' is set to nil, which will exit the 
-    -- loop and land us here. Anything extra we want to append to the content
-    -- can be done by doing a final yield here. Both input and output filters 
-    -- can append data to the content in this phase.
-    coroutine.yield([optional footer to be appended to the content])
-end</pre>
+<pre class="prettyprint lang-config">LuaMapHandler "/bingo" "/scripts/wombat.lua"</pre>
 
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="databases" id="databases">Database connectivity</a></h2>
-    
-    <p>
-    Mod_lua implements a simple database feature for querying and running commands
-    on the most popular database engines (mySQL, PostgreSQL, FreeTDS, ODBC, SQLite, Oracle)
-    as well as mod_dbd.
-    </p>
-    <p>The example below shows how to acquire a database handle and return information from a table:</p>
-    <pre class="prettyprint lang-lua">function handle(r)
-    -- Acquire a database handle
-    local database, err = r:dbacquire("mysql", "server=localhost,user=someuser,pass=somepass,dbname=mydb")
-    if not err then
-        -- Select some information from it
-        local results, err = database:select(r, "SELECT `name`, `age` FROM `people` WHERE 1")
-        if not err then
-            local rows = results(0) -- fetch all rows synchronously
-            for k, row in pairs(rows) do
-                r:puts( string.format("Name: %s, Age: %s&lt;br/&gt;", row[1], row[2]) )
-            end
-        else
-            r:puts("Database query error: " .. err)
-        end
-        database:close()
-    else
-        r:puts("Could not connect to the database: " .. err)
+        <p>This would invoke the "handle" function, which
+        is the default if no specific function name is
+        provided.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaOutputFilter" id="LuaOutputFilter">LuaOutputFilter</a> <a name="luaoutputfilter" id="luaoutputfilter">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a Lua function for content output filtering</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaOutputFilter filter_name /path/to/lua/script.lua function_name</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>2.4.5 and later</td></tr>
+</table>
+<p>Provides a means of adding a Lua function as an output filter. 
+As with input filters, output filters work as coroutines, 
+first yielding before buffers are sent, then yielding whenever 
+a bucket needs to be passed down the chain, and finally (optionally) 
+yielding anything that needs to be appended to the input data. The 
+global variable <code>bucket</code> holds the buckets as they are passed 
+onto the Lua script:
+</p>
+
+<pre class="prettyprint lang-config">LuaOutputFilter myOutputFilter "/www/filter.lua" output_filter
+&lt;Files "*.lua"&gt;
+  SetOutputFilter myOutputFilter
+&lt;/Files&gt;</pre>
+
+<pre class="prettyprint lang-lua">--[[
+    Example output filter that escapes all HTML entities in the output
+]]--
+function output_filter(r)
+    coroutine.yield("(Handled by myOutputFilter)&lt;br/&gt;\n") -- Prepend some data to the output,
+                                                          -- yield and wait for buckets.
+    while bucket do -- For each bucket, do...
+        local output = r:escape_html(bucket) -- Escape all output
+        coroutine.yield(output) -- Send converted data down the chain
     end
+    -- No more buckets available.
 end</pre>
 
-    <p>
-    To utilize <code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code>, specify <code>mod_dbd</code>
-    as the database type, or leave the field blank:
-    </p>
-    <pre class="prettyprint lang-lua">local database = r:dbacquire("mod_dbd")</pre>
+<p>
+As with the input filter, the output filter supports denying/skipping a filter 
+if it is deemed unwanted:
+</p>
+<pre class="prettyprint lang-lua">function output_filter(r)
+    if not r.content_type:match("text/html") then
+        return -- Simply deny filtering, passing on the original content instead
+    end
+    coroutine.yield() -- wait for buckets
+    ... -- insert filter stuff here
+end</pre>
 
-    <h3><a name="database_object" id="database_object">Database object and contained functions</a></h3>
-        
-        <p>The database object returned by <code>dbacquire</code> has the following methods:</p>
-        <p><strong>Normal select and query from a database:</strong></p>
-    <pre class="prettyprint lang-lua">-- Run a statement and return the number of rows affected:
-local affected, errmsg = database:query(r, "DELETE FROM `tbl` WHERE 1")
+<div class="note"><h3>Lua filters with <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code></h3>
+<p> When a Lua filter is used as the underlying provider via the 
+<code class="directive"><a href="../mod/mod_filter.html#filterprovider">FilterProvider</a></code> directive, filtering 
+will only work when the <var>filter-name</var> is identical to the <var>provider-name</var>.
+</p> </div>
 
--- Run a statement and return a result set that can be used synchronously or async:
-local result, errmsg = database:select(r, "SELECT * FROM `people` WHERE 1")</pre>
+<p>
+See "<a href="#modifying_buckets">Modifying contents with Lua filters</a>" for more 
+information.
+</p>
 
-        <p><strong>Using prepared statements (recommended):</strong></p>
-    <pre class="prettyprint lang-lua">-- Create and run a prepared statement:
-local statement, errmsg = database:prepare(r, "DELETE FROM `tbl` WHERE `age` &gt; %u")
-if not errmsg then
-    local result, errmsg = statement:query(20) -- run the statement with age &gt; 20
-end
 
--- Fetch a prepared statement from a DBDPrepareSQL directive:
-local statement, errmsg = database:prepared(r, "someTag")
-if not errmsg then
-    local result, errmsg = statement:select("John Doe", 123) -- inject the values "John Doe" and 123 into the statement
-end</pre>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaPackageCPath" id="LuaPackageCPath">LuaPackageCPath</a> <a name="luapackagecpath" id="luapackagecpath">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Add a directory to lua's package.cpath</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaPackageCPath /path/to/include/?.soa</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+</table>
+    <p>Add a path to lua's shared library search path. Follows the same
+    conventions as lua. This just munges the package.cpath in the
+    lua vms.</p>
 
-        <p><strong>Escaping values, closing databases etc:</strong></p>
-    <pre class="prettyprint lang-lua">-- Escape a value for use in a statement:
-local escaped = database:escape(r, [["'|blabla]])
 
--- Close a database connection and free up handles:
-database:close()
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaPackagePath" id="LuaPackagePath">LuaPackagePath</a> <a name="luapackagepath" id="luapackagepath">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Add a directory to lua's package.path</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaPackagePath /path/to/include/?.lua</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+</table><p>Add a path to lua's module search path. Follows the same
+    conventions as lua. This just munges the package.path in the
+    lua vms.</p>
 
--- Check whether a database connection is up and running:
-local connected = database:active()</pre>
+    <div class="example"><h3>Examples:</h3><pre class="prettyprint lang-config">LuaPackagePath "/scripts/lib/?.lua"
+LuaPackagePath "/scripts/lib/?/init.lua"</pre>
+</div>
 
-    
-    <h3><a name="result_sets" id="result_sets">Working with result sets</a></h3>
-    
-    <p>The result set returned by <code>db:select</code> or by the prepared statement functions 
-    created through <code>db:prepare</code> can be used to
-    fetch rows synchronously or asynchronously, depending on the row number specified:<br />
-    <code>result(0)</code> fetches all rows in a synchronous manner, returning a table of rows.<br />
-    <code>result(-1)</code> fetches the next available row in the set, asynchronously.<br />
-    <code>result(N)</code> fetches row number <code>N</code>, asynchronously:
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaQuickHandler" id="LuaQuickHandler">LuaQuickHandler</a> <a name="luaquickhandler" id="luaquickhandler">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Provide a hook for the quick handler of request processing</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaQuickHandler /path/to/script.lua hook_function_name</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+</table>
+    <p>
+    This phase is run immediately after the request has been mapped to a virtal host, 
+    and can be used to either do some request processing before the other phases kick 
+    in, or to serve a request without the need to translate, map to storage et cetera. 
+    As this phase is run before anything else, directives such as <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code> or <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code> are void in this phase, just as 
+    URIs have not been properly parsed yet.
     </p>
-    <pre class="prettyprint lang-lua">-- fetch a result set using a regular query:
-local result, err = db:select(r, "SELECT * FROM `tbl` WHERE 1")
-
-local rows = result(0) -- Fetch ALL rows synchronously
-local row = result(-1) -- Fetch the next available row, asynchronously
-local row = result(1234) -- Fetch row number 1234, asynchronously
-local row = result(-1, true) -- Fetch the next available row, using row names as key indexes.</pre>
+   <div class="note"><h3>Context</h3><p>This directive is not valid in <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code>, <code class="directive"><a href="../mod/core.html#files">&lt;Files&gt;</a></code>, or htaccess
+   context.</p></div>
 
-    <p>One can construct a function that returns an iterative function to iterate over all rows 
-    in a synchronous or asynchronous way, depending on the async argument:
-    </p>
-    <pre class="prettyprint lang-lua">function rows(resultset, async)
-    local a = 0
-    local function getnext()
-        a = a + 1
-        local row = resultset(-1)
-        return row and a or nil, row
-    end
-    if not async then
-        return pairs(resultset(0))
-    else
-        return getnext, self
-    end
-end
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaRoot" id="LuaRoot">LuaRoot</a> <a name="luaroot" id="luaroot">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specify the base path for resolving relative paths for mod_lua directives</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaRoot /path/to/a/directory</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+</table>
+    <p>Specify the base path which will be used to evaluate all
+    relative paths within mod_lua. If not specified they
+    will be resolved relative to the current working directory,
+    which may not always work well for a server.</p>
 
-local statement, err = db:prepare(r, "SELECT * FROM `tbl` WHERE `age` &gt; %u")
-if not err then
-     -- fetch rows asynchronously:
-    local result, err = statement:select(20)
-    if not err then
-        for index, row in rows(result, true) do
-            ....
-        end
-    end
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LuaScope" id="LuaScope">LuaScope</a> <a name="luascope" id="luascope">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>One of once, request, conn, thread -- default is once</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LuaScope once|request|conn|thread|server [min] [max]</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LuaScope once</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_lua</td></tr>
+</table>
+    <p>Specify the life cycle scope of the Lua interpreter which will
+    be used by handlers in this "Directory." The default is "once"</p>
 
-     -- fetch rows synchronously:
-    local result, err = statement:select(20)
-    if not err then
-        for index, row in rows(result, false) do
-            ....
-        end
-    end
-end</pre>
+   <dl>
+    <dt>once:</dt> <dd>use the interpreter once and throw it away.</dd>
 
-    
-    <h3><a name="closing_databases" id="closing_databases">Closing a database connection</a></h3>
-        
+    <dt>request:</dt> <dd>use the interpreter to handle anything based on
+             the same file within this request, which is also
+             request scoped.</dd>
 
-    <p>Database handles should be closed using <code>database:close()</code> when they are no longer
-    needed. If you do not close them manually, they will eventually be garbage collected and 
-    closed by mod_lua, but you may end up having too many unused connections to the database 
-    if you leave the closing up to mod_lua. Essentially, the following two measures are
-    the same:
-    </p>
-    <pre class="prettyprint lang-lua">-- Method 1: Manually close a handle
-local database = r:dbacquire("mod_dbd")
-database:close() -- All done
+    <dt>conn:</dt> <dd>Same as request but attached to the connection_rec</dd>
 
--- Method 2: Letting the garbage collector close it
-local database = r:dbacquire("mod_dbd")
-database = nil -- throw away the reference
-collectgarbage() -- close the handle via GC</pre>
+    <dt>thread:</dt> <dd>Use the interpreter for the lifetime of the thread 
+            handling the request (only available with threaded MPMs).</dd>
 
-    
-    <h3><a name="database_caveat" id="database_caveat">Precautions when working with databases</a></h3>
-    
-    <p>Although the standard <code>query</code> and <code>run</code> functions are freely 
-    available, it is recommended that you use prepared statements whenever possible, to 
-    both optimize performance (if your db handle lives on for a long time) and to minimize 
-    the risk of SQL injection attacks. <code>run</code> and <code>query</code> should only
-    be used when there are no variables inserted into a statement (a static statement). 
-    When using dynamic statements, use <code>db:prepare</code> or <code>db:prepared</code>.
+    <dt>server:</dt>  <dd>This one is different than others because the
+            server scope is quite long lived, and multiple threads
+            will have the same server_rec. To accommodate this,
+            server scoped Lua states are stored in an apr
+            resource list. The <code>min</code> and <code>max</code> arguments 
+            specify the minimum and maximum number of Lua states to keep in the 
+            pool.</dd>
+   </dl>
+    <p>
+    Generally speaking, the <code>thread</code> and <code>server</code> scopes 
+    execute roughly 2-3 times faster than the rest, because they don't have to 
+    spawn new Lua states on every request (especially with the event MPM, as 
+    even keepalive requests will use a new thread for each request). If you are 
+    satisfied that your scripts will not have problems reusing a state, then 
+    the <code>thread</code> or <code>server</code> scopes should be used for 
+    maximum performance. While the <code>thread</code> scope will provide the 
+    fastest responses, the <code>server</code> scope will use less memory, as 
+    states are pooled, allowing f.x. 1000 threads to share only 100 Lua states, 
+    thus using only 10% of the memory required by the <code>thread</code> scope.
     </p>
-    
 
 </div>
 </div>
diff --git a/docs/manual/mod/mod_macro.html.en b/docs/manual/mod/mod_macro.html.en
index 9a5b374079..0166204a1d 100644
--- a/docs/manual/mod/mod_macro.html.en
+++ b/docs/manual/mod/mod_macro.html.en
@@ -41,93 +41,18 @@
     rest of the configuration file.</p>
 
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#usage">Usage</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#tips">Tips</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#macro">&lt;Macro&gt;</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#undefmacro">UndefMacro</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#use">Use</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#usage">Usage</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#tips">Tips</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="Macro" id="Macro">&lt;Macro&gt;</a> <a name="macro" id="macro">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Define a configuration file macro</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>
-&lt;Macro <var>name</var> [<var>par1</var> .. <var>parN</var>]&gt;
-... &lt;/Macro&gt;</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_macro</td></tr>
-</table>
-    <p>The <code class="directive">Macro</code> directive controls the definition of
-    a macro within the server runtime configuration files.
-    The first argument is the name of the macro.
-    Other arguments are parameters to the macro. It is good practice to prefix
-    parameter names with any of '<code>$%@</code>', and not macro names
-    with such characters.
-    </p>
-
-    <pre class="prettyprint lang-config">&lt;Macro LocalAccessPolicy&gt;
-    Require ip 10.2.16.0/24
-&lt;/Macro&gt;
-
-&lt;Macro RestrictedAccessPolicy $ipnumbers&gt;
-    Require ip $ipnumbers
-&lt;/Macro&gt;</pre>
-
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="UndefMacro" id="UndefMacro">UndefMacro</a> <a name="undefmacro" id="undefmacro">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Undefine a macro</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>UndefMacro <var>name</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_macro</td></tr>
-</table>
-    <p>The <code class="directive">UndefMacro</code> directive undefines a macro
-    which has been defined before hand.</p>
-
-    <pre class="prettyprint lang-config">UndefMacro LocalAccessPolicy
-UndefMacro RestrictedAccessPolicy</pre>
-
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="Use" id="Use">Use</a> <a name="use" id="use">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use a macro</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
-</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_macro</td></tr>
-</table>
-    <p>The <code class="directive">Use</code> directive controls the use of a macro.
-    The specified macro is expanded. It must be given the same number of
-    arguments as in the  macro definition. The provided values are
-    associated to their corresponding initial parameters and are substituted
-    before processing.</p>
-
-    <pre class="prettyprint lang-config">Use LocalAccessPolicy
-...
-Use RestrictedAccessPolicy "192.54.172.0/24 192.54.148.0/24"</pre>
-
-
-    <p>is equivalent, with the macros defined above, to:</p>
-
-    <pre class="prettyprint lang-config">Require ip 10.2.16.0/24
-...
-Require ip 192.54.172.0/24 192.54.148.0/24</pre>
-
-
-</div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="usage" id="usage">Usage</a></h2>
@@ -265,6 +190,81 @@ UndefMacro DirGroup</pre>
 
  
 
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="Macro" id="Macro">&lt;Macro&gt;</a> <a name="macro" id="macro">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Define a configuration file macro</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>
+&lt;Macro <var>name</var> [<var>par1</var> .. <var>parN</var>]&gt;
+... &lt;/Macro&gt;</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_macro</td></tr>
+</table>
+    <p>The <code class="directive">Macro</code> directive controls the definition of
+    a macro within the server runtime configuration files.
+    The first argument is the name of the macro.
+    Other arguments are parameters to the macro. It is good practice to prefix
+    parameter names with any of '<code>$%@</code>', and not macro names
+    with such characters.
+    </p>
+
+    <pre class="prettyprint lang-config">&lt;Macro LocalAccessPolicy&gt;
+    Require ip 10.2.16.0/24
+&lt;/Macro&gt;
+
+&lt;Macro RestrictedAccessPolicy $ipnumbers&gt;
+    Require ip $ipnumbers
+&lt;/Macro&gt;</pre>
+
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="UndefMacro" id="UndefMacro">UndefMacro</a> <a name="undefmacro" id="undefmacro">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Undefine a macro</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>UndefMacro <var>name</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_macro</td></tr>
+</table>
+    <p>The <code class="directive">UndefMacro</code> directive undefines a macro
+    which has been defined before hand.</p>
+
+    <pre class="prettyprint lang-config">UndefMacro LocalAccessPolicy
+UndefMacro RestrictedAccessPolicy</pre>
+
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="Use" id="Use">Use</a> <a name="use" id="use">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use a macro</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
+</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_macro</td></tr>
+</table>
+    <p>The <code class="directive">Use</code> directive controls the use of a macro.
+    The specified macro is expanded. It must be given the same number of
+    arguments as in the  macro definition. The provided values are
+    associated to their corresponding initial parameters and are substituted
+    before processing.</p>
+
+    <pre class="prettyprint lang-config">Use LocalAccessPolicy
+...
+Use RestrictedAccessPolicy "192.54.172.0/24 192.54.148.0/24"</pre>
+
+
+    <p>is equivalent, with the macros defined above, to:</p>
+
+    <pre class="prettyprint lang-config">Require ip 10.2.16.0/24
+...
+Require ip 192.54.172.0/24 192.54.148.0/24</pre>
+
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_mime.html.en b/docs/manual/mod/mod_mime.html.en
index 2ae706bc27..9c322f837b 100644
--- a/docs/manual/mod/mod_mime.html.en
+++ b/docs/manual/mod/mod_mime.html.en
@@ -78,7 +78,12 @@
     their last modified date) to ensure that all visitors are
     receive the corrected content headers.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#multipleext">Files with Multiple Extensions</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#contentencoding">Content encoding</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#charset-lang">Character sets and languages</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#addcharset">AddCharset</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#addencoding">AddEncoding</a></li>
@@ -99,12 +104,7 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#removetype">RemoveType</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#typesconfig">TypesConfig</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#multipleext">Files with Multiple Extensions</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#contentencoding">Content encoding</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#charset-lang">Character sets and languages</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="directive"><a href="../mod/mod_mime_magic.html#mimemagicfile">MimeMagicFile</a></code></li>
 <li><code class="directive"><a href="../mod/core.html#adddefaultcharset">AddDefaultCharset</a></code></li>
@@ -114,6 +114,139 @@
 <li><code class="directive"><a href="../mod/core.html#setoutputfilter">SetOutputFilter</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="multipleext" id="multipleext">Files with Multiple Extensions</a></h2>
+    <p>Files can have more than one extension; the order of the
+    extensions is <em>normally</em> irrelevant. For example, if the
+    file <code>welcome.html.fr</code> maps onto content type
+    <code>text/html</code> and language French then the file
+    <code>welcome.fr.html</code> will map onto exactly the same
+    information.  If more than one extension is given that maps onto
+    the same type of metadata, then the one to the right will
+    be used, except for languages and content encodings. For example,
+    if <code>.gif</code> maps to the <a class="glossarylink" href="../glossary.html#media-type" title="see glossary">media-type</a>
+    <code>image/gif</code> and <code>.html</code> maps to the
+    media-type <code>text/html</code>, then the file
+    <code>welcome.gif.html</code> will be associated with the
+    media-type <code>text/html</code>.</p>
+
+    <p><a href="#charset-lang">Languages</a> and <a href="#contentencoding">content encodings</a> are treated accumulative, because one can assign
+    more than one language or encoding to a particular resource. For example,
+    the file <code>welcome.html.en.de</code> will be delivered with
+    <code>Content-Language: en, de</code> and <code>Content-Type:
+    text/html</code>.</p>
+
+    <p>Care should be taken when a file with multiple extensions
+    gets associated with both a <a class="glossarylink" href="../glossary.html#media-type" title="see glossary">media-type</a>
+    and a handler. This will
+    usually result in the request being handled by the module associated
+    with the handler. For example, if the <code>.imap</code>
+    extension is mapped to the handler <code>imap-file</code> (from
+    <code class="module"><a href="../mod/mod_imagemap.html">mod_imagemap</a></code>) and the <code>.html</code> extension is
+    mapped to the media-type <code>text/html</code>, then the file
+    <code>world.imap.html</code> will be associated with both the
+    <code>imap-file</code> handler and <code>text/html</code> media-type.
+    When it is processed, the <code>imap-file</code> handler will be used,
+    and so it will be treated as a <code class="module"><a href="../mod/mod_imagemap.html">mod_imagemap</a></code> imagemap
+    file.</p>
+
+    <p>If you would prefer only the last dot-separated part of the
+    filename to be mapped to a particular piece of meta-data, then do
+    not use the <code>Add*</code> directives. For example, if you wish
+    to have the file <code>foo.html.cgi</code> processed as a CGI
+    script, but not the file <code>bar.cgi.html</code>, then instead
+    of using <code>AddHandler cgi-script .cgi</code>, use</p>
+
+    <div class="example"><h3>Configure handler based on final extension only</h3><pre class="prettyprint lang-config">&lt;FilesMatch "\.cgi$"&gt;
+  SetHandler cgi-script
+&lt;/FilesMatch&gt;</pre>
+</div>
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="contentencoding" id="contentencoding">Content encoding</a></h2>
+    <p>A file of a particular <a class="glossarylink" href="../glossary.html#media-type" title="see glossary">media-type</a> can additionally be encoded a
+    particular way to simplify transmission over the Internet.
+    While this usually will refer to compression, such as
+    <code>gzip</code>, it can also refer to encryption, such a
+    <code>pgp</code> or to an encoding such as UUencoding, which is
+    designed for transmitting a binary file in an ASCII (text)
+    format.</p>
+
+    <p>The <a href="http://www.ietf.org/rfc/rfc2616.txt">HTTP/1.1
+    RFC</a>, section 14.11 puts it this way:</p>
+
+    <blockquote cite="http://www.ietf.org/rfc/rfc2616.txt">
+      <p>The Content-Encoding entity-header field is used as a modifier to
+      the media-type. When present, its value indicates what additional
+      content codings have been applied to the entity-body, and thus what
+      decoding mechanisms must be applied in order to obtain the media-type
+      referenced by the Content-Type header field. Content-Encoding is
+      primarily used to allow a document to be compressed without losing
+      the identity of its underlying media type.</p>
+    </blockquote>
+
+    <p>By using more than one file extension (see <a href="#multipleext">section above about multiple file
+    extensions</a>), you can indicate that a file is of a
+    particular <em>type</em>, and also has a particular
+    <em>encoding</em>. </p>
+
+    <p>For example, you may have a file which is a Microsoft Word
+    document, which is pkzipped to reduce its size. If the
+    <code>.doc</code> extension is associated with the Microsoft
+    Word file type, and the <code>.zip</code> extension is
+    associated with the pkzip file encoding, then the file
+    <code>Resume.doc.zip</code> would be known to be a pkzip'ed Word
+    document.</p>
+
+    <p>Apache sends a <code>Content-encoding</code> header with the
+    resource, in order to tell the client browser about the
+    encoding method.</p>
+
+    <pre class="prettyprint lang-config">Content-encoding: pkzip</pre>
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="charset-lang" id="charset-lang">Character sets and languages</a></h2>
+    <p>In addition to file type and the file encoding,
+    another important piece of information is what language a
+    particular document is in, and in what character set the file
+    should be displayed. For example, the document might be written
+    in the Vietnamese alphabet, or in Cyrillic, and should be
+    displayed as such. This information, also, is transmitted in
+    HTTP headers.</p>
+
+    <p>The character set, language, encoding and mime type are all
+    used in the process of content negotiation (See
+    <code class="module"><a href="../mod/mod_negotiation.html">mod_negotiation</a></code>) to determine
+    which document to give to the client, when there are
+    alternative documents in more than one character set, language,
+    encoding or mime type. All filename extensions associations
+    created with <code class="directive"><a href="#addcharset">AddCharset</a></code>,
+    <code class="directive"><a href="#addencoding">AddEncoding</a></code>, <code class="directive"><a href="#addlanguage">AddLanguage</a></code> and <code class="directive"><a href="#addtype">AddType</a></code> directives
+    (and extensions listed in the <code class="directive"><a href="../mod/mod_mime_magic.html#mimemagicfile">MimeMagicFile</a></code>) participate in this select process.
+    Filename extensions that are only associated using the <code class="directive"><a href="#addhandler">AddHandler</a></code>, <code class="directive"><a href="#addinputfilter">AddInputFilter</a></code> or <code class="directive"><a href="#addoutputfilter">AddOutputFilter</a></code> directives may be included or excluded
+    from matching by using the <code class="directive"><a href="#multiviewsmatch">MultiviewsMatch</a></code> directive.</p>
+
+    <h3><a name="charset" id="charset">Charset</a></h3>
+      <p>To convey this further information, Apache optionally sends
+      a <code>Content-Language</code> header, to specify the language
+      that the document is in, and can append additional information
+      onto the <code>Content-Type</code> header to indicate the
+      particular character set that should be used to correctly
+      render the information.</p>
+
+      <div class="example"><p><code>
+Content-Language: en, fr
+Content-Type: text/plain; charset=ISO-8859-1
+      </code></p></div>
+
+      <p>The language specification is the two-letter abbreviation
+      for the language. The <code>charset</code> is the name of the
+      particular character set which should be used.</p>
+    
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="AddCharset" id="AddCharset">AddCharset</a> <a name="addcharset" id="addcharset">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maps the given filename extensions to the specified content
@@ -869,139 +1002,6 @@ extensions</td></tr>
 <ul>
 <li><code class="module"><a href="../mod/mod_mime_magic.html">mod_mime_magic</a></code></li>
 </ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="multipleext" id="multipleext">Files with Multiple Extensions</a></h2>
-    <p>Files can have more than one extension; the order of the
-    extensions is <em>normally</em> irrelevant. For example, if the
-    file <code>welcome.html.fr</code> maps onto content type
-    <code>text/html</code> and language French then the file
-    <code>welcome.fr.html</code> will map onto exactly the same
-    information.  If more than one extension is given that maps onto
-    the same type of metadata, then the one to the right will
-    be used, except for languages and content encodings. For example,
-    if <code>.gif</code> maps to the <a class="glossarylink" href="../glossary.html#media-type" title="see glossary">media-type</a>
-    <code>image/gif</code> and <code>.html</code> maps to the
-    media-type <code>text/html</code>, then the file
-    <code>welcome.gif.html</code> will be associated with the
-    media-type <code>text/html</code>.</p>
-
-    <p><a href="#charset-lang">Languages</a> and <a href="#contentencoding">content encodings</a> are treated accumulative, because one can assign
-    more than one language or encoding to a particular resource. For example,
-    the file <code>welcome.html.en.de</code> will be delivered with
-    <code>Content-Language: en, de</code> and <code>Content-Type:
-    text/html</code>.</p>
-
-    <p>Care should be taken when a file with multiple extensions
-    gets associated with both a <a class="glossarylink" href="../glossary.html#media-type" title="see glossary">media-type</a>
-    and a handler. This will
-    usually result in the request being handled by the module associated
-    with the handler. For example, if the <code>.imap</code>
-    extension is mapped to the handler <code>imap-file</code> (from
-    <code class="module"><a href="../mod/mod_imagemap.html">mod_imagemap</a></code>) and the <code>.html</code> extension is
-    mapped to the media-type <code>text/html</code>, then the file
-    <code>world.imap.html</code> will be associated with both the
-    <code>imap-file</code> handler and <code>text/html</code> media-type.
-    When it is processed, the <code>imap-file</code> handler will be used,
-    and so it will be treated as a <code class="module"><a href="../mod/mod_imagemap.html">mod_imagemap</a></code> imagemap
-    file.</p>
-
-    <p>If you would prefer only the last dot-separated part of the
-    filename to be mapped to a particular piece of meta-data, then do
-    not use the <code>Add*</code> directives. For example, if you wish
-    to have the file <code>foo.html.cgi</code> processed as a CGI
-    script, but not the file <code>bar.cgi.html</code>, then instead
-    of using <code>AddHandler cgi-script .cgi</code>, use</p>
-
-    <div class="example"><h3>Configure handler based on final extension only</h3><pre class="prettyprint lang-config">&lt;FilesMatch "\.cgi$"&gt;
-  SetHandler cgi-script
-&lt;/FilesMatch&gt;</pre>
-</div>
-
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="contentencoding" id="contentencoding">Content encoding</a></h2>
-    <p>A file of a particular <a class="glossarylink" href="../glossary.html#media-type" title="see glossary">media-type</a> can additionally be encoded a
-    particular way to simplify transmission over the Internet.
-    While this usually will refer to compression, such as
-    <code>gzip</code>, it can also refer to encryption, such a
-    <code>pgp</code> or to an encoding such as UUencoding, which is
-    designed for transmitting a binary file in an ASCII (text)
-    format.</p>
-
-    <p>The <a href="http://www.ietf.org/rfc/rfc2616.txt">HTTP/1.1
-    RFC</a>, section 14.11 puts it this way:</p>
-
-    <blockquote cite="http://www.ietf.org/rfc/rfc2616.txt">
-      <p>The Content-Encoding entity-header field is used as a modifier to
-      the media-type. When present, its value indicates what additional
-      content codings have been applied to the entity-body, and thus what
-      decoding mechanisms must be applied in order to obtain the media-type
-      referenced by the Content-Type header field. Content-Encoding is
-      primarily used to allow a document to be compressed without losing
-      the identity of its underlying media type.</p>
-    </blockquote>
-
-    <p>By using more than one file extension (see <a href="#multipleext">section above about multiple file
-    extensions</a>), you can indicate that a file is of a
-    particular <em>type</em>, and also has a particular
-    <em>encoding</em>. </p>
-
-    <p>For example, you may have a file which is a Microsoft Word
-    document, which is pkzipped to reduce its size. If the
-    <code>.doc</code> extension is associated with the Microsoft
-    Word file type, and the <code>.zip</code> extension is
-    associated with the pkzip file encoding, then the file
-    <code>Resume.doc.zip</code> would be known to be a pkzip'ed Word
-    document.</p>
-
-    <p>Apache sends a <code>Content-encoding</code> header with the
-    resource, in order to tell the client browser about the
-    encoding method.</p>
-
-    <pre class="prettyprint lang-config">Content-encoding: pkzip</pre>
-
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="charset-lang" id="charset-lang">Character sets and languages</a></h2>
-    <p>In addition to file type and the file encoding,
-    another important piece of information is what language a
-    particular document is in, and in what character set the file
-    should be displayed. For example, the document might be written
-    in the Vietnamese alphabet, or in Cyrillic, and should be
-    displayed as such. This information, also, is transmitted in
-    HTTP headers.</p>
-
-    <p>The character set, language, encoding and mime type are all
-    used in the process of content negotiation (See
-    <code class="module"><a href="../mod/mod_negotiation.html">mod_negotiation</a></code>) to determine
-    which document to give to the client, when there are
-    alternative documents in more than one character set, language,
-    encoding or mime type. All filename extensions associations
-    created with <code class="directive"><a href="#addcharset">AddCharset</a></code>,
-    <code class="directive"><a href="#addencoding">AddEncoding</a></code>, <code class="directive"><a href="#addlanguage">AddLanguage</a></code> and <code class="directive"><a href="#addtype">AddType</a></code> directives
-    (and extensions listed in the <code class="directive"><a href="../mod/mod_mime_magic.html#mimemagicfile">MimeMagicFile</a></code>) participate in this select process.
-    Filename extensions that are only associated using the <code class="directive"><a href="#addhandler">AddHandler</a></code>, <code class="directive"><a href="#addinputfilter">AddInputFilter</a></code> or <code class="directive"><a href="#addoutputfilter">AddOutputFilter</a></code> directives may be included or excluded
-    from matching by using the <code class="directive"><a href="#multiviewsmatch">MultiviewsMatch</a></code> directive.</p>
-
-    <h3><a name="charset" id="charset">Charset</a></h3>
-      <p>To convey this further information, Apache optionally sends
-      a <code>Content-Language</code> header, to specify the language
-      that the document is in, and can append additional information
-      onto the <code>Content-Type</code> header to indicate the
-      particular character set that should be used to correctly
-      render the information.</p>
-
-      <div class="example"><p><code>
-Content-Language: en, fr
-Content-Type: text/plain; charset=ISO-8859-1
-      </code></p></div>
-
-      <p>The language specification is the two-letter abbreviation
-      for the language. The <code>charset</code> is the name of the
-      particular character set which should be used.</p>
-    
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_mime_magic.html.en b/docs/manual/mod/mod_mime_magic.html.en
index 75d28c6251..ec32b3016a 100644
--- a/docs/manual/mod/mod_mime_magic.html.en
+++ b/docs/manual/mod/mod_mime_magic.html.en
@@ -46,38 +46,16 @@
     what the contents are. This module is active only if the magic
     file is specified by the <code class="directive"><a href="#mimemagicfile">MimeMagicFile</a></code> directive.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#mimemagicfile">MimeMagicFile</a></li>
-</ul>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#format">Format of the Magic File</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#performance">Performance Issues</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#notes">Notes</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="MimeMagicFile" id="MimeMagicFile">MimeMagicFile</a> <a name="mimemagicfile" id="mimemagicfile">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable MIME-type determination based on file contents
-using the specified magic file</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MimeMagicFile <var>file-path</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_mime_magic</td></tr>
-</table>
-    <p>The <code class="directive">MimeMagicFile</code> directive can be used to
-    enable this module, the default file is distributed at
-    <code>conf/magic</code>. Non-rooted paths are relative to the
-    <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>. Virtual hosts will use
-    the same file as the main server unless a more specific setting is
-    used, in which case the more specific setting overrides the main
-    server's file.</p>
-
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">MimeMagicFile conf/magic</pre>
-</div>
-
-</div>
+</ul><h3 class="directives">Directives</h3>
+<ul id="toc">
+<li><img alt="" src="../images/down.gif" /> <a href="#mimemagicfile">MimeMagicFile</a></li>
+</ul>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="format" id="format">Format of the Magic File</a></h2>
@@ -268,6 +246,28 @@ using the specified magic file</td></tr>
         used here.</li>
       </ul>
     </div>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="MimeMagicFile" id="MimeMagicFile">MimeMagicFile</a> <a name="mimemagicfile" id="mimemagicfile">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable MIME-type determination based on file contents
+using the specified magic file</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MimeMagicFile <var>file-path</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_mime_magic</td></tr>
+</table>
+    <p>The <code class="directive">MimeMagicFile</code> directive can be used to
+    enable this module, the default file is distributed at
+    <code>conf/magic</code>. Non-rooted paths are relative to the
+    <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>. Virtual hosts will use
+    the same file as the main server unless a more specific setting is
+    used, in which case the more specific setting overrides the main
+    server's file.</p>
+
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">MimeMagicFile conf/magic</pre>
+</div>
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_negotiation.html.en b/docs/manual/mod/mod_negotiation.html.en
index 7be5c8e17f..0422a1889d 100644
--- a/docs/manual/mod/mod_negotiation.html.en
+++ b/docs/manual/mod/mod_negotiation.html.en
@@ -50,17 +50,17 @@
       results.</li>
     </ul>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#typemaps">Type maps</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#multiviews">Multiviews</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#cachenegotiateddocs">CacheNegotiatedDocs</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#forcelanguagepriority">ForceLanguagePriority</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#languagepriority">LanguagePriority</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#typemaps">Type maps</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#multiviews">Multiviews</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="directive"><a href="../mod/core.html#options">Options</a></code></li>
 <li><code class="module"><a href="../mod/mod_mime.html">mod_mime</a></code></li>
@@ -69,118 +69,6 @@ Negotiation</a></li>
 <li><a href="../env.html">Environment Variables</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="CacheNegotiatedDocs" id="CacheNegotiatedDocs">CacheNegotiatedDocs</a> <a name="cachenegotiateddocs" id="cachenegotiateddocs">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Allows content-negotiated documents to be
-cached by proxy servers</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>CacheNegotiatedDocs On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>CacheNegotiatedDocs Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_negotiation</td></tr>
-</table>
-    <p>If set, this directive allows content-negotiated documents
-    to be cached by proxy servers. This could mean that clients
-    behind those proxys could retrieve versions of the documents
-    that are not the best match for their abilities, but it will
-    make caching more efficient.</p>
-
-    <p>This directive only applies to requests which come from
-    HTTP/1.0 browsers. HTTP/1.1 provides much better control over
-    the caching of negotiated documents, and this directive has no
-    effect in responses to HTTP/1.1 requests.</p>
-
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ForceLanguagePriority" id="ForceLanguagePriority">ForceLanguagePriority</a> <a name="forcelanguagepriority" id="forcelanguagepriority">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Action to take if a single acceptable document is not
-found</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback]</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ForceLanguagePriority Prefer</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_negotiation</td></tr>
-</table>
-    <p>The <code class="directive">ForceLanguagePriority</code> directive uses
-    the given <code class="directive"><a href="#languagepriority">LanguagePriority</a></code> to satisfy
-    negotiation where the server could otherwise not return a single
-    matching document.</p>
-
-    <p><code>ForceLanguagePriority Prefer</code> uses
-    <code>LanguagePriority</code> to serve a one valid result, rather
-    than returning an HTTP result 300 (MULTIPLE CHOICES) when there
-    are several equally valid choices.  If the directives below were
-    given, and the user's <code>Accept-Language</code> header assigned
-    <code>en</code> and <code>de</code> each as quality <code>.500</code>
-    (equally acceptable) then the first matching variant, <code>en</code>,
-    will be served.</p>
-
-    <pre class="prettyprint lang-config">LanguagePriority en fr de
-ForceLanguagePriority Prefer</pre>
-
-
-    <p><code>ForceLanguagePriority Fallback</code> uses
-    <code class="directive"><a href="#languagepriority">LanguagePriority</a></code> to
-    serve a valid result, rather than returning an HTTP result 406
-    (NOT ACCEPTABLE). If the directives below were given, and the user's
-    <code>Accept-Language</code> only permitted an <code>es</code>
-    language response, but such a variant isn't found, then the first
-    variant from the <code class="directive"><a href="#languagepriority">LanguagePriority</a></code> list below will be served.</p>
-
-    <pre class="prettyprint lang-config">LanguagePriority en fr de
-ForceLanguagePriority Fallback</pre>
-
-
-    <p>Both options, <code>Prefer</code> and <code>Fallback</code>, may be
-    specified, so either the first matching variant from <code class="directive"><a href="#languagepriority">LanguagePriority</a></code> will be served if
-    more than one variant is acceptable, or first available document will
-    be served if none of the variants matched the client's acceptable list
-    of languages.</p>
-
-<h3>See also</h3>
-<ul>
-<li><code class="directive"><a href="../mod/mod_mime.html#addlanguage">AddLanguage</a></code></li>
-</ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LanguagePriority" id="LanguagePriority">LanguagePriority</a> <a name="languagepriority" id="languagepriority">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The precendence of language variants for cases where
-the client does not express a preference</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LanguagePriority <var>MIME-lang</var> [<var>MIME-lang</var>]
-...</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_negotiation</td></tr>
-</table>
-    <p>The <code class="directive">LanguagePriority</code> sets the precedence
-    of language variants for the case where the client does not
-    express a preference, when handling a Multiviews request. The list
-    of <var>MIME-lang</var> are in order of decreasing preference.</p>
-
-    <pre class="prettyprint lang-config">LanguagePriority en fr de</pre>
-
-
-    <p>For a request for <code>foo.html</code>, where
-    <code>foo.html.fr</code> and <code>foo.html.de</code> both
-    existed, but the browser did not express a language preference,
-    then <code>foo.html.fr</code> would be returned.</p>
-
-    <p>Note that this directive only has an effect if a 'best'
-    language cannot be determined by any other means or the <code class="directive"><a href="#forcelanguagepriority">ForceLanguagePriority</a></code> directive
-    is not <code>None</code>. In general, the client determines the
-    language preference, not the server.</p>
-
-<h3>See also</h3>
-<ul>
-<li><code class="directive"><a href="../mod/mod_mime.html#addlanguage">AddLanguage</a></code></li>
-</ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="typemaps" id="typemaps">Type maps</a></h2>
     <p>A type map has a format similar to RFC822 mail headers. It
@@ -338,6 +226,118 @@ the client does not express a preference</td></tr>
     that do not have content negotiation meta-information assigned
     to them when choosing files.</p>
 </div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="CacheNegotiatedDocs" id="CacheNegotiatedDocs">CacheNegotiatedDocs</a> <a name="cachenegotiateddocs" id="cachenegotiateddocs">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Allows content-negotiated documents to be
+cached by proxy servers</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>CacheNegotiatedDocs On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>CacheNegotiatedDocs Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_negotiation</td></tr>
+</table>
+    <p>If set, this directive allows content-negotiated documents
+    to be cached by proxy servers. This could mean that clients
+    behind those proxys could retrieve versions of the documents
+    that are not the best match for their abilities, but it will
+    make caching more efficient.</p>
+
+    <p>This directive only applies to requests which come from
+    HTTP/1.0 browsers. HTTP/1.1 provides much better control over
+    the caching of negotiated documents, and this directive has no
+    effect in responses to HTTP/1.1 requests.</p>
+
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ForceLanguagePriority" id="ForceLanguagePriority">ForceLanguagePriority</a> <a name="forcelanguagepriority" id="forcelanguagepriority">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Action to take if a single acceptable document is not
+found</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback]</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ForceLanguagePriority Prefer</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_negotiation</td></tr>
+</table>
+    <p>The <code class="directive">ForceLanguagePriority</code> directive uses
+    the given <code class="directive"><a href="#languagepriority">LanguagePriority</a></code> to satisfy
+    negotiation where the server could otherwise not return a single
+    matching document.</p>
+
+    <p><code>ForceLanguagePriority Prefer</code> uses
+    <code>LanguagePriority</code> to serve a one valid result, rather
+    than returning an HTTP result 300 (MULTIPLE CHOICES) when there
+    are several equally valid choices.  If the directives below were
+    given, and the user's <code>Accept-Language</code> header assigned
+    <code>en</code> and <code>de</code> each as quality <code>.500</code>
+    (equally acceptable) then the first matching variant, <code>en</code>,
+    will be served.</p>
+
+    <pre class="prettyprint lang-config">LanguagePriority en fr de
+ForceLanguagePriority Prefer</pre>
+
+
+    <p><code>ForceLanguagePriority Fallback</code> uses
+    <code class="directive"><a href="#languagepriority">LanguagePriority</a></code> to
+    serve a valid result, rather than returning an HTTP result 406
+    (NOT ACCEPTABLE). If the directives below were given, and the user's
+    <code>Accept-Language</code> only permitted an <code>es</code>
+    language response, but such a variant isn't found, then the first
+    variant from the <code class="directive"><a href="#languagepriority">LanguagePriority</a></code> list below will be served.</p>
+
+    <pre class="prettyprint lang-config">LanguagePriority en fr de
+ForceLanguagePriority Fallback</pre>
+
+
+    <p>Both options, <code>Prefer</code> and <code>Fallback</code>, may be
+    specified, so either the first matching variant from <code class="directive"><a href="#languagepriority">LanguagePriority</a></code> will be served if
+    more than one variant is acceptable, or first available document will
+    be served if none of the variants matched the client's acceptable list
+    of languages.</p>
+
+<h3>See also</h3>
+<ul>
+<li><code class="directive"><a href="../mod/mod_mime.html#addlanguage">AddLanguage</a></code></li>
+</ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LanguagePriority" id="LanguagePriority">LanguagePriority</a> <a name="languagepriority" id="languagepriority">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The precendence of language variants for cases where
+the client does not express a preference</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LanguagePriority <var>MIME-lang</var> [<var>MIME-lang</var>]
+...</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_negotiation</td></tr>
+</table>
+    <p>The <code class="directive">LanguagePriority</code> sets the precedence
+    of language variants for the case where the client does not
+    express a preference, when handling a Multiviews request. The list
+    of <var>MIME-lang</var> are in order of decreasing preference.</p>
+
+    <pre class="prettyprint lang-config">LanguagePriority en fr de</pre>
+
+
+    <p>For a request for <code>foo.html</code>, where
+    <code>foo.html.fr</code> and <code>foo.html.de</code> both
+    existed, but the browser did not express a language preference,
+    then <code>foo.html.fr</code> would be returned.</p>
+
+    <p>Note that this directive only has an effect if a 'best'
+    language cannot be determined by any other means or the <code class="directive"><a href="#forcelanguagepriority">ForceLanguagePriority</a></code> directive
+    is not <code>None</code>. In general, the client determines the
+    language preference, not the server.</p>
+
+<h3>See also</h3>
+<ul>
+<li><code class="directive"><a href="../mod/mod_mime.html#addlanguage">AddLanguage</a></code></li>
+</ul>
+</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_negotiation.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_nw_ssl.html.en b/docs/manual/mod/mod_nw_ssl.html.en
index f7067c995e..b93bb6c103 100644
--- a/docs/manual/mod/mod_nw_ssl.html.en
+++ b/docs/manual/mod/mod_nw_ssl.html.en
@@ -45,6 +45,7 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#securelisten">SecureListen</a></li>
 </ul>
 <ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="NWSSLTrustedCerts" id="NWSSLTrustedCerts">NWSSLTrustedCerts</a> <a name="nwssltrustedcerts" id="nwssltrustedcerts">Directive</a></h2>
 <table class="directive">
@@ -91,7 +92,6 @@
     parameter also enables mutual authentication.</p>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_nw_ssl.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_privileges.html.en b/docs/manual/mod/mod_privileges.html.en
index e4fcc747e2..83cba2e11e 100644
--- a/docs/manual/mod/mod_privileges.html.en
+++ b/docs/manual/mod/mod_privileges.html.en
@@ -61,7 +61,10 @@ applications implemented in C as apache modules where privilege
 separation is an issue.</p>
 
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#security">Security Considerations</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#dtraceprivileges">DTracePrivileges</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#privilegesmode">PrivilegesMode</a></li>
@@ -72,10 +75,66 @@ separation is an issue.</p>
 <li><img alt="" src="../images/down.gif" /> <a href="#vhostsecure">VHostSecure</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#vhostuser">VHostUser</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#security">Security Considerations</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="security" id="security">Security Considerations</a></h2>
+
+<p><code class="module"><a href="../mod/mod_privileges.html">mod_privileges</a></code> introduces new security concerns
+in situations where <strong>untrusted code</strong> may be run
+<strong>within the webserver process</strong>.  This applies to
+untrusted modules, and scripts running under modules such as
+mod_php or mod_perl.  Scripts running externally (e.g. as CGI
+or in an appserver behind mod_proxy or mod_jk) are NOT affected.</p>
+
+<p>The basic security concerns with mod_privileges are:</p>
+<ul><li>Running as a system user introduces the same security issues
+    as mod_suexec, and near-equivalents such as cgiwrap and suphp.</li>
+<li>A privileges-aware malicious user extension (module or script)
+    could escalate its privileges to anything available to the
+    httpd process in any virtual host.  This introduces new risks
+    if (and only if) mod_privileges is compiled with the
+    <var>BIG_SECURITY_HOLE</var> option.</li>
+<li>A privileges-aware malicious user extension (module or script)
+    could escalate privileges to set its user ID to another system
+    user (and/or group).</li>
+</ul>
+
+<p>The <code class="directive">PrivilegesMode</code> directive allows you to
+select either <var>FAST</var> or <var>SECURE</var> mode.  You can
+mix modes, using <var>FAST</var> mode for trusted users and
+fully-audited code paths, while imposing SECURE mode where an
+untrusted user has scope to introduce code.</p>
+<p>Before describing the modes, we should also introduce the target
+use cases: Benign vs Hostile.  In a benign situation, you want to
+separate users for their convenience, and protect them and the server
+against the risks posed by honest mistakes, but you trust your users
+are not deliberately subverting system security.  In a hostile
+situation - e.g. commercial hosting - you may have users deliberately
+attacking the system or each other.</p>
+<dl>
+<dt>FAST mode</dt>
+<dd>In <var>FAST</var> mode, requests are run in-process with the
+selected uid/gid and privileges, so the overhead is negligible.
+This is suitable for benign situations, but is not secure against an
+attacker escalating privileges with an in-process module or script.</dd>
+<dt>SECURE mode</dt>
+<dd>A request in <var>SECURE</var> mode forks a subprocess, which
+then drops privileges.  This is a very similar case to running CGI
+with suexec, but for the entire request cycle, and with the benefit
+of fine-grained control of privileges.</dd>
+</dl>
+<p>You can select different <code class="directive">PrivilegesMode</code>s for
+each virtual host, and even in a directory context within a virtual
+host.  <var>FAST</var> mode is appropriate where the user(s) are
+trusted and/or have no privilege to load in-process code.
+<var>SECURE</var> mode is appropriate to cases where untrusted code
+might be run in-process.  However, even in <var>SECURE</var> mode,
+there is no protection against a malicious user who is able to
+introduce privileges-aware code running <em>before the start of the
+request-processing cycle.</em></p>
+
+</div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="DTracePrivileges" id="DTracePrivileges">DTracePrivileges</a> <a name="dtraceprivileges" id="dtraceprivileges">Directive</a></h2>
 <table class="directive">
@@ -332,65 +391,6 @@ non-threaded MPMs (<code class="module"><a href="../mod/prefork.html">prefork</a
 <li><code class="directive"><a href="../mod/mod_unixd.html#user">User</a></code></li>
 <li><code class="directive"><a href="../mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code></li>
 </ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="security" id="security">Security Considerations</a></h2>
-
-<p><code class="module"><a href="../mod/mod_privileges.html">mod_privileges</a></code> introduces new security concerns
-in situations where <strong>untrusted code</strong> may be run
-<strong>within the webserver process</strong>.  This applies to
-untrusted modules, and scripts running under modules such as
-mod_php or mod_perl.  Scripts running externally (e.g. as CGI
-or in an appserver behind mod_proxy or mod_jk) are NOT affected.</p>
-
-<p>The basic security concerns with mod_privileges are:</p>
-<ul><li>Running as a system user introduces the same security issues
-    as mod_suexec, and near-equivalents such as cgiwrap and suphp.</li>
-<li>A privileges-aware malicious user extension (module or script)
-    could escalate its privileges to anything available to the
-    httpd process in any virtual host.  This introduces new risks
-    if (and only if) mod_privileges is compiled with the
-    <var>BIG_SECURITY_HOLE</var> option.</li>
-<li>A privileges-aware malicious user extension (module or script)
-    could escalate privileges to set its user ID to another system
-    user (and/or group).</li>
-</ul>
-
-<p>The <code class="directive">PrivilegesMode</code> directive allows you to
-select either <var>FAST</var> or <var>SECURE</var> mode.  You can
-mix modes, using <var>FAST</var> mode for trusted users and
-fully-audited code paths, while imposing SECURE mode where an
-untrusted user has scope to introduce code.</p>
-<p>Before describing the modes, we should also introduce the target
-use cases: Benign vs Hostile.  In a benign situation, you want to
-separate users for their convenience, and protect them and the server
-against the risks posed by honest mistakes, but you trust your users
-are not deliberately subverting system security.  In a hostile
-situation - e.g. commercial hosting - you may have users deliberately
-attacking the system or each other.</p>
-<dl>
-<dt>FAST mode</dt>
-<dd>In <var>FAST</var> mode, requests are run in-process with the
-selected uid/gid and privileges, so the overhead is negligible.
-This is suitable for benign situations, but is not secure against an
-attacker escalating privileges with an in-process module or script.</dd>
-<dt>SECURE mode</dt>
-<dd>A request in <var>SECURE</var> mode forks a subprocess, which
-then drops privileges.  This is a very similar case to running CGI
-with suexec, but for the entire request cycle, and with the benefit
-of fine-grained control of privileges.</dd>
-</dl>
-<p>You can select different <code class="directive">PrivilegesMode</code>s for
-each virtual host, and even in a directory context within a virtual
-host.  <var>FAST</var> mode is appropriate where the user(s) are
-trusted and/or have no privilege to load in-process code.
-<var>SECURE</var> mode is appropriate to cases where untrusted code
-might be run in-process.  However, even in <var>SECURE</var> mode,
-there is no protection against a malicious user who is able to
-introduce privileges-aware code running <em>before the start of the
-request-processing cycle.</em></p>
-
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_proxy.html.en b/docs/manual/mod/mod_proxy.html.en
index 0b1b8f8c7c..79321f6b21 100644
--- a/docs/manual/mod/mod_proxy.html.en
+++ b/docs/manual/mod/mod_proxy.html.en
@@ -84,7 +84,20 @@
     <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code>.  These additional modules will need
     to be loaded and configured to take advantage of these features.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#forwardreverse">Forward Proxies and Reverse
+       Proxies/Gateways</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#examples">Basic Examples</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#handler">Access via Handler</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#workers">Workers</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#access">Controlling access to your proxy</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#startup">Slow Startup</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#intranet">Intranet Proxy</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#envsettings">Protocol Adjustments</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#request-bodies">Request Bodies</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#x-headers">Reverse Proxy Request Headers</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#balancergrowth">BalancerGrowth</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#balancerinherit">BalancerInherit</a></li>
@@ -118,20 +131,7 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#proxytimeout">ProxyTimeout</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#proxyvia">ProxyVia</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#forwardreverse">Forward Proxies and Reverse
-       Proxies/Gateways</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#examples">Basic Examples</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#handler">Access via Handler</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#workers">Workers</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#access">Controlling access to your proxy</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#startup">Slow Startup</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#intranet">Intranet Proxy</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#envsettings">Protocol Adjustments</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#request-bodies">Request Bodies</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#x-headers">Reverse Proxy Request Headers</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code></li>
 <li><code class="module"><a href="../mod/mod_proxy_ajp.html">mod_proxy_ajp</a></code></li>
@@ -145,1790 +145,1790 @@
 <li><code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="BalancerGrowth" id="BalancerGrowth">BalancerGrowth</a> <a name="balancergrowth" id="balancergrowth">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Number of additional Balancers that can be added Post-configuration</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>BalancerGrowth <var>#</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>BalancerGrowth 5</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>BalancerGrowth is only available in Apache HTTP Server 2.3.13
-  and later.</td></tr>
-</table>
-    <p>This directive allows for growth potential in the number of
-    Balancers available for a virtualhost in addition to the
-    number pre-configured. It only takes effect if there is at
-    least 1 pre-configured Balancer.</p>
+<div class="section">
+<h2><a name="forwardreverse" id="forwardreverse">Forward Proxies and Reverse
+       Proxies/Gateways</a></h2>
+      <p>Apache HTTP Server can be configured in both a <dfn>forward</dfn> and
+      <dfn>reverse</dfn> proxy (also known as <dfn>gateway</dfn>) mode.</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="BalancerInherit" id="BalancerInherit">BalancerInherit</a> <a name="balancerinherit" id="balancerinherit">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Inherit ProxyPassed Balancers/Workers from the main server</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>BalancerInherit On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>BalancerInherit On</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>BalancerInherit is only available in Apache HTTP Server 2.4.5 and later.</td></tr>
-</table>
-        <p>This directive will cause the current server/vhost to "inherit" ProxyPass
-            Balancers and Workers defined in the main server. This can cause issues and
-            inconsistent behavior if using the Balancer Manager and so should be disabled
-            if using that feature.</p>
-        <p>The setting in the global server defines the default for all vhosts.</p>
-    
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="BalancerMember" id="BalancerMember">BalancerMember</a> <a name="balancermember" id="balancermember">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Add a member to a load balancing group</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>BalancerMember [<var>balancerurl</var>] <var>url</var> [<var>key=value [key=value ...]]</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>BalancerMember is only available in Apache HTTP Server 2.2
-        and later.</td></tr>
-</table>
-        <p>This directive adds a member to a load balancing group. It could be used
-            within a <code>&lt;Proxy <var>balancer://</var>...&gt;</code> container
-            directive, and can take any of the key value pair parameters available to
-            <code class="directive"><a href="#proxypass">ProxyPass</a></code> directives.</p>
-        <p>One additional parameter is available only to <code class="directive">BalancerMember</code> directives:
-            <var>loadfactor</var>. This is the member load factor - a number between 1
-            (default) and 100, which defines the weighted load to be applied to the
-            member in question.</p>
-        <p>The <var>balancerurl</var> is only needed when not in
-            <code>&lt;Proxy <var>balancer://</var>...&gt;</code>
-            container directive. It corresponds to the url of a balancer defined in
-            <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive.</p>
-        <p>The path component of the balancer URL in any
-            <code>&lt;Proxy <var>balancer://</var>...&gt;</code> container directive
-            is ignored.</p>
-        <p>Trailing slashes should typically be removed from the URL of a
-            <code class="directive">BalancerMember</code>.</p>
-    
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="BalancerPersist" id="BalancerPersist">BalancerPersist</a> <a name="balancerpersist" id="balancerpersist">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Attempt to persist changes made by the Balancer Manager across restarts.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>BalancerPersist On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>BalancerPersist Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>BalancerPersist is only available in Apache HTTP Server 2.4.4 and later.</td></tr>
-</table>
-        <p>This directive will cause the shared memory storage associated
-        with the balancers and balancer members to be persisted across
-        restarts. This allows these local changes to not be lost during the
-        normal restart/graceful state transitions.</p>
-    
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="NoProxy" id="NoProxy">NoProxy</a> <a name="noproxy" id="noproxy">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Hosts, domains, or networks that will be connected to
-directly</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>NoProxy <var>host</var> [<var>host</var>] ...</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-</table>
-    <p>This directive is only useful for Apache httpd proxy servers within
-    intranets.  The <code class="directive">NoProxy</code> directive specifies a
-    list of subnets, IP addresses, hosts and/or domains, separated by
-    spaces. A request to a host which matches one or more of these is
-    always served directly, without forwarding to the configured
-    <code class="directive"><a href="#proxyremote">ProxyRemote</a></code> proxy server(s).</p>
+      <p>An ordinary <dfn>forward proxy</dfn> is an intermediate
+      server that sits between the client and the <em>origin
+      server</em>.  In order to get content from the origin server,
+      the client sends a request to the proxy naming the origin server
+      as the target and the proxy then requests the content from the
+      origin server and returns it to the client.  The client must be
+      specially configured to use the forward proxy to access other
+      sites.</p>
 
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ProxyRemote  "*"  "http://firewall.example.com:81"
-NoProxy         ".example.com" "192.168.112.0/21"</pre>
-</div>
+      <p>A typical usage of a forward proxy is to provide Internet
+      access to internal clients that are otherwise restricted by a
+      firewall.  The forward proxy can also use caching (as provided
+      by <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code>) to reduce network usage.</p>
 
-    <p>The <var>host</var> arguments to the <code class="directive">NoProxy</code>
-    directive are one of the following type list:</p>
+      <p>The forward proxy is activated using the <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> directive.  Because
+      forward proxies allow clients to access arbitrary sites through
+      your server and to hide their true origin, it is essential that
+      you <a href="#access">secure your server</a> so that only
+      authorized clients can access the proxy before activating a
+      forward proxy.</p>
 
-    <dl>
-    
-    <dt><var><a name="domain" id="domain">Domain</a></var></dt>
-    <dd>
-    <p>A <dfn>Domain</dfn> is a partially qualified DNS domain name, preceded
-    by a period. It represents a list of hosts which logically belong to the
-    same DNS domain or zone (<em>i.e.</em>, the suffixes of the hostnames are
-    all ending in <var>Domain</var>).</p>
+      <p>A <dfn>reverse proxy</dfn> (or <dfn>gateway</dfn>), by
+      contrast, appears to the client just like an ordinary web
+      server.  No special configuration on the client is necessary.
+      The client makes ordinary requests for content in the name-space
+      of the reverse proxy.  The reverse proxy then decides where to
+      send those requests, and returns the content as if it was itself
+      the origin.</p>
 
-    <div class="example"><h3>Examples</h3><p><code>
-      .com .example.org.
-    </code></p></div>
+      <p>A typical usage of a reverse proxy is to provide Internet
+      users access to a server that is behind a firewall.  Reverse
+      proxies can also be used to balance load among several back-end
+      servers, or to provide caching for a slower back-end server.
+      In addition, reverse proxies can be used simply to bring
+      several servers into the same URL space.</p>
 
-    <p>To distinguish <var>Domain</var>s from <var><a href="#hostname">Hostname</a></var>s (both syntactically and semantically; a DNS domain can
-    have a DNS A record, too!), <var>Domain</var>s are always written with a
-    leading period.</p>
+      <p>A reverse proxy is activated using the <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive or the
+      <code>[P]</code> flag to the <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> directive.  It is
+      <strong>not</strong> necessary to turn <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> on in order to
+      configure a reverse proxy.</p>
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="examples" id="examples">Basic Examples</a></h2>
 
-    <div class="note"><h3>Note</h3>
-      <p>Domain name comparisons are done without regard to the case, and
-      <var>Domain</var>s are always assumed to be anchored in the root of the
-      DNS tree, therefore two domains <code>.ExAmple.com</code> and
-      <code>.example.com.</code> (note the trailing period) are considered
-      equal. Since a domain comparison does not involve a DNS lookup, it is much
-      more efficient than subnet comparison.</p>
-    </div></dd>
+    <p>The examples below are only a very basic idea to help you
+    get started.  Please read the documentation on the individual
+    directives.</p>
 
-    
-    <dt><var><a name="subnet" id="subnet">SubNet</a></var></dt>
-    <dd>
-    <p>A <dfn>SubNet</dfn> is a partially qualified internet address in
-    numeric (dotted quad) form, optionally followed by a slash and the netmask,
-    specified as the number of significant bits in the <var>SubNet</var>. It is
-    used to represent a subnet of hosts which can be reached over a common
-    network interface. In the absence of the explicit net mask it is assumed
-    that omitted (or zero valued) trailing digits specify the mask. (In this
-    case, the netmask can only be multiples of 8 bits wide.) Examples:</p>
+    <p>In addition, if you wish to have caching enabled, consult
+    the documentation from <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code>.</p>
 
-    <dl>
-    <dt><code>192.168</code> or <code>192.168.0.0</code></dt>
-    <dd>the subnet 192.168.0.0 with an implied netmask of 16 valid bits
-    (sometimes used in the netmask form <code>255.255.0.0</code>)</dd>
-    <dt><code>192.168.112.0/21</code></dt>
-    <dd>the subnet <code>192.168.112.0/21</code> with a netmask of 21
-    valid bits (also used in the form <code>255.255.248.0</code>)</dd>
-    </dl>
+    <div class="example"><h3>Reverse Proxy</h3><pre class="prettyprint lang-config">ProxyPass "/foo" "http://foo.example.com/bar"
+ProxyPassReverse "/foo" "http://foo.example.com/bar"</pre>
+</div>
 
-    <p>As a degenerate case, a <em>SubNet</em> with 32 valid bits is the
-    equivalent to an <var><a href="#ipaddr">IPAddr</a></var>, while a <var>SubNet</var> with zero
-    valid bits (<em>e.g.</em>, 0.0.0.0/0) is the same as the constant
-    <var>_Default_</var>, matching any IP address.</p></dd>
+    <div class="example"><h3>Forward Proxy</h3><pre class="prettyprint lang-config">ProxyRequests On
+ProxyVia On
 
-    
-    <dt><var><a name="ipaddr" id="ipaddr">IPAddr</a></var></dt>
-    <dd>
-    <p>A <dfn>IPAddr</dfn> represents a fully qualified internet address in
-    numeric (dotted quad) form. Usually, this address represents a host, but
-    there need not necessarily be a DNS domain name connected with the
-    address.</p>
-    <div class="example"><h3>Example</h3><p><code>
-      192.168.123.7
-    </code></p></div>
+&lt;Proxy "*"&gt;
+  Require host internal.example.com
+&lt;/Proxy&gt;</pre>
+</div>
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="handler" id="handler">Access via Handler</a></h2>
 
-    <div class="note"><h3>Note</h3>
-      <p>An <var>IPAddr</var> does not need to be resolved by the DNS system, so
-      it can result in more effective apache performance.</p>
-    </div></dd>
+      <p>You can also force a request to be handled as a reverse-proxy
+        request, by creating a suitable Handler pass-through. The example
+        configuration below will pass all requests for PHP scripts to the
+        specified FastCGI server using reverse proxy:
+      </p>
 
-    
-    <dt><var><a name="hostname" id="hostname">Hostname</a></var></dt>
-    <dd>
-    <p>A <dfn>Hostname</dfn> is a fully qualified DNS domain name which can
-    be resolved to one or more <var><a href="#ipaddr">IPAddrs</a></var> via the
-    DNS domain name service. It represents a logical host (in contrast to
-    <var><a href="#domain">Domain</a></var>s, see above) and must be resolvable
-    to at least one <var><a href="#ipaddr">IPAddr</a></var> (or often to a list
-    of hosts with different <var><a href="#ipaddr">IPAddr</a></var>s).</p>
+      <div class="example"><h3>Reverse Proxy PHP scripts</h3><pre class="prettyprint lang-config">&lt;FilesMatch "\.php$"&gt;
+    # Unix sockets require 2.4.7 or later
+    SetHandler  "proxy:unix:/path/to/app.sock|fcgi://localhost/"
+&lt;/FilesMatch&gt;</pre>
+</div>
 
-    <div class="example"><h3>Examples</h3><p><code>
-      prep.ai.example.edu<br />
-      www.example.org
-    </code></p></div>
+      <p>This feature is available in Apache HTTP Server 2.4.10 and later.</p>
 
-    <div class="note"><h3>Note</h3>
-      <p>In many situations, it is more effective to specify an <var><a href="#ipaddr">IPAddr</a></var> in place of a <var>Hostname</var> since a
-      DNS lookup can be avoided. Name resolution in Apache httpd can take a remarkable
-      deal of time when the connection to the name server uses a slow PPP
-      link.</p>
-      <p><var>Hostname</var> comparisons are done without regard to the case,
-      and <var>Hostname</var>s are always assumed to be anchored in the root
-      of the DNS tree, therefore two hosts <code>WWW.ExAmple.com</code>
-      and <code>www.example.com.</code> (note the trailing period) are
-      considered equal.</p>
-     </div></dd>
-    </dl>
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="workers" id="workers">Workers</a></h2>
+      <p>The proxy manages the configuration of origin servers and their
+      communication parameters in objects called <dfn>workers</dfn>.
+      There are two built-in workers, the default forward proxy worker and the
+      default reverse proxy worker. Additional workers can be configured
+      explicitly.</p>
 
-<h3>See also</h3>
-<ul>
-<li><a href="../dns-caveats.html">DNS Issues</a></li>
-</ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="Proxy" id="Proxy">&lt;Proxy&gt;</a> <a name="proxy" id="proxy">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Container for directives applied to proxied resources</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>&lt;Proxy <var>wildcard-url</var>&gt; ...&lt;/Proxy&gt;</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-</table>
-    <p>Directives placed in <code class="directive">&lt;Proxy&gt;</code>
-    sections apply only to matching proxied content.  Shell-style wildcards are
-    allowed.</p>
+      <p>The two default workers have a fixed configuration
+      and will be used if no other worker matches the request.
+      They do not use HTTP Keep-Alive or connection pooling.
+      The TCP connections to the origin server will instead be
+      opened and closed for each request.</p>
 
-    <p>For example, the following will allow only hosts in
-    <code>yournetwork.example.com</code> to access content via your proxy
-    server:</p>
+      <p>Explicitly configured workers are identified by their URL.
+      They are usually created and configured using
+      <code class="directive"><a href="#proxypass">ProxyPass</a></code> or
+      <code class="directive"><a href="#proxypassmatch">ProxyPassMatch</a></code> when used
+      for a reverse proxy:</p>
 
-    <pre class="prettyprint lang-config">&lt;Proxy "*"&gt;
-  Require host yournetwork.example.com
-&lt;/Proxy&gt;</pre>
+      <pre class="prettyprint lang-config">ProxyPass "/example" "http://backend.example.com" connectiontimeout=5 timeout=30</pre>
 
 
-    <p>The following example will process all files in the <code>foo</code>
-    directory of <code>example.com</code> through the <code>INCLUDES</code>
-    filter when they are sent through the proxy server:</p>
+      <p>This will create a worker associated with the origin server URL
+      <code>http://backend.example.com</code> and using the given timeout
+      values. When used in a forward proxy, workers are usually defined
+      via the <code class="directive"><a href="#proxyset">ProxySet</a></code> directive:</p>
 
-   <pre class="prettyprint lang-config">&lt;Proxy "http://example.com/foo/*"&gt;
-  SetOutputFilter INCLUDES
+      <pre class="prettyprint lang-config">ProxySet "http://backend.example.com" connectiontimeout=5 timeout=30</pre>
+
+
+      <p>or alternatively using <code class="directive"><a href="#proxy">Proxy</a></code>
+      and <code class="directive"><a href="#proxyset">ProxySet</a></code>:</p>
+
+      <pre class="prettyprint lang-config">&lt;Proxy "http://backend.example.com"&gt;
+  ProxySet connectiontimeout=5 timeout=30
 &lt;/Proxy&gt;</pre>
 
 
-    <div class="note"><h3>Differences from the Location configuration section</h3>
-      <p>A backend URL matches the configuration section if it begins with the 
-      the <var>wildcard-url</var> string, even if the last path segment in the
-      directive only matches a prefix of the backend URL.  For example, 
-      &lt;Proxy "http://example.com/foo"&gt; matches all of 
-      http://example.com/foo, http://example.com/foo/bar, and 
-      http://example.com/foobar.  The matching of the final URL differs
-      from the behavior of the <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code> section, which for purposes of this note 
-      treats the final path component as if it ended in a slash.</p>
-      <p>For more control over the matching, see <code class="directive">&lt;ProxyMatch&gt;</code>.</p>
-    </div>
+      <p>Using explicitly configured workers in the forward mode is
+      not very common, because forward proxies usually communicate with many
+      different origin servers. Creating explicit workers for some of the
+      origin servers can still be useful, if they are used very often.
+      Explicitly configured workers have no concept of forward or reverse
+      proxying by themselves. They encapsulate a common concept of
+      communication with origin servers. A worker created by
+      <code class="directive"><a href="#proxypass">ProxyPass</a></code> for use in a
+      reverse proxy will be also used for forward proxy requests whenever
+      the URL to the origin server matches the worker URL and vice versa.</p>
 
+      <p>The URL identifying a direct worker is the URL of its
+      origin server including any path components given:</p>
 
-<h3>See also</h3>
-<ul>
-<li><code class="directive"><a href="#proxymatch">&lt;ProxyMatch&gt;</a></code></li>
-</ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyAddHeaders" id="ProxyAddHeaders">ProxyAddHeaders</a> <a name="proxyaddheaders" id="proxyaddheaders">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Add proxy information in X-Forwarded-* headers</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyAddHeaders Off|On</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyAddHeaders On</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.10 and later</td></tr>
-</table>
-    <p>This directive determines whether or not proxy related information should be passed to the
-    backend server through X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server HTTP headers.</p>
-    <div class="note"><h3>Effectiveness</h3>
-     <p>This option is of use only for HTTP proxying, as handled by <code class="module"><a href="../mod/mod_proxy_http.html">mod_proxy_http</a></code>.</p>
-    </div>
+     <pre class="prettyprint lang-config">ProxyPass "/examples" "http://backend.example.com/examples"
+ProxyPass "/docs" "http://backend.example.com/docs"</pre>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyBadHeader" id="ProxyBadHeader">ProxyBadHeader</a> <a name="proxybadheader" id="proxybadheader">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Determines how to handle bad header lines in a
-response</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyBadHeader IsError|Ignore|StartBody</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyBadHeader IsError</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-</table>
-    <p>The <code class="directive">ProxyBadHeader</code> directive determines the
-    behaviour of <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> if it receives syntactically invalid
-    response header lines (<em>i.e.</em> containing no colon) from the origin
-    server. The following arguments are possible:</p>
 
-    <dl>
-    <dt><code>IsError</code></dt>
-    <dd>Abort the request and end up with a 502 (Bad Gateway) response. This is
-    the default behaviour.</dd>
+      <p>This example defines two different workers, each using a separate
+      connection pool and configuration.</p>
 
-    <dt><code>Ignore</code></dt>
-    <dd>Treat bad header lines as if they weren't sent.</dd>
+      <div class="warning"><h3>Worker Sharing</h3>
+        <p>Worker sharing happens if the worker URLs overlap, which occurs when
+        the URL of some worker is a leading substring of the URL of another
+        worker defined later in the configuration file. In the following example</p>
 
-    <dt><code>StartBody</code></dt>
-    <dd>When receiving the first bad header line, finish reading the headers and
-    treat the remainder as body. This helps to work around buggy backend servers
-    which forget to insert an empty line between the headers and the body.</dd>
-    </dl>
+        <pre class="prettyprint lang-config">ProxyPass "/apps" "http://backend.example.com/" timeout=60
+ProxyPass "/examples" "http://backend.example.com/examples" timeout=10</pre>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyBlock" id="ProxyBlock">ProxyBlock</a> <a name="proxyblock" id="proxyblock">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Words, hosts, or domains that are banned from being
-proxied</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyBlock *|<var>word</var>|<var>host</var>|<var>domain</var>
-[<var>word</var>|<var>host</var>|<var>domain</var>] ...</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-</table>
-    <p>The <code class="directive">ProxyBlock</code> directive specifies a list of
-    words, hosts and/or domains, separated by spaces.  HTTP, HTTPS, and
-    FTP document requests to sites whose names contain matched words,
-    hosts or domains are <em>blocked</em> by the proxy server. The proxy
-    module will also attempt to determine IP addresses of list items which
-    may be hostnames during startup, and cache them for match test as
-    well. That may slow down the startup time of the server.</p>
 
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ProxyBlock "news.example.com" "auctions.example.com" "friends.example.com"</pre>
-</div>
+        <p>the second worker isn't actually created. Instead the first
+        worker is used. The benefit is, that there is only one connection pool,
+        so connections are more often reused. Note that all configuration attributes
+        given explicitly for the later worker will be ignored. This will be logged
+        as a warning. In the above example the resulting timeout value
+        for the URL <code>/examples</code> will be <code>60</code> instead
+        of <code>10</code>!</p>
 
-    <p>Note that <code>example</code> would also be sufficient to match any
-    of these sites.</p>
+        <p>If you want to avoid worker sharing, sort your worker definitions
+        by URL length, starting with the longest worker URLs. If you want to maximize
+        worker sharing use the reverse sort order. See also the related warning about
+        ordering <code class="directive"><a href="#proxypass">ProxyPass</a></code> directives.</p>
 
-    <p>Hosts would also be matched if referenced by IP address.</p>
+      </div> 
 
-    <p>Note also that</p>
+      <p>Explicitly configured workers come in two flavors:
+      <dfn>direct workers</dfn> and <dfn>(load) balancer workers</dfn>.
+      They support many important configuration attributes which are
+      described below in the <code class="directive"><a href="#proxypass">ProxyPass</a></code>
+      directive. The same attributes can also be set using
+      <code class="directive"><a href="#proxyset">ProxySet</a></code>.</p>
 
-    <pre class="prettyprint lang-config">ProxyBlock "*"</pre>
+      <p>The set of options available for a direct worker
+      depends on the protocol, which is specified in the origin server URL.
+      Available protocols include <code>ajp</code>, <code>fcgi</code>,
+      <code>ftp</code>, <code>http</code> and <code>scgi</code>.</p>
 
+      <p>Balancer workers are virtual workers that use direct workers known
+      as their members to actually handle the requests. Each balancer can
+      have multiple members. When it handles a request, it chooses a member
+      based on the configured load balancing algorithm.</p>
 
-    <p>blocks connections to all sites.</p>
+      <p>A balancer worker is created if its worker URL uses
+      <code>balancer</code> as the protocol scheme.
+      The balancer URL uniquely identifies the balancer worker.
+      Members are added to a balancer using
+      <code class="directive"><a href="#balancermember">BalancerMember</a></code>.</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyDomain" id="ProxyDomain">ProxyDomain</a> <a name="proxydomain" id="proxydomain">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Default domain name for proxied requests</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyDomain <var>Domain</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-</table>
-    <p>This directive is only useful for Apache httpd proxy servers within
-    intranets. The <code class="directive">ProxyDomain</code> directive specifies
-    the default domain which the apache proxy server will belong to. If a
-    request to a host without a domain name is encountered, a redirection
-    response to the same host with the configured <var>Domain</var> appended
-    will be generated.</p>
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="access" id="access">Controlling access to your proxy</a></h2>
+      <p>You can control who can access your proxy via the <code class="directive"><a href="#proxy">&lt;Proxy&gt;</a></code> control block as in
+      the following example:</p>
 
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">      ProxyRemote  "*"  "http://firewall.example.com:81"<br />
-      NoProxy         ".example.com" "192.168.112.0/21"<br />
-      ProxyDomain     ".example.com"</pre>
-</div>
+      <pre class="prettyprint lang-config">&lt;Proxy "*"&gt;
+  Require ip 192.168.0
+&lt;/Proxy&gt;</pre>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyErrorOverride" id="ProxyErrorOverride">ProxyErrorOverride</a> <a name="proxyerroroverride" id="proxyerroroverride">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Override error pages for proxied content</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyErrorOverride On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyErrorOverride Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-</table>
-    <p>This directive is useful for reverse-proxy setups, where you want to
-    have a common look and feel on the error pages seen by the end user.
-    This also allows for included files (via
-    <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>'s SSI) to get
-    the error code and act accordingly (default behavior would display
-    the error page of the proxied server, turning this on shows the SSI
-    Error message).</p>
 
-    <p>This directive does not affect the processing of informational (1xx),
-    normal success (2xx), or redirect (3xx) responses.</p>
+      <p>For more information on access control directives, see
+      <code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code>.</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyIOBufferSize" id="ProxyIOBufferSize">ProxyIOBufferSize</a> <a name="proxyiobuffersize" id="proxyiobuffersize">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Determine size of internal data throughput buffer</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyIOBufferSize <var>bytes</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyIOBufferSize 8192</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-</table>
-    <p>The <code class="directive">ProxyIOBufferSize</code> directive adjusts the size
-    of the internal buffer, which is used as a scratchpad for the data between
-    input and output. The size must be at least <code>512</code>.</p>
+      <p>Strictly limiting access is essential if you are using a
+      forward proxy (using the <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> directive).
+      Otherwise, your server can be used by any client to access
+      arbitrary hosts while hiding his or her true identity.  This is
+      dangerous both for your network and for the Internet at large.
+      When using a reverse proxy (using the <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive with
+      <code>ProxyRequests Off</code>), access control is less
+      critical because clients can only contact the hosts that you
+      have specifically configured.</p>
 
-    <p>In almost every case there's no reason to change that value.</p>
+      <p><strong>See Also</strong> the <a href="mod_proxy_http.html#env">Proxy-Chain-Auth</a> environment variable.</p>
 
-    <p>If used with AJP this directive sets the maximum AJP packet size in
-    bytes. Values larger than 65536 are set to 65536. If you change it from
-    the default, you must also change the <code>packetSize</code> attribute of
-    your AJP connector on the Tomcat side! The attribute
-    <code>packetSize</code> is only available in Tomcat <code>5.5.20+</code>
-    and <code>6.0.2+</code></p>
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="startup" id="startup">Slow Startup</a></h2>
+      <p>If you're using the <code class="directive"><a href="#proxyblock">ProxyBlock</a></code> directive, hostnames' IP addresses are looked up
+      and cached during startup for later match test. This may take a few
+      seconds (or more) depending on the speed with which the hostname lookups
+      occur.</p>
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="intranet" id="intranet">Intranet Proxy</a></h2>
+      <p>An Apache httpd proxy server situated in an intranet needs to forward
+      external requests through the company's firewall (for this, configure
+      the <code class="directive"><a href="#proxyremote">ProxyRemote</a></code> directive
+      to forward the respective <var>scheme</var> to the firewall proxy).
+      However, when it has to
+      access resources within the intranet, it can bypass the firewall when
+      accessing hosts. The <code class="directive"><a href="#noproxy">NoProxy</a></code>
+      directive is useful for specifying which hosts belong to the intranet and
+      should be accessed directly.</p>
 
-    <p>Normally it is not necessary to change the maximum packet size.
-    Problems with the default value have been reported when sending
-    certificates or certificate chains.</p>
+      <p>Users within an intranet tend to omit the local domain name from their
+      WWW requests, thus requesting "http://somehost/" instead of
+      <code>http://somehost.example.com/</code>. Some commercial proxy servers
+      let them get away with this and simply serve the request, implying a
+      configured local domain. When the <code class="directive"><a href="#proxydomain">ProxyDomain</a></code> directive is used and the server is <a href="#proxyrequests">configured for proxy service</a>, Apache httpd can return
+      a redirect response and send the client to the correct, fully qualified,
+      server address. This is the preferred method since the user's bookmark
+      files will then contain fully qualified hosts.</p>
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="envsettings" id="envsettings">Protocol Adjustments</a></h2>
+      <p>For circumstances where <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> is sending
+      requests to an origin server that doesn't properly implement
+      keepalives or HTTP/1.1, there are two <a href="../env.html">environment variables</a> that can force the
+      request to use HTTP/1.0 with no keepalive. These are set via the
+      <code class="directive"><a href="../mod/mod_env.html#setenv">SetEnv</a></code> directive.</p>
+
+      <p>These are the <code>force-proxy-request-1.0</code> and
+      <code>proxy-nokeepalive</code> notes.</p>
+
+      <pre class="prettyprint lang-config">&lt;Location "/buggyappserver/"&gt;
+  ProxyPass "http://buggyappserver:7001/foo/"
+  SetEnv force-proxy-request-1.0 1
+  SetEnv proxy-nokeepalive 1
+&lt;/Location&gt;</pre>
 
 
-</div>
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="request-bodies" id="request-bodies">Request Bodies</a></h2>
+
+    <p>Some request methods such as POST include a request body.
+    The HTTP protocol requires that requests which include a body
+    either use chunked transfer encoding or send a
+    <code>Content-Length</code> request header.  When passing these
+    requests on to the origin server, <code class="module"><a href="../mod/mod_proxy_http.html">mod_proxy_http</a></code>
+    will always attempt to send the <code>Content-Length</code>.  But
+    if the body is large and the original request used chunked
+    encoding, then chunked encoding may also be used in the upstream
+    request.  You can control this selection using <a href="../env.html">environment variables</a>.  Setting
+    <code>proxy-sendcl</code> ensures maximum compatibility with
+    upstream servers by always sending the
+    <code>Content-Length</code>, while setting
+    <code>proxy-sendchunked</code> minimizes resource usage by using
+    chunked encoding.</p>
+
+    <p>Under some circumstances, the server must spool request bodies
+    to disk to satisfy the requested handling of request bodies.  For
+    example, this spooling will occur if the original body was sent with
+    chunked encoding (and is large), but the administrator has
+    asked for backend requests to be sent with Content-Length or as HTTP/1.0.
+    This spooling can also occur if the request body already has a
+    Content-Length header, but the server is configured to filter incoming
+    request bodies.</p>
+
+    <p><code class="directive"><a href="../mod/core.html#limitrequestbody">LimitRequestBody</a></code> only applies to
+    request bodies that the server will spool to disk</p>
+
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="x-headers" id="x-headers">Reverse Proxy Request Headers</a></h2>
+
+    <p>When acting in a reverse-proxy mode (using the <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive, for example),
+    <code class="module"><a href="../mod/mod_proxy_http.html">mod_proxy_http</a></code> adds several request headers in
+    order to pass information to the origin server. These headers
+    are:</p>
+
+    <dl>
+      <dt><code>X-Forwarded-For</code></dt>
+      <dd>The IP address of the client.</dd>
+      <dt><code>X-Forwarded-Host</code></dt>
+      <dd>The original host requested by the client in the <code>Host</code>
+       HTTP request header.</dd>
+      <dt><code>X-Forwarded-Server</code></dt>
+      <dd>The hostname of the proxy server.</dd>
+    </dl>
+
+    <p>Be careful when using these headers on the origin server, since
+    they will contain more than one (comma-separated) value if the
+    original request already contained one of these headers. For
+    example, you can use <code>%{X-Forwarded-For}i</code> in the log
+    format string of the origin server to log the original clients IP
+    address, but you may get more than one address if the request
+    passes through several proxies.</p>
+
+    <p>See also the <code class="directive"><a href="#proxypreservehost">ProxyPreserveHost</a></code> and <code class="directive"><a href="#proxyvia">ProxyVia</a></code> directives, which control
+    other request headers.</p>
+
+    <p>Note:  If you need to specify custom request headers to be
+    added to the forwarded request, use the 
+    <code class="directive"><a href="../mod/mod_headers.html#requestheader">RequestHeader</a></code>
+    directive.</p>
+
+   </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyMatch" id="ProxyMatch">&lt;ProxyMatch&gt;</a> <a name="proxymatch" id="proxymatch">Directive</a></h2>
+<div class="directive-section"><h2><a name="BalancerGrowth" id="BalancerGrowth">BalancerGrowth</a> <a name="balancergrowth" id="balancergrowth">Directive</a></h2>
 <table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Container for directives applied to regular-expression-matched
-proxied resources</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>&lt;ProxyMatch <var>regex</var>&gt; ...&lt;/ProxyMatch&gt;</code></td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Number of additional Balancers that can be added Post-configuration</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>BalancerGrowth <var>#</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>BalancerGrowth 5</code></td></tr>
 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>BalancerGrowth is only available in Apache HTTP Server 2.3.13
+  and later.</td></tr>
 </table>
-    <p>The <code class="directive">&lt;ProxyMatch&gt;</code> directive is
-    identical to the <code class="directive"><a href="#proxy">&lt;Proxy&gt;</a></code> directive, except it matches URLs
-    using <a class="glossarylink" href="../glossary.html#regex" title="see glossary">regular expressions</a>.</p>
-
-    <p>From 2.4.8 onwards, named groups and backreferences are captured and
-    written to the environment with the corresponding name prefixed with
-    "MATCH_" and in upper case. This allows elements of URLs to be referenced
-    from within <a href="../expr.html">expressions</a> and modules like
-    <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>. In order to prevent confusion, numbered
-    (unnamed) backreferences are ignored. Use named groups instead.</p>
-
-<pre class="prettyprint lang-config">&lt;ProxyMatch "^http://(?&lt;sitename&gt;[^/]+)"&gt;
-    Require ldap-group cn=%{env:MATCH_SITENAME},ou=combined,o=Example
-&lt;/ProxyMatch&gt;</pre>
-
+    <p>This directive allows for growth potential in the number of
+    Balancers available for a virtualhost in addition to the
+    number pre-configured. It only takes effect if there is at
+    least 1 pre-configured Balancer.</p>
 
-<h3>See also</h3>
-<ul>
-<li><code class="directive"><a href="#proxy">&lt;Proxy&gt;</a></code></li>
-</ul>
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyMaxForwards" id="ProxyMaxForwards">ProxyMaxForwards</a> <a name="proxymaxforwards" id="proxymaxforwards">Directive</a></h2>
+<div class="directive-section"><h2><a name="BalancerInherit" id="BalancerInherit">BalancerInherit</a> <a name="balancerinherit" id="balancerinherit">Directive</a></h2>
 <table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maximium number of proxies that a request can be forwarded
-through</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyMaxForwards <var>number</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyMaxForwards -1</code></td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Inherit ProxyPassed Balancers/Workers from the main server</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>BalancerInherit On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>BalancerInherit On</code></td></tr>
 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Default behaviour changed in 2.2.7</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>BalancerInherit is only available in Apache HTTP Server 2.4.5 and later.</td></tr>
 </table>
-    <p>The <code class="directive">ProxyMaxForwards</code> directive specifies the
-    maximum number of proxies through which a request may pass, if there's no
-    <code>Max-Forwards</code> header supplied with the request. This may
-    be set to prevent infinite proxy loops, or a DoS attack.</p>
-
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ProxyMaxForwards 15</pre>
-</div>
-
-    <p>Note that setting <code class="directive">ProxyMaxForwards</code> is a
-    violation of the HTTP/1.1 protocol (RFC2616), which forbids a Proxy
-    setting <code>Max-Forwards</code> if the Client didn't set it.
-    Earlier Apache httpd versions would always set it.  A negative
-    <code class="directive">ProxyMaxForwards</code> value, including the
-    default -1, gives you protocol-compliant behaviour, but may
-    leave you open to loops.</p>
-
+        <p>This directive will cause the current server/vhost to "inherit" ProxyPass
+            Balancers and Workers defined in the main server. This can cause issues and
+            inconsistent behavior if using the Balancer Manager and so should be disabled
+            if using that feature.</p>
+        <p>The setting in the global server defines the default for all vhosts.</p>
+    
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyPass" id="ProxyPass">ProxyPass</a> <a name="proxypass" id="proxypass">Directive</a></h2>
+<div class="directive-section"><h2><a name="BalancerMember" id="BalancerMember">BalancerMember</a> <a name="balancermember" id="balancermember">Directive</a></h2>
 <table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maps remote servers into the local server URL-space</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPass [<var>path</var>] !|<var>url</var> [<var>key=value</var>
-  <var>[key=value</var> ...]] [nocanon] [interpolate] [noquery]</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Add a member to a load balancing group</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>BalancerMember [<var>balancerurl</var>] <var>url</var> [<var>key=value [key=value ...]]</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Unix Domain Socket (UDS) support added in 2.4.7</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>BalancerMember is only available in Apache HTTP Server 2.2
+        and later.</td></tr>
 </table>
-    <p>This directive allows remote servers to be mapped into the
-    space of the local server; the local server does not act as a
-    proxy in the conventional sense, but appears to be a mirror of the
-    remote server. The local server is often called a <dfn>reverse
-    proxy</dfn> or <dfn>gateway</dfn>. The <var>path</var> is the name of
-    a local virtual path; <var>url</var> is a partial URL for the
-    remote server and cannot include a query string.</p>
-
-    <div class="note"><strong>Note: </strong>This directive cannot be used within a 
-    <code>&lt;Directory&gt;</code> context.</div>
-
-    <div class="warning">The <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> directive should
-    usually be set <strong>off</strong> when using
-    <code class="directive">ProxyPass</code>.</div>
-
-    <p>In 2.4.7 and later, support for using a Unix Domain Socket is available by using a target
-    which prepends <code>unix:/path/lis.sock|</code>. For example, to proxy
-    HTTP and target the UDS at /home/www/socket you would use
-    <code>unix:/home/www.socket|http://localhost/whatever/</code>.</p>
+        <p>This directive adds a member to a load balancing group. It could be used
+            within a <code>&lt;Proxy <var>balancer://</var>...&gt;</code> container
+            directive, and can take any of the key value pair parameters available to
+            <code class="directive"><a href="#proxypass">ProxyPass</a></code> directives.</p>
+        <p>One additional parameter is available only to <code class="directive">BalancerMember</code> directives:
+            <var>loadfactor</var>. This is the member load factor - a number between 1
+            (default) and 100, which defines the weighted load to be applied to the
+            member in question.</p>
+        <p>The <var>balancerurl</var> is only needed when not in
+            <code>&lt;Proxy <var>balancer://</var>...&gt;</code>
+            container directive. It corresponds to the url of a balancer defined in
+            <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive.</p>
+        <p>The path component of the balancer URL in any
+            <code>&lt;Proxy <var>balancer://</var>...&gt;</code> container directive
+            is ignored.</p>
+        <p>Trailing slashes should typically be removed from the URL of a
+            <code class="directive">BalancerMember</code>.</p>
+    
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="BalancerPersist" id="BalancerPersist">BalancerPersist</a> <a name="balancerpersist" id="balancerpersist">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Attempt to persist changes made by the Balancer Manager across restarts.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>BalancerPersist On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>BalancerPersist Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>BalancerPersist is only available in Apache HTTP Server 2.4.4 and later.</td></tr>
+</table>
+        <p>This directive will cause the shared memory storage associated
+        with the balancers and balancer members to be persisted across
+        restarts. This allows these local changes to not be lost during the
+        normal restart/graceful state transitions.</p>
+    
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="NoProxy" id="NoProxy">NoProxy</a> <a name="noproxy" id="noproxy">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Hosts, domains, or networks that will be connected to
+directly</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>NoProxy <var>host</var> [<var>host</var>] ...</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+</table>
+    <p>This directive is only useful for Apache httpd proxy servers within
+    intranets.  The <code class="directive">NoProxy</code> directive specifies a
+    list of subnets, IP addresses, hosts and/or domains, separated by
+    spaces. A request to a host which matches one or more of these is
+    always served directly, without forwarding to the configured
+    <code class="directive"><a href="#proxyremote">ProxyRemote</a></code> proxy server(s).</p>
 
-    <div class="note"><strong>Note:</strong> The path associated with the <code>unix:</code>
-    URL is <code class="directive">DefaultRuntimeDir</code> aware.</div>
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ProxyRemote  "*"  "http://firewall.example.com:81"
+NoProxy         ".example.com" "192.168.112.0/21"</pre>
+</div>
 
-    <p>Suppose the local server has address <code>http://example.com/</code>;
-    then</p>
+    <p>The <var>host</var> arguments to the <code class="directive">NoProxy</code>
+    directive are one of the following type list:</p>
 
-    <pre class="prettyprint lang-config">&lt;Location "/mirror/foo/"&gt;
-    ProxyPass "http://backend.example.com/"
-&lt;/Location&gt;</pre>
+    <dl>
+    
+    <dt><var><a name="domain" id="domain">Domain</a></var></dt>
+    <dd>
+    <p>A <dfn>Domain</dfn> is a partially qualified DNS domain name, preceded
+    by a period. It represents a list of hosts which logically belong to the
+    same DNS domain or zone (<em>i.e.</em>, the suffixes of the hostnames are
+    all ending in <var>Domain</var>).</p>
 
+    <div class="example"><h3>Examples</h3><p><code>
+      .com .example.org.
+    </code></p></div>
 
-    <p>will cause a local request for
-    <code>http://example.com/mirror/foo/bar</code> to be internally converted
-    into a proxy request to <code>http://backend.example.com/bar</code>.</p>
+    <p>To distinguish <var>Domain</var>s from <var><a href="#hostname">Hostname</a></var>s (both syntactically and semantically; a DNS domain can
+    have a DNS A record, too!), <var>Domain</var>s are always written with a
+    leading period.</p>
 
-    <p>The following alternative syntax is possible, however it can carry a
-    performance penalty when present in very large numbers. The advantage of
-    the below syntax is that it allows for dynamic control via the
-    <a href="mod_proxy_balancer.html#balancer_manager">Balancer Manager</a> interface:</p>
+    <div class="note"><h3>Note</h3>
+      <p>Domain name comparisons are done without regard to the case, and
+      <var>Domain</var>s are always assumed to be anchored in the root of the
+      DNS tree, therefore two domains <code>.ExAmple.com</code> and
+      <code>.example.com.</code> (note the trailing period) are considered
+      equal. Since a domain comparison does not involve a DNS lookup, it is much
+      more efficient than subnet comparison.</p>
+    </div></dd>
 
-    <pre class="prettyprint lang-config">ProxyPass "/mirror/foo/" "http://backend.example.com/"</pre>
+    
+    <dt><var><a name="subnet" id="subnet">SubNet</a></var></dt>
+    <dd>
+    <p>A <dfn>SubNet</dfn> is a partially qualified internet address in
+    numeric (dotted quad) form, optionally followed by a slash and the netmask,
+    specified as the number of significant bits in the <var>SubNet</var>. It is
+    used to represent a subnet of hosts which can be reached over a common
+    network interface. In the absence of the explicit net mask it is assumed
+    that omitted (or zero valued) trailing digits specify the mask. (In this
+    case, the netmask can only be multiples of 8 bits wide.) Examples:</p>
 
+    <dl>
+    <dt><code>192.168</code> or <code>192.168.0.0</code></dt>
+    <dd>the subnet 192.168.0.0 with an implied netmask of 16 valid bits
+    (sometimes used in the netmask form <code>255.255.0.0</code>)</dd>
+    <dt><code>192.168.112.0/21</code></dt>
+    <dd>the subnet <code>192.168.112.0/21</code> with a netmask of 21
+    valid bits (also used in the form <code>255.255.248.0</code>)</dd>
+    </dl>
 
-    <div class="warning">
-    <p>If the first argument ends with a trailing <strong>/</strong>, the second
-       argument should also end with a trailing <strong>/</strong> and vice
-       versa. Otherwise the resulting requests to the backend may miss some
-       needed slashes and do not deliver the expected results.
-    </p>
-    </div>
+    <p>As a degenerate case, a <em>SubNet</em> with 32 valid bits is the
+    equivalent to an <var><a href="#ipaddr">IPAddr</a></var>, while a <var>SubNet</var> with zero
+    valid bits (<em>e.g.</em>, 0.0.0.0/0) is the same as the constant
+    <var>_Default_</var>, matching any IP address.</p></dd>
 
-    <p>The <code>!</code> directive is useful in situations where you don't want
-    to reverse-proxy a subdirectory, <em>e.g.</em></p>
+    
+    <dt><var><a name="ipaddr" id="ipaddr">IPAddr</a></var></dt>
+    <dd>
+    <p>A <dfn>IPAddr</dfn> represents a fully qualified internet address in
+    numeric (dotted quad) form. Usually, this address represents a host, but
+    there need not necessarily be a DNS domain name connected with the
+    address.</p>
+    <div class="example"><h3>Example</h3><p><code>
+      192.168.123.7
+    </code></p></div>
 
-    <pre class="prettyprint lang-config">&lt;Location "/mirror/foo/"&gt;
-    ProxyPass "http://backend.example.com/"
-&lt;/Location&gt;
-&lt;Location "/mirror/foo/i"&gt;
-    ProxyPass "!"
-&lt;/Location&gt;</pre>
+    <div class="note"><h3>Note</h3>
+      <p>An <var>IPAddr</var> does not need to be resolved by the DNS system, so
+      it can result in more effective apache performance.</p>
+    </div></dd>
 
+    
+    <dt><var><a name="hostname" id="hostname">Hostname</a></var></dt>
+    <dd>
+    <p>A <dfn>Hostname</dfn> is a fully qualified DNS domain name which can
+    be resolved to one or more <var><a href="#ipaddr">IPAddrs</a></var> via the
+    DNS domain name service. It represents a logical host (in contrast to
+    <var><a href="#domain">Domain</a></var>s, see above) and must be resolvable
+    to at least one <var><a href="#ipaddr">IPAddr</a></var> (or often to a list
+    of hosts with different <var><a href="#ipaddr">IPAddr</a></var>s).</p>
 
-    <pre class="prettyprint lang-config">ProxyPass "/mirror/foo/i" "!"
-ProxyPass "/mirror/foo" "http://backend.example.com"</pre>
+    <div class="example"><h3>Examples</h3><p><code>
+      prep.ai.example.edu<br />
+      www.example.org
+    </code></p></div>
 
+    <div class="note"><h3>Note</h3>
+      <p>In many situations, it is more effective to specify an <var><a href="#ipaddr">IPAddr</a></var> in place of a <var>Hostname</var> since a
+      DNS lookup can be avoided. Name resolution in Apache httpd can take a remarkable
+      deal of time when the connection to the name server uses a slow PPP
+      link.</p>
+      <p><var>Hostname</var> comparisons are done without regard to the case,
+      and <var>Hostname</var>s are always assumed to be anchored in the root
+      of the DNS tree, therefore two hosts <code>WWW.ExAmple.com</code>
+      and <code>www.example.com.</code> (note the trailing period) are
+      considered equal.</p>
+     </div></dd>
+    </dl>
 
-    <p>will proxy all requests to <code>/mirror/foo</code> to
-    <code>backend.example.com</code> <em>except</em> requests made to
-    <code>/mirror/foo/i</code>.</p>
+<h3>See also</h3>
+<ul>
+<li><a href="../dns-caveats.html">DNS Issues</a></li>
+</ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="Proxy" id="Proxy">&lt;Proxy&gt;</a> <a name="proxy" id="proxy">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Container for directives applied to proxied resources</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>&lt;Proxy <var>wildcard-url</var>&gt; ...&lt;/Proxy&gt;</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+</table>
+    <p>Directives placed in <code class="directive">&lt;Proxy&gt;</code>
+    sections apply only to matching proxied content.  Shell-style wildcards are
+    allowed.</p>
 
-    <div class="warning"><h3>Ordering ProxyPass Directives</h3>
-      <p>The configured <code class="directive"><a href="#proxypass">ProxyPass</a></code>
-      and <code class="directive"><a href="#proxypassmatch">ProxyPassMatch</a></code>
-      rules are checked in the order of configuration. The first rule that
-      matches wins. So usually you should sort conflicting
-      <code class="directive"><a href="#proxypass">ProxyPass</a></code> rules starting with the
-      longest URLs first. Otherwise later rules for longer URLS will be hidden
-      by any earlier rule which uses a leading substring of the URL. Note that
-      there is some relation with worker sharing. In contrast, only one
-      <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive can be placed
-      in a <code class="directive"><a href="../mod/core.html#location">Location</a></code> block, and the most
-      specific location will take precedence.</p>
+    <p>For example, the following will allow only hosts in
+    <code>yournetwork.example.com</code> to access content via your proxy
+    server:</p>
 
-      <p>For the same reasons exclusions must come <em>before</em> the
-      general <code class="directive">ProxyPass</code> directives.</p>
+    <pre class="prettyprint lang-config">&lt;Proxy "*"&gt;
+  Require host yournetwork.example.com
+&lt;/Proxy&gt;</pre>
 
-    </div> 
 
-    <p>In Apache HTTP Server 2.1 and later, mod_proxy supports pooled
-    connections to a backend server.  Connections created on demand
-    can be retained in a pool for future use.  Limits on the pool size
-    and other settings can be coded on
-    the <code class="directive">ProxyPass</code> directive
-    using  <code>key=value</code> parameters, described in the table
-    below.</p>
+    <p>The following example will process all files in the <code>foo</code>
+    directory of <code>example.com</code> through the <code>INCLUDES</code>
+    filter when they are sent through the proxy server:</p>
 
-    <p>By default, mod_proxy will allow and retain the maximum number of
-    connections that could be used simultaneously by that web server child
-    process.  Use the <code>max</code> parameter to reduce the number from
-    the default.  Use the <code>ttl</code> parameter to set an optional
-    time to live; connections which have been unused for at least
-    <code>ttl</code> seconds will be closed.  <code>ttl</code> can be used
-    to avoid using a connection which is subject to closing because of the
-    backend server's keep-alive timeout.</p>
+   <pre class="prettyprint lang-config">&lt;Proxy "http://example.com/foo/*"&gt;
+  SetOutputFilter INCLUDES
+&lt;/Proxy&gt;</pre>
 
-    <p>The pool of connections is maintained per web server child
-    process, and <code>max</code> and other settings are not coordinated
-    among all child processes, except when only one child process is allowed
-    by configuration or MPM design.</p>
 
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ProxyPass "/example" "http://backend.example.com" max=20 ttl=120 retry=300</pre>
-</div>
-
-    <table class="bordered"><tr><th>BalancerMember parameters</th></tr></table>
-    <table>
-    <tr><th>Parameter</th>
-        <th>Default</th>
-        <th>Description</th></tr>
-    <tr><td>min</td>
-        <td>0</td>
-        <td>Minimum number of connection pool entries, unrelated to the
-    actual number of connections.  This only needs to be modified from the
-    default for special circumstances where heap memory associated with the
-    backend connections should be preallocated or retained.</td></tr>
-    <tr><td>max</td>
-        <td>1...n</td>
-        <td>Maximum number of connections that will be allowed to the
-    backend server. The default for this limit is the number of threads
-    per process in the active MPM. In the Prefork MPM, this is always 1,
-    while with other MPMs it is controlled by the
-    <code class="directive">ThreadsPerChild</code> directive.</td></tr>
-    <tr><td>smax</td>
-        <td>max</td>
-        <td>Retained connection pool entries above this limit are freed
-    during certain operations if they have been unused for longer than
-    the time to live, controlled by the <code>ttl</code> parameter.  If
-    the connection pool entry has an associated connection, it will be
-    closed.  This only needs to be modified from the default for special
-    circumstances where connection pool entries and any associated
-    connections which have exceeded the time to live need to be freed or
-    closed more aggressively.</td></tr>
-    <tr><td>acquire</td>
-        <td>-</td>
-        <td>If set this will be the maximum time to wait for a free
-    connection in the connection pool, in milliseconds. If there are no free
-    connections in the pool the Apache httpd will return <code>SERVER_BUSY</code>
-    status to the client.
-    </td></tr>
-    <tr><td>connectiontimeout</td>
-        <td>timeout</td>
-        <td>Connect timeout in seconds.
-        The number of seconds Apache httpd waits for the creation of a connection to
-        the backend to complete. By adding a postfix of ms the timeout can be
-        also set in milliseconds.
-    </td></tr>
-    <tr><td>disablereuse</td>
-        <td>Off</td>
-        <td>This parameter should be used when you want to force mod_proxy
-    to immediately close a connection to the backend after being used, and
-    thus, disable its persistent connection and pool for that backend.
-    This helps in various situations where a firewall between Apache
-    httpd and
-    the backend server (regardless of protocol) tends to silently
-    drop connections or when backends themselves may be under round-
-    robin DNS. To disable connection pooling reuse,
-    set this property value to <code>On</code>.
-    </td></tr>
-    <tr><td>enablereuse</td>
-        <td>On</td>
-        <td>This is the inverse of 'disablereuse' above, provided as a
-        convenience for scheme handlers that require opt-in for connection
-        reuse (such as <code class="module"><a href="../mod/mod_proxy_fcgi.html">mod_proxy_fcgi</a></code>).  2.4.11 and later only.
-    </td></tr>
-    <tr><td>flushpackets</td>
-        <td>off</td>
-        <td>Determines whether the proxy module will auto-flush the output
-        brigade after each "chunk" of data. 'off' means that it will flush
-        only when needed, 'on' means after each chunk is sent and
-        'auto' means poll/wait for a period of time and flush if
-        no input has been received for 'flushwait' milliseconds.
-        Currently this is in effect only for AJP.
-    </td></tr>
-    <tr><td>flushwait</td>
-        <td>10</td>
-        <td>The time to wait for additional input, in milliseconds, before
-        flushing the output brigade if 'flushpackets' is 'auto'.
-    </td></tr>
-    <tr><td>iobuffersize</td>
-        <td>8192</td>
-        <td>Adjusts the size of the internal scratchpad IO buffer. This allows you
-        to override the <code class="directive">ProxyIOBufferSize</code> for a specific worker.
-        This must be at least 512 or set to 0 for the system default of 8192.
-    </td></tr>
-    <tr><td>keepalive</td>
-        <td>Off</td>
-        <td><p>This parameter should be used when you have a firewall between your
-    Apache httpd and the backend server, who tend to drop inactive connections.
-    This flag will tell the Operating System to send <code>KEEP_ALIVE</code>
-    messages on inactive connections  and thus prevent the firewall to drop the connection.
-    To enable keepalive set this property value to <code>On</code>. </p>
-    <p>The frequency of initial and subsequent TCP keepalive probes
-    depends on global OS settings, and may be as high as 2 hours. To be useful,
-    the frequency configured in the OS must be smaller than the threshold used
-    by the firewall.</p>
-    </td></tr>
-    <tr><td>lbset</td>
-        <td>0</td>
-        <td>Sets the load balancer cluster set that the worker is a member
-         of. The load balancer will try all members of a lower numbered
-         lbset before trying higher numbered ones.
-    </td></tr>
-    <tr><td>ping</td>
-        <td>0</td>
-        <td>Ping property tells the webserver to "test" the connection to
-        the backend before forwarding the request. For AJP, it causes
-        <code class="module"><a href="../mod/mod_proxy_ajp.html">mod_proxy_ajp</a></code>to send a <code>CPING</code>
-        request on the ajp13 connection (implemented on Tomcat 3.3.2+, 4.1.28+
-        and 5.0.13+). For HTTP, it causes <code class="module"><a href="../mod/mod_proxy_http.html">mod_proxy_http</a></code>
-        to send a <code>100-Continue</code> to the backend (only valid for
-        HTTP/1.1 - for non HTTP/1.1 backends, this property has no
-        effect). In both cases the parameter is the delay in seconds to wait
-        for the reply.
-        This feature has been added to avoid problems with hung and
-        busy backends.
-        This will increase the network traffic during the normal operation
-        which could be an issue, but it will lower the
-        traffic in case some of the cluster nodes are down or busy.
-        By adding a postfix of ms the delay can be also set in
-        milliseconds.
-    </td></tr>
-    <tr><td>receivebuffersize</td>
-        <td>0</td>
-        <td>Adjusts the size of the explicit (TCP/IP) network buffer size for
-        proxied connections. This allows you to override the
-        <code class="directive">ProxyReceiveBufferSize</code> for a specific worker.
-        This must be at least 512 or set to 0 for the system default.
-    </td></tr>
-    <tr><td>redirect</td>
-        <td>-</td>
-        <td>Redirection Route of the worker. This value is usually
-        set dynamically to enable safe removal of the node from
-        the cluster. If set all requests without session id will be
-        redirected to the BalancerMember that has route parameter
-        equal as this value.
-    </td></tr>
-    <tr><td>retry</td>
-        <td>60</td>
-        <td>Connection pool worker retry timeout in seconds.
-    If the connection pool worker to the backend server is in the error state,
-    Apache httpd will not forward any requests to that server until the timeout
-    expires. This enables to shut down the backend server for maintenance,
-    and bring it back online later. A value of 0 means always retry workers
-    in an error state with no timeout.
-    </td></tr>
-    <tr><td>route</td>
-        <td>-</td>
-        <td>Route of the worker when used inside load balancer.
-        The route is a value appended to session id.
-    </td></tr>
-    <tr><td>status</td>
-        <td>-</td>
-        <td>Single letter value defining the initial status of
-        this worker.
-        <table>
-         <tr><td>D: Worker is disabled and will not accept any requests.</td></tr>
-         <tr><td>S: Worker is administratively stopped.</td></tr>
-         <tr><td>I: Worker is in ignore-errors mode, and will always be considered available.</td></tr>
-         <tr><td>H: Worker is in hot-standby mode and will only be used if no other
-                    viable workers are available.</td></tr>
-         <tr><td>E: Worker is in an error state.</td></tr>
-         <tr><td>N: Worker is in drain mode, and will only accept existing sticky sessions
-                    destined for itself and ignore all other requests.</td></tr>
-        </table>Status
-        can be set (which is the default) by prepending with '+' or
-        cleared by prepending with '-'.
-        Thus, a setting of 'S-E' sets this worker to Stopped and
-        clears the in-error flag.
-    </td></tr>
-    <tr><td>timeout</td>
-        <td><code class="directive"><a href="#proxytimeout">ProxyTimeout</a></code></td>
-        <td>Connection timeout in seconds.
-        The number of seconds Apache httpd waits for data sent by / to the backend.
-    </td></tr>
-    <tr><td>ttl</td>
-        <td>-</td>
-        <td>Time to live for inactive connections and associated connection
-        pool entries, in seconds.  Once reaching this limit, a
-        connection will not be used again; it will be closed at some
-        later time.
-    </td></tr>
-
-    </table>
-
-    <p>If the Proxy directive scheme starts with the
-    <code>balancer://</code> (eg: <code>balancer://cluster</code>,
-    any path information is ignored)  then a virtual worker that does not really
-    communicate with the backend server will be created. Instead it is responsible
-    for the management of several "real" workers. In that case the special set of
-    parameters can be add to this virtual worker. See <code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code>
-    for more information about how the balancer works.
-    </p>
-    <table class="bordered"><tr><th>Balancer parameters</th></tr></table>
-    <table>
-    <tr><th>Parameter</th>
-        <th>Default</th>
-        <th>Description</th></tr>
-    <tr><td>lbmethod</td>
-        <td>byrequests</td>
-        <td>Balancer load-balance method. Select the load-balancing scheduler
-        method to use. Either <code>byrequests</code>, to perform weighted
-        request counting, <code>bytraffic</code>, to perform weighted
-        traffic byte count balancing, or <code>bybusyness</code>, to perform
-        pending request balancing. Default is <code>byrequests</code>.
-    </td></tr>
-    <tr><td>maxattempts</td>
-        <td>One less than the number of workers, or 1 with a single worker.</td>
-        <td>Maximum number of failover attempts before giving up.
-    </td></tr>
-    <tr><td>nofailover</td>
-        <td>Off</td>
-        <td>If set to <code>On</code> the session will break if the worker is in
-        error state or disabled. Set this value to On if backend servers do not
-        support session replication.
-    </td></tr>
-    <tr><td>stickysession</td>
-        <td>-</td>
-        <td>Balancer sticky session name. The value is usually set to something
-        like <code>JSESSIONID</code> or <code>PHPSESSIONID</code>,
-        and it depends on the backend application server that support sessions.
-        If the backend application server uses different name for cookies
-        and url encoded id (like servlet containers) use | to to separate them.
-        The first part is for the cookie the second for the path.<br />
-        Available in Apache HTTP Server 2.4.4 and later.
-    </td></tr>
-    <tr><td>stickysessionsep</td>
-        <td>"."</td>
-        <td>Sets the separation symbol in the session cookie. Some backend application servers
-        do not use the '.' as the symbol. For example the Oracle Weblogic server uses 
-        '!'. The correct symbol can be set using this option. The setting of 'Off'
-        signifies that no symbol is used.
-    </td></tr>
-    <tr><td>scolonpathdelim</td>
-        <td>Off</td>
-        <td>If set to <code>On</code> the semi-colon character ';' will be
-        used as an additional sticky session path delimiter/separator. This
-        is mainly used to emulate mod_jk's behavior when dealing with paths such
-        as <code>JSESSIONID=6736bcf34;foo=aabfa</code>
-    </td></tr>
-    <tr><td>timeout</td>
-        <td>0</td>
-        <td>Balancer timeout in seconds. If set this will be the maximum time
-        to wait for a free worker. Default is not to wait.
-    </td></tr>
-    <tr><td>failonstatus</td>
-        <td>-</td>
-        <td>A single or comma-separated list of HTTP status codes. If set this will
-        force the worker into error state when the backend returns any status code
-        in the list. Worker recovery behaves the same as other worker errors.
-    </td></tr>
-    <tr><td>failontimeout</td>
-        <td>Off</td>
-        <td>If set, an IO read timeout after a request is sent to the backend will
-        force the worker into error state. Worker recovery behaves the same as other
-        worker errors.<br />
-        Available in Apache HTTP Server 2.4.5 and later.
-    </td></tr>
-    <tr><td>nonce</td>
-        <td>&lt;auto&gt;</td>
-        <td>The protective nonce used in the <code>balancer-manager</code> application page.
-        The default is to use an automatically determined UUID-based
-        nonce, to provide for further protection for the page. If set,
-        then the nonce is set to that value. A setting of <code>None</code>
-        disables all nonce checking.
-    <div class="note"><h3>Note</h3>
-      <p>In addition to the nonce, the <code>balancer-manager</code> page
-      should be protected via an ACL.</p>
-    </div>
-     </td></tr>
-    <tr><td>growth</td>
-        <td>0</td>
-        <td>Number of additional BalancerMembers to allow to be added
-        to this balancer in addition to those defined at configuration.
-    </td></tr>
-    <tr><td>forcerecovery</td>
-        <td>On</td>
-        <td>Force the immediate recovery of all workers without considering the
-        retry parameter of the workers if all workers of a balancer are
-        in error state. There might be cases where an already overloaded backend
-        can get into deeper trouble if the recovery of all workers is enforced
-        without considering the retry parameter of each worker. In this case
-        set to <code>Off</code>.<br />
-        Available in Apache HTTP Server 2.4.2 and later.
-    </td></tr>
-
-    </table>
-    <p>A sample balancer setup</p>
-    <pre class="prettyprint lang-config">ProxyPass "/special-area" "http://special.example.com" smax=5 max=10
-ProxyPass "/" "balancer://mycluster/" stickysession=JSESSIONID|jsessionid nofailover=On
-&lt;Proxy "balancer://mycluster"&gt;
-    BalancerMember "ajp://1.2.3.4:8009"
-    BalancerMember "ajp://1.2.3.5:8009" loadfactor=20
-    # Less powerful server, don't send as many requests there,
-    BalancerMember "ajp://1.2.3.6:8009" loadfactor=5
-&lt;/Proxy&gt;</pre>
-
-
-    <p>Setting up a hot-standby, that will only be used if no other
-     members are available</p>
-    <pre class="prettyprint lang-config">ProxyPass "/" "balancer://hotcluster/"
-&lt;Proxy "balancer://hotcluster"&gt;
-    BalancerMember "ajp://1.2.3.4:8009" loadfactor=1
-    BalancerMember "ajp://1.2.3.5:8009" loadfactor=2
-    # The server below is on hot standby
-    BalancerMember "ajp://1.2.3.6:8009" status=+H
-    ProxySet lbmethod=bytraffic
-&lt;/Proxy&gt;</pre>
-
-
-    <p>Normally, mod_proxy will canonicalise ProxyPassed URLs.
-    But this may be incompatible with some backends, particularly those
-    that make use of <var>PATH_INFO</var>.  The optional <var>nocanon</var>
-    keyword suppresses this, and passes the URL path "raw" to the
-    backend.  Note that may affect the security of your backend, as it
-    removes the normal limited protection against URL-based attacks
-    provided by the proxy.</p>
-
-    <p>Normally, mod_proxy will include the query string when
-    generating the <var>SCRIPT_FILENAME</var> environment variable.
-    The optional <var>noquery</var> keyword (available in
-    httpd 2.4.1 and later) prevents this.</p>
-
-    <p>When used inside a <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code> section, the first argument is omitted and the local
-    directory is obtained from the <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code>. The same will occur inside a
-    <code class="directive"><a href="../mod/core.html#locationmatch">&lt;LocationMatch&gt;</a></code> section,
-    however ProxyPass does not interpret the regexp as such, so it is necessary
-    to use <code class="directive">ProxyPassMatch</code> in this situation instead.</p>
-
-    <p>This directive is not supported in <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code> or <code class="directive"><a href="../mod/core.html#files">&lt;Files&gt;</a></code> sections.</p>
-
-    <p>If you require a more flexible reverse-proxy configuration, see the
-    <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> directive with the
-    <code>[P]</code> flag.</p>
-
-    <p>The optional <var>interpolate</var> keyword, in combination with
-    <code class="directive">ProxyPassInterpolateEnv</code> causes the ProxyPass
-    to interpolate environment variables, using the syntax
-    <var>${VARNAME}</var>.  Note that many of the standard CGI-derived
-    environment variables will not exist when this interpolation happens,
-    so you may still have to resort to <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>
-    for complex rules.  Also note that interpolation is not supported
-    within the scheme portion of a URL.  Dynamic determination of the
-    scheme can be accomplished with <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> as in the
-    following example.</p>
-
-    <pre class="prettyprint lang-config">RewriteEngine On
-
-RewriteCond "%{HTTPS}" =off
-RewriteRule "." "-" [E=protocol:http]
-RewriteCond "%{HTTPS}" =on
-RewriteRule "." "-" [E=protocol:https]
-
-RewriteRule "^/mirror/foo/(.*)" "%{ENV:protocol}://backend.example.com/$1" [P]
-ProxyPassReverse  "/mirror/foo/" "http://backend.example.com/"
-ProxyPassReverse  "/mirror/foo/" "https://backend.example.com/"</pre>
+    <div class="note"><h3>Differences from the Location configuration section</h3>
+      <p>A backend URL matches the configuration section if it begins with the 
+      the <var>wildcard-url</var> string, even if the last path segment in the
+      directive only matches a prefix of the backend URL.  For example, 
+      &lt;Proxy "http://example.com/foo"&gt; matches all of 
+      http://example.com/foo, http://example.com/foo/bar, and 
+      http://example.com/foobar.  The matching of the final URL differs
+      from the behavior of the <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code> section, which for purposes of this note 
+      treats the final path component as if it ended in a slash.</p>
+      <p>For more control over the matching, see <code class="directive">&lt;ProxyMatch&gt;</code>.</p>
+    </div>
 
 
+<h3>See also</h3>
+<ul>
+<li><code class="directive"><a href="#proxymatch">&lt;ProxyMatch&gt;</a></code></li>
+</ul>
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyPassInherit" id="ProxyPassInherit">ProxyPassInherit</a> <a name="proxypassinherit" id="proxypassinherit">Directive</a></h2>
+<div class="directive-section"><h2><a name="ProxyAddHeaders" id="ProxyAddHeaders">ProxyAddHeaders</a> <a name="proxyaddheaders" id="proxyaddheaders">Directive</a></h2>
 <table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Inherit ProxyPass directives defined from the main server</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPassInherit On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyPassInherit On</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Add proxy information in X-Forwarded-* headers</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyAddHeaders Off|On</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyAddHeaders On</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>ProxyPassInherit is only available in Apache HTTP Server 2.4.5 and later.
-        and later.</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.10 and later</td></tr>
 </table>
-        <p>This directive will cause the current server/vhost to "inherit"
-            <code class="directive"><a href="#proxypass">ProxyPass</a></code>
-            directives defined in the main server. This can cause issues and
-            inconsistent behavior if using the Balancer Manager for dynamic changes
-            and so should be disabled if using that feature.</p>
-        <p>The setting in the global server defines the default for all vhosts.</p>
-        <p>Disabling ProxyPassInherit also disables <code class="directive"><a href="#balancerinherit">BalancerInherit</a></code>.</p>
-    
+    <p>This directive determines whether or not proxy related information should be passed to the
+    backend server through X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server HTTP headers.</p>
+    <div class="note"><h3>Effectiveness</h3>
+     <p>This option is of use only for HTTP proxying, as handled by <code class="module"><a href="../mod/mod_proxy_http.html">mod_proxy_http</a></code>.</p>
+    </div>
+
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyPassInterpolateEnv" id="ProxyPassInterpolateEnv">ProxyPassInterpolateEnv</a> <a name="proxypassinterpolateenv" id="proxypassinterpolateenv">Directive</a></h2>
+<div class="directive-section"><h2><a name="ProxyBadHeader" id="ProxyBadHeader">ProxyBadHeader</a> <a name="proxybadheader" id="proxybadheader">Directive</a></h2>
 <table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable Environment Variable interpolation in Reverse Proxy configurations</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPassInterpolateEnv On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyPassInterpolateEnv Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Determines how to handle bad header lines in a
+response</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyBadHeader IsError|Ignore|StartBody</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyBadHeader IsError</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in httpd 2.2.9 and later</td></tr>
 </table>
-    <p>This directive, together with the <var>interpolate</var> argument to
-    <code class="directive">ProxyPass</code>, <code class="directive">ProxyPassReverse</code>,
-    <code class="directive">ProxyPassReverseCookieDomain</code> and
-    <code class="directive">ProxyPassReverseCookiePath</code>
-    enables reverse proxies to be dynamically
-    configured using environment variables, which may be set by
-    another module such as <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>.
-    It affects the <code class="directive">ProxyPass</code>,
-    <code class="directive">ProxyPassReverse</code>,
-    <code class="directive">ProxyPassReverseCookieDomain</code>, and
-    <code class="directive">ProxyPassReverseCookiePath</code> directives,
-    and causes them to substitute the value of an environment
-    variable <code>varname</code> for the string <code>${varname}</code>
-    in configuration directives (if the <var>interpolate</var> option is set).</p>
-    <p>Keep this turned off (for server performance) unless you need it!</p>
+    <p>The <code class="directive">ProxyBadHeader</code> directive determines the
+    behaviour of <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> if it receives syntactically invalid
+    response header lines (<em>i.e.</em> containing no colon) from the origin
+    server. The following arguments are possible:</p>
+
+    <dl>
+    <dt><code>IsError</code></dt>
+    <dd>Abort the request and end up with a 502 (Bad Gateway) response. This is
+    the default behaviour.</dd>
+
+    <dt><code>Ignore</code></dt>
+    <dd>Treat bad header lines as if they weren't sent.</dd>
+
+    <dt><code>StartBody</code></dt>
+    <dd>When receiving the first bad header line, finish reading the headers and
+    treat the remainder as body. This helps to work around buggy backend servers
+    which forget to insert an empty line between the headers and the body.</dd>
+    </dl>
 
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyPassMatch" id="ProxyPassMatch">ProxyPassMatch</a> <a name="proxypassmatch" id="proxypassmatch">Directive</a></h2>
+<div class="directive-section"><h2><a name="ProxyBlock" id="ProxyBlock">ProxyBlock</a> <a name="proxyblock" id="proxyblock">Directive</a></h2>
 <table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maps remote servers into the local server URL-space using regular expressions</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPassMatch [<var>regex</var>] !|<var>url</var> [<var>key=value</var>
-	<var>[key=value</var> ...]]</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Words, hosts, or domains that are banned from being
+proxied</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyBlock *|<var>word</var>|<var>host</var>|<var>domain</var>
+[<var>word</var>|<var>host</var>|<var>domain</var>] ...</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
 </table>
-    <p>This directive is equivalent to <code class="directive"><a href="#proxypass">ProxyPass</a></code>,
-       but makes use of regular expressions, instead of simple prefix matching. The
-       supplied regular expression is matched against the <var>url</var>, and if it
-       matches, the server will substitute any parenthesized matches into the given
-       string and use it as a new <var>url</var>.</p>
-
-    <div class="note"><strong>Note: </strong>This directive cannot be used within a 
-    <code>&lt;Directory&gt;</code> context.</div>
-    
-    <p>Suppose the local server has address <code>http://example.com/</code>;
-    then</p>
+    <p>The <code class="directive">ProxyBlock</code> directive specifies a list of
+    words, hosts and/or domains, separated by spaces.  HTTP, HTTPS, and
+    FTP document requests to sites whose names contain matched words,
+    hosts or domains are <em>blocked</em> by the proxy server. The proxy
+    module will also attempt to determine IP addresses of list items which
+    may be hostnames during startup, and cache them for match test as
+    well. That may slow down the startup time of the server.</p>
 
-    <pre class="prettyprint lang-config">ProxyPassMatch "^/(.*\.gif)$" "http://backend.example.com/$1"</pre>
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ProxyBlock "news.example.com" "auctions.example.com" "friends.example.com"</pre>
+</div>
 
+    <p>Note that <code>example</code> would also be sufficient to match any
+    of these sites.</p>
 
-    <p>will cause a local request for
-    <code>http://example.com/foo/bar.gif</code> to be internally converted
-    into a proxy request to <code>http://backend.example.com/foo/bar.gif</code>.</p>
-    <div class="note"><h3>Note</h3>
-      <p>The URL argument must be parsable as a URL <em>before</em> regexp
-      substitutions (as well as after).  This limits the matches you can use.
-      For instance, if we had used</p>
-      <pre class="prettyprint lang-config">ProxyPassMatch "^(/.*\.gif)$" "http://backend.example.com:8000$1"</pre>
+    <p>Hosts would also be matched if referenced by IP address.</p>
 
-      <p>in our previous example, it would fail with a syntax error
-      at server startup.  This is a bug (PR 46665 in the ASF bugzilla),
-      and the workaround is to reformulate the match:</p>
-      <pre class="prettyprint lang-config">ProxyPassMatch "^/(.*\.gif)$" "http://backend.example.com:8000/$1"</pre>
+    <p>Note also that</p>
 
-    </div>
-    <p>The <code>!</code> directive is useful in situations where you don't want
-    to reverse-proxy a subdirectory.</p>
+    <pre class="prettyprint lang-config">ProxyBlock "*"</pre>
 
-    <p>When used inside a <code class="directive"><a href="../mod/core.html#locationmatch">&lt;LocationMatch&gt;</a></code> section, the first argument is omitted and the
-    regexp is obtained from the <code class="directive"><a href="../mod/core.html#locationmatch">&lt;LocationMatch&gt;</a></code>.</p>
 
-    <p>If you require a more flexible reverse-proxy configuration, see the
-    <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> directive with the
-    <code>[P]</code> flag.</p>
+    <p>blocks connections to all sites.</p>
 
-    <div class="note">
-      <h3>Default Substitution</h3>
-      <p>When the URL parameter doesn't use any backreferences into the regular
-      expression, the original URL will be appended to the URL parameter.
-      </p>
-    </div>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxyDomain" id="ProxyDomain">ProxyDomain</a> <a name="proxydomain" id="proxydomain">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Default domain name for proxied requests</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyDomain <var>Domain</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+</table>
+    <p>This directive is only useful for Apache httpd proxy servers within
+    intranets. The <code class="directive">ProxyDomain</code> directive specifies
+    the default domain which the apache proxy server will belong to. If a
+    request to a host without a domain name is encountered, a redirection
+    response to the same host with the configured <var>Domain</var> appended
+    will be generated.</p>
 
-    <div class="warning">
-      <h3>Security Warning</h3>
-      <p>Take care when constructing the target URL of the rule, considering
-        the security impact from allowing the client influence over the set of
-        URLs to which your server will act as a proxy.  Ensure that the scheme
-        and hostname part of the URL is either fixed, or does not allow the
-        client undue influence.</p>
-    </div>
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">      ProxyRemote  "*"  "http://firewall.example.com:81"<br />
+      NoProxy         ".example.com" "192.168.112.0/21"<br />
+      ProxyDomain     ".example.com"</pre>
+</div>
 
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyPassReverse" id="ProxyPassReverse">ProxyPassReverse</a> <a name="proxypassreverse" id="proxypassreverse">Directive</a></h2>
+<div class="directive-section"><h2><a name="ProxyErrorOverride" id="ProxyErrorOverride">ProxyErrorOverride</a> <a name="proxyerroroverride" id="proxyerroroverride">Directive</a></h2>
 <table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Adjusts the URL in HTTP response headers sent from a reverse
-proxied server</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPassReverse [<var>path</var>] <var>url</var>
-[<var>interpolate</var>]</code></td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Override error pages for proxied content</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyErrorOverride On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyErrorOverride Off</code></td></tr>
 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
 </table>
-    <p>This directive lets Apache httpd adjust the URL in the <code>Location</code>,
-    <code>Content-Location</code> and <code>URI</code> headers on HTTP
-    redirect responses. This is essential when Apache httpd is used as a
-    reverse proxy (or gateway) to avoid by-passing the reverse proxy
-    because of HTTP redirects on the backend servers which stay behind
-    the reverse proxy.</p>
-
-    <p>Only the HTTP response headers specifically mentioned above
-    will be rewritten. Apache httpd will not rewrite other response
-    headers, nor will it by default rewrite URL references inside HTML pages.
-    This means that if the proxied content contains absolute URL
-    references, they will by-pass the proxy. To rewrite HTML content to
-    match the proxy, you must load and enable <code class="module"><a href="../mod/mod_proxy_html.html">mod_proxy_html</a></code>.
-    </p>
-
-    <p><var>path</var> is the name of a local virtual path. <var>url</var> is a
-    partial URL for the remote server - the same way they are used for the
-    <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive.</p>
-
-    <p>For example, suppose the local server has address
-    <code>http://example.com/</code>; then</p>
-
-    <pre class="prettyprint lang-config">ProxyPass         "/mirror/foo/" "http://backend.example.com/"
-ProxyPassReverse  "/mirror/foo/" "http://backend.example.com/"
-ProxyPassReverseCookieDomain  "backend.example.com"  "public.example.com"
-ProxyPassReverseCookiePath  "/"  "/mirror/foo/"</pre>
+    <p>This directive is useful for reverse-proxy setups, where you want to
+    have a common look and feel on the error pages seen by the end user.
+    This also allows for included files (via
+    <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>'s SSI) to get
+    the error code and act accordingly (default behavior would display
+    the error page of the proxied server, turning this on shows the SSI
+    Error message).</p>
 
+    <p>This directive does not affect the processing of informational (1xx),
+    normal success (2xx), or redirect (3xx) responses.</p>
 
-    <p>will not only cause a local request for the
-    <code>http://example.com/mirror/foo/bar</code> to be internally converted
-    into a proxy request to <code>http://backend.example.com/bar</code>
-    (the functionality <code>ProxyPass</code> provides here). It also takes care
-    of redirects the server <code>backend.example.com</code> sends: when
-    <code>http://backend.example.com/bar</code> is redirected by him to
-    <code>http://backend.example.com/quux</code> Apache httpd adjusts this to
-    <code>http://example.com/mirror/foo/quux</code> before forwarding the HTTP
-    redirect response to the client. Note that the hostname used for
-    constructing the URL is chosen in respect to the setting of the <code class="directive"><a href="../mod/core.html#usecanonicalname">UseCanonicalName</a></code> directive.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxyIOBufferSize" id="ProxyIOBufferSize">ProxyIOBufferSize</a> <a name="proxyiobuffersize" id="proxyiobuffersize">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Determine size of internal data throughput buffer</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyIOBufferSize <var>bytes</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyIOBufferSize 8192</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+</table>
+    <p>The <code class="directive">ProxyIOBufferSize</code> directive adjusts the size
+    of the internal buffer, which is used as a scratchpad for the data between
+    input and output. The size must be at least <code>512</code>.</p>
 
-    <p>Note that this <code class="directive">ProxyPassReverse</code> directive can
-    also be used in conjunction with the proxy pass-through feature
-    (<code>RewriteRule ...  [P]</code>) from <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>
-    because it doesn't depend on a corresponding <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive.</p>
+    <p>In almost every case there's no reason to change that value.</p>
 
-    <p>The optional <var>interpolate</var> keyword, used together with
-    <code class="directive">ProxyPassInterpolateEnv</code>, enables interpolation
-    of environment variables specified using the format <var>${VARNAME}</var>.
-    Note that interpolation is not supported within the scheme portion of a
-    URL.</p>
+    <p>If used with AJP this directive sets the maximum AJP packet size in
+    bytes. Values larger than 65536 are set to 65536. If you change it from
+    the default, you must also change the <code>packetSize</code> attribute of
+    your AJP connector on the Tomcat side! The attribute
+    <code>packetSize</code> is only available in Tomcat <code>5.5.20+</code>
+    and <code>6.0.2+</code></p>
 
-    <p>When used inside a <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code> section, the first argument is omitted and the local
-    directory is obtained from the <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code>. The same occurs inside a <code class="directive"><a href="../mod/core.html#locationmatch">&lt;LocationMatch&gt;</a></code> section, but will probably not work as
-    intended, as ProxyPassReverse will interpret the regexp literally as a
-    path; if needed in this situation, specify the ProxyPassReverse outside
-    the section, or in a separate <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code> section.</p>
+    <p>Normally it is not necessary to change the maximum packet size.
+    Problems with the default value have been reported when sending
+    certificates or certificate chains.</p>
 
-    <p>This directive is not supported in <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code> or <code class="directive"><a href="../mod/core.html#files">&lt;Files&gt;</a></code> sections.</p>
 
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyPassReverseCookieDomain" id="ProxyPassReverseCookieDomain">ProxyPassReverseCookieDomain</a> <a name="proxypassreversecookiedomain" id="proxypassreversecookiedomain">Directive</a></h2>
+<div class="directive-section"><h2><a name="ProxyMatch" id="ProxyMatch">&lt;ProxyMatch&gt;</a> <a name="proxymatch" id="proxymatch">Directive</a></h2>
 <table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Adjusts the Domain string in Set-Cookie headers from a reverse-
-proxied server</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPassReverseCookieDomain <var>internal-domain</var>
-<var>public-domain</var> [<var>interpolate</var>]</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Container for directives applied to regular-expression-matched
+proxied resources</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>&lt;ProxyMatch <var>regex</var>&gt; ...&lt;/ProxyMatch&gt;</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
 </table>
-<p>Usage is basically similar to
-<code class="directive"><a href="#proxypassreverse">ProxyPassReverse</a></code>, but instead of
-rewriting headers that are a URL, this rewrites the <code>domain</code>
-string in <code>Set-Cookie</code> headers.</p>
+    <p>The <code class="directive">&lt;ProxyMatch&gt;</code> directive is
+    identical to the <code class="directive"><a href="#proxy">&lt;Proxy&gt;</a></code> directive, except it matches URLs
+    using <a class="glossarylink" href="../glossary.html#regex" title="see glossary">regular expressions</a>.</p>
+
+    <p>From 2.4.8 onwards, named groups and backreferences are captured and
+    written to the environment with the corresponding name prefixed with
+    "MATCH_" and in upper case. This allows elements of URLs to be referenced
+    from within <a href="../expr.html">expressions</a> and modules like
+    <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>. In order to prevent confusion, numbered
+    (unnamed) backreferences are ignored. Use named groups instead.</p>
 
+<pre class="prettyprint lang-config">&lt;ProxyMatch "^http://(?&lt;sitename&gt;[^/]+)"&gt;
+    Require ldap-group cn=%{env:MATCH_SITENAME},ou=combined,o=Example
+&lt;/ProxyMatch&gt;</pre>
+
+
+<h3>See also</h3>
+<ul>
+<li><code class="directive"><a href="#proxy">&lt;Proxy&gt;</a></code></li>
+</ul>
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyPassReverseCookiePath" id="ProxyPassReverseCookiePath">ProxyPassReverseCookiePath</a> <a name="proxypassreversecookiepath" id="proxypassreversecookiepath">Directive</a></h2>
+<div class="directive-section"><h2><a name="ProxyMaxForwards" id="ProxyMaxForwards">ProxyMaxForwards</a> <a name="proxymaxforwards" id="proxymaxforwards">Directive</a></h2>
 <table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Adjusts the Path string in Set-Cookie headers from a reverse-
-proxied server</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPassReverseCookiePath <var>internal-path</var>
-<var>public-path</var> [<var>interpolate</var>]</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maximium number of proxies that a request can be forwarded
+through</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyMaxForwards <var>number</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyMaxForwards -1</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Default behaviour changed in 2.2.7</td></tr>
 </table>
-<p>
-Useful in conjunction with
-<code class="directive"><a href="#proxypassreverse">ProxyPassReverse</a></code>
-in situations where backend URL paths are mapped to public paths on the
-reverse proxy. This directive rewrites the <code>path</code> string in
-<code>Set-Cookie</code> headers. If the beginning of the cookie path matches
-<var>internal-path</var>, the cookie path will be replaced with
-<var>public-path</var>.
-</p><p>
-In the example given with 
-<code class="directive"><a href="#proxypassreverse">ProxyPassReverse</a></code>, the directive:
-</p>
-    <pre class="prettyprint lang-config">ProxyPassReverseCookiePath  "/"  "/mirror/foo/"</pre>
+    <p>The <code class="directive">ProxyMaxForwards</code> directive specifies the
+    maximum number of proxies through which a request may pass, if there's no
+    <code>Max-Forwards</code> header supplied with the request. This may
+    be set to prevent infinite proxy loops, or a DoS attack.</p>
 
-<p>
-will rewrite a cookie with backend path <code>/</code> (or
-<code>/example</code> or, in fact, anything) to <code>/mirror/foo/</code>.
-</p>
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ProxyMaxForwards 15</pre>
+</div>
+
+    <p>Note that setting <code class="directive">ProxyMaxForwards</code> is a
+    violation of the HTTP/1.1 protocol (RFC2616), which forbids a Proxy
+    setting <code>Max-Forwards</code> if the Client didn't set it.
+    Earlier Apache httpd versions would always set it.  A negative
+    <code class="directive">ProxyMaxForwards</code> value, including the
+    default -1, gives you protocol-compliant behaviour, but may
+    leave you open to loops.</p>
 
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyPreserveHost" id="ProxyPreserveHost">ProxyPreserveHost</a> <a name="proxypreservehost" id="proxypreservehost">Directive</a></h2>
+<div class="directive-section"><h2><a name="ProxyPass" id="ProxyPass">ProxyPass</a> <a name="proxypass" id="proxypass">Directive</a></h2>
 <table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use incoming Host HTTP request header for proxy
-request</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPreserveHost On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyPreserveHost Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maps remote servers into the local server URL-space</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPass [<var>path</var>] !|<var>url</var> [<var>key=value</var>
+  <var>[key=value</var> ...]] [nocanon] [interpolate] [noquery]</code></td></tr>
 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Usable in directory
-context in 2.3.3 and later.</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Unix Domain Socket (UDS) support added in 2.4.7</td></tr>
 </table>
-    <p>When enabled, this option will pass the Host: line from the incoming
-    request to the proxied host, instead of the hostname specified in the
-    <code class="directive">ProxyPass</code> line.</p>
+    <p>This directive allows remote servers to be mapped into the
+    space of the local server; the local server does not act as a
+    proxy in the conventional sense, but appears to be a mirror of the
+    remote server. The local server is often called a <dfn>reverse
+    proxy</dfn> or <dfn>gateway</dfn>. The <var>path</var> is the name of
+    a local virtual path; <var>url</var> is a partial URL for the
+    remote server and cannot include a query string.</p>
+
+    <div class="note"><strong>Note: </strong>This directive cannot be used within a 
+    <code>&lt;Directory&gt;</code> context.</div>
+
+    <div class="warning">The <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> directive should
+    usually be set <strong>off</strong> when using
+    <code class="directive">ProxyPass</code>.</div>
+
+    <p>In 2.4.7 and later, support for using a Unix Domain Socket is available by using a target
+    which prepends <code>unix:/path/lis.sock|</code>. For example, to proxy
+    HTTP and target the UDS at /home/www/socket you would use
+    <code>unix:/home/www.socket|http://localhost/whatever/</code>.</p>
+
+    <div class="note"><strong>Note:</strong> The path associated with the <code>unix:</code>
+    URL is <code class="directive">DefaultRuntimeDir</code> aware.</div>
+
+    <p>Suppose the local server has address <code>http://example.com/</code>;
+    then</p>
+
+    <pre class="prettyprint lang-config">&lt;Location "/mirror/foo/"&gt;
+    ProxyPass "http://backend.example.com/"
+&lt;/Location&gt;</pre>
+
+
+    <p>will cause a local request for
+    <code>http://example.com/mirror/foo/bar</code> to be internally converted
+    into a proxy request to <code>http://backend.example.com/bar</code>.</p>
+
+    <p>The following alternative syntax is possible, however it can carry a
+    performance penalty when present in very large numbers. The advantage of
+    the below syntax is that it allows for dynamic control via the
+    <a href="mod_proxy_balancer.html#balancer_manager">Balancer Manager</a> interface:</p>
+
+    <pre class="prettyprint lang-config">ProxyPass "/mirror/foo/" "http://backend.example.com/"</pre>
+
+
+    <div class="warning">
+    <p>If the first argument ends with a trailing <strong>/</strong>, the second
+       argument should also end with a trailing <strong>/</strong> and vice
+       versa. Otherwise the resulting requests to the backend may miss some
+       needed slashes and do not deliver the expected results.
+    </p>
+    </div>
+
+    <p>The <code>!</code> directive is useful in situations where you don't want
+    to reverse-proxy a subdirectory, <em>e.g.</em></p>
 
-    <p>This option should normally be turned <code>Off</code>. It is mostly
-    useful in special configurations like proxied mass name-based virtual
-    hosting, where the original Host header needs to be evaluated by the
-    backend server.</p>
+    <pre class="prettyprint lang-config">&lt;Location "/mirror/foo/"&gt;
+    ProxyPass "http://backend.example.com/"
+&lt;/Location&gt;
+&lt;Location "/mirror/foo/i"&gt;
+    ProxyPass "!"
+&lt;/Location&gt;</pre>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyReceiveBufferSize" id="ProxyReceiveBufferSize">ProxyReceiveBufferSize</a> <a name="proxyreceivebuffersize" id="proxyreceivebuffersize">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Network buffer size for proxied HTTP and FTP
-connections</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyReceiveBufferSize <var>bytes</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyReceiveBufferSize 0</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-</table>
-    <p>The <code class="directive">ProxyReceiveBufferSize</code> directive specifies an
-    explicit (TCP/IP) network buffer size for proxied HTTP and FTP connections,
-    for increased throughput. It has to be greater than <code>512</code> or set
-    to <code>0</code> to indicate that the system's default buffer size should
-    be used.</p>
 
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ProxyReceiveBufferSize 2048</pre>
-</div>
+    <pre class="prettyprint lang-config">ProxyPass "/mirror/foo/i" "!"
+ProxyPass "/mirror/foo" "http://backend.example.com"</pre>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyRemote" id="ProxyRemote">ProxyRemote</a> <a name="proxyremote" id="proxyremote">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Remote proxy used to handle certain requests</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyRemote <var>match</var> <var>remote-server</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-</table>
-    <p>This defines remote proxies to this proxy. <var>match</var> is either the
-    name of a URL-scheme that the remote server supports, or a partial URL
-    for which the remote server should be used, or <code>*</code> to indicate
-    the server should be contacted for all requests. <var>remote-server</var> is
-    a partial URL for the remote server. Syntax:</p>
 
-    <div class="example"><p><code>
-      <dfn>remote-server</dfn> =
-          <var>scheme</var>://<var>hostname</var>[:<var>port</var>]
-    </code></p></div>
+    <p>will proxy all requests to <code>/mirror/foo</code> to
+    <code>backend.example.com</code> <em>except</em> requests made to
+    <code>/mirror/foo/i</code>.</p>
 
-    <p><var>scheme</var> is effectively the protocol that should be used to
-    communicate with the remote server; only <code>http</code> and <code>https</code>
-    are supported by this module. When using <code>https</code>, the requests
-    are forwarded through the remote proxy using the HTTP CONNECT method.</p>
+    <div class="warning"><h3>Ordering ProxyPass Directives</h3>
+      <p>The configured <code class="directive"><a href="#proxypass">ProxyPass</a></code>
+      and <code class="directive"><a href="#proxypassmatch">ProxyPassMatch</a></code>
+      rules are checked in the order of configuration. The first rule that
+      matches wins. So usually you should sort conflicting
+      <code class="directive"><a href="#proxypass">ProxyPass</a></code> rules starting with the
+      longest URLs first. Otherwise later rules for longer URLS will be hidden
+      by any earlier rule which uses a leading substring of the URL. Note that
+      there is some relation with worker sharing. In contrast, only one
+      <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive can be placed
+      in a <code class="directive"><a href="../mod/core.html#location">Location</a></code> block, and the most
+      specific location will take precedence.</p>
 
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ProxyRemote "http://goodguys.example.com/" "http://mirrorguys.example.com:8000"
-ProxyRemote "*" "http://cleverproxy.localdomain"
-ProxyRemote "ftp" "http://ftpproxy.mydomain:8080"</pre>
-</div>
+      <p>For the same reasons exclusions must come <em>before</em> the
+      general <code class="directive">ProxyPass</code> directives.</p>
 
-    <p>In the last example, the proxy will forward FTP requests, encapsulated
-    as yet another HTTP proxy request, to another proxy which can handle
-    them.</p>
+    </div> 
 
-    <p>This option also supports reverse proxy configuration - a backend
-    webserver can be embedded within a virtualhost URL space even if that
-    server is hidden by another forward proxy.</p>
+    <p>In Apache HTTP Server 2.1 and later, mod_proxy supports pooled
+    connections to a backend server.  Connections created on demand
+    can be retained in a pool for future use.  Limits on the pool size
+    and other settings can be coded on
+    the <code class="directive">ProxyPass</code> directive
+    using  <code>key=value</code> parameters, described in the table
+    below.</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyRemoteMatch" id="ProxyRemoteMatch">ProxyRemoteMatch</a> <a name="proxyremotematch" id="proxyremotematch">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Remote proxy used to handle requests matched by regular
-expressions</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyRemoteMatch <var>regex</var> <var>remote-server</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-</table>
-    <p>The <code class="directive">ProxyRemoteMatch</code> is identical to the
-    <code class="directive"><a href="#proxyremote">ProxyRemote</a></code> directive, except the
-    first argument is a <a class="glossarylink" href="../glossary.html#regex" title="see glossary">regular expression</a>
-    match against the requested URL.</p>
+    <p>By default, mod_proxy will allow and retain the maximum number of
+    connections that could be used simultaneously by that web server child
+    process.  Use the <code>max</code> parameter to reduce the number from
+    the default.  Use the <code>ttl</code> parameter to set an optional
+    time to live; connections which have been unused for at least
+    <code>ttl</code> seconds will be closed.  <code>ttl</code> can be used
+    to avoid using a connection which is subject to closing because of the
+    backend server's keep-alive timeout.</p>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyRequests" id="ProxyRequests">ProxyRequests</a> <a name="proxyrequests" id="proxyrequests">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enables forward (standard) proxy requests</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyRequests On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyRequests Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-</table>
-    <p>This allows or prevents Apache httpd from functioning as a forward proxy
-    server. (Setting ProxyRequests to <code>Off</code> does not disable use of
-    the <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive.)</p>
+    <p>The pool of connections is maintained per web server child
+    process, and <code>max</code> and other settings are not coordinated
+    among all child processes, except when only one child process is allowed
+    by configuration or MPM design.</p>
 
-    <p>In a typical reverse proxy or gateway configuration, this
-    option should be set to
-    <code>Off</code>.</p>
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ProxyPass "/example" "http://backend.example.com" max=20 ttl=120 retry=300</pre>
+</div>
 
-    <p>In order to get the functionality of proxying HTTP or FTP sites, you
-    need also <code class="module"><a href="../mod/mod_proxy_http.html">mod_proxy_http</a></code> or <code class="module"><a href="../mod/mod_proxy_ftp.html">mod_proxy_ftp</a></code>
-    (or both) present in the server.</p>
+    <table class="bordered"><tr><th>BalancerMember parameters</th></tr></table>
+    <table>
+    <tr><th>Parameter</th>
+        <th>Default</th>
+        <th>Description</th></tr>
+    <tr><td>min</td>
+        <td>0</td>
+        <td>Minimum number of connection pool entries, unrelated to the
+    actual number of connections.  This only needs to be modified from the
+    default for special circumstances where heap memory associated with the
+    backend connections should be preallocated or retained.</td></tr>
+    <tr><td>max</td>
+        <td>1...n</td>
+        <td>Maximum number of connections that will be allowed to the
+    backend server. The default for this limit is the number of threads
+    per process in the active MPM. In the Prefork MPM, this is always 1,
+    while with other MPMs it is controlled by the
+    <code class="directive">ThreadsPerChild</code> directive.</td></tr>
+    <tr><td>smax</td>
+        <td>max</td>
+        <td>Retained connection pool entries above this limit are freed
+    during certain operations if they have been unused for longer than
+    the time to live, controlled by the <code>ttl</code> parameter.  If
+    the connection pool entry has an associated connection, it will be
+    closed.  This only needs to be modified from the default for special
+    circumstances where connection pool entries and any associated
+    connections which have exceeded the time to live need to be freed or
+    closed more aggressively.</td></tr>
+    <tr><td>acquire</td>
+        <td>-</td>
+        <td>If set this will be the maximum time to wait for a free
+    connection in the connection pool, in milliseconds. If there are no free
+    connections in the pool the Apache httpd will return <code>SERVER_BUSY</code>
+    status to the client.
+    </td></tr>
+    <tr><td>connectiontimeout</td>
+        <td>timeout</td>
+        <td>Connect timeout in seconds.
+        The number of seconds Apache httpd waits for the creation of a connection to
+        the backend to complete. By adding a postfix of ms the timeout can be
+        also set in milliseconds.
+    </td></tr>
+    <tr><td>disablereuse</td>
+        <td>Off</td>
+        <td>This parameter should be used when you want to force mod_proxy
+    to immediately close a connection to the backend after being used, and
+    thus, disable its persistent connection and pool for that backend.
+    This helps in various situations where a firewall between Apache
+    httpd and
+    the backend server (regardless of protocol) tends to silently
+    drop connections or when backends themselves may be under round-
+    robin DNS. To disable connection pooling reuse,
+    set this property value to <code>On</code>.
+    </td></tr>
+    <tr><td>enablereuse</td>
+        <td>On</td>
+        <td>This is the inverse of 'disablereuse' above, provided as a
+        convenience for scheme handlers that require opt-in for connection
+        reuse (such as <code class="module"><a href="../mod/mod_proxy_fcgi.html">mod_proxy_fcgi</a></code>).  2.4.11 and later only.
+    </td></tr>
+    <tr><td>flushpackets</td>
+        <td>off</td>
+        <td>Determines whether the proxy module will auto-flush the output
+        brigade after each "chunk" of data. 'off' means that it will flush
+        only when needed, 'on' means after each chunk is sent and
+        'auto' means poll/wait for a period of time and flush if
+        no input has been received for 'flushwait' milliseconds.
+        Currently this is in effect only for AJP.
+    </td></tr>
+    <tr><td>flushwait</td>
+        <td>10</td>
+        <td>The time to wait for additional input, in milliseconds, before
+        flushing the output brigade if 'flushpackets' is 'auto'.
+    </td></tr>
+    <tr><td>iobuffersize</td>
+        <td>8192</td>
+        <td>Adjusts the size of the internal scratchpad IO buffer. This allows you
+        to override the <code class="directive">ProxyIOBufferSize</code> for a specific worker.
+        This must be at least 512 or set to 0 for the system default of 8192.
+    </td></tr>
+    <tr><td>keepalive</td>
+        <td>Off</td>
+        <td><p>This parameter should be used when you have a firewall between your
+    Apache httpd and the backend server, who tend to drop inactive connections.
+    This flag will tell the Operating System to send <code>KEEP_ALIVE</code>
+    messages on inactive connections  and thus prevent the firewall to drop the connection.
+    To enable keepalive set this property value to <code>On</code>. </p>
+    <p>The frequency of initial and subsequent TCP keepalive probes
+    depends on global OS settings, and may be as high as 2 hours. To be useful,
+    the frequency configured in the OS must be smaller than the threshold used
+    by the firewall.</p>
+    </td></tr>
+    <tr><td>lbset</td>
+        <td>0</td>
+        <td>Sets the load balancer cluster set that the worker is a member
+         of. The load balancer will try all members of a lower numbered
+         lbset before trying higher numbered ones.
+    </td></tr>
+    <tr><td>ping</td>
+        <td>0</td>
+        <td>Ping property tells the webserver to "test" the connection to
+        the backend before forwarding the request. For AJP, it causes
+        <code class="module"><a href="../mod/mod_proxy_ajp.html">mod_proxy_ajp</a></code>to send a <code>CPING</code>
+        request on the ajp13 connection (implemented on Tomcat 3.3.2+, 4.1.28+
+        and 5.0.13+). For HTTP, it causes <code class="module"><a href="../mod/mod_proxy_http.html">mod_proxy_http</a></code>
+        to send a <code>100-Continue</code> to the backend (only valid for
+        HTTP/1.1 - for non HTTP/1.1 backends, this property has no
+        effect). In both cases the parameter is the delay in seconds to wait
+        for the reply.
+        This feature has been added to avoid problems with hung and
+        busy backends.
+        This will increase the network traffic during the normal operation
+        which could be an issue, but it will lower the
+        traffic in case some of the cluster nodes are down or busy.
+        By adding a postfix of ms the delay can be also set in
+        milliseconds.
+    </td></tr>
+    <tr><td>receivebuffersize</td>
+        <td>0</td>
+        <td>Adjusts the size of the explicit (TCP/IP) network buffer size for
+        proxied connections. This allows you to override the
+        <code class="directive">ProxyReceiveBufferSize</code> for a specific worker.
+        This must be at least 512 or set to 0 for the system default.
+    </td></tr>
+    <tr><td>redirect</td>
+        <td>-</td>
+        <td>Redirection Route of the worker. This value is usually
+        set dynamically to enable safe removal of the node from
+        the cluster. If set all requests without session id will be
+        redirected to the BalancerMember that has route parameter
+        equal as this value.
+    </td></tr>
+    <tr><td>retry</td>
+        <td>60</td>
+        <td>Connection pool worker retry timeout in seconds.
+    If the connection pool worker to the backend server is in the error state,
+    Apache httpd will not forward any requests to that server until the timeout
+    expires. This enables to shut down the backend server for maintenance,
+    and bring it back online later. A value of 0 means always retry workers
+    in an error state with no timeout.
+    </td></tr>
+    <tr><td>route</td>
+        <td>-</td>
+        <td>Route of the worker when used inside load balancer.
+        The route is a value appended to session id.
+    </td></tr>
+    <tr><td>status</td>
+        <td>-</td>
+        <td>Single letter value defining the initial status of
+        this worker.
+        <table>
+         <tr><td>D: Worker is disabled and will not accept any requests.</td></tr>
+         <tr><td>S: Worker is administratively stopped.</td></tr>
+         <tr><td>I: Worker is in ignore-errors mode, and will always be considered available.</td></tr>
+         <tr><td>H: Worker is in hot-standby mode and will only be used if no other
+                    viable workers are available.</td></tr>
+         <tr><td>E: Worker is in an error state.</td></tr>
+         <tr><td>N: Worker is in drain mode, and will only accept existing sticky sessions
+                    destined for itself and ignore all other requests.</td></tr>
+        </table>Status
+        can be set (which is the default) by prepending with '+' or
+        cleared by prepending with '-'.
+        Thus, a setting of 'S-E' sets this worker to Stopped and
+        clears the in-error flag.
+    </td></tr>
+    <tr><td>timeout</td>
+        <td><code class="directive"><a href="#proxytimeout">ProxyTimeout</a></code></td>
+        <td>Connection timeout in seconds.
+        The number of seconds Apache httpd waits for data sent by / to the backend.
+    </td></tr>
+    <tr><td>ttl</td>
+        <td>-</td>
+        <td>Time to live for inactive connections and associated connection
+        pool entries, in seconds.  Once reaching this limit, a
+        connection will not be used again; it will be closed at some
+        later time.
+    </td></tr>
 
-    <p>In order to get the functionality of (forward) proxying HTTPS sites, you
-    need <code class="module"><a href="../mod/mod_proxy_connect.html">mod_proxy_connect</a></code> enabled in the server.</p>
+    </table>
 
-    <div class="warning"><h3>Warning</h3>
-      <p>Do not enable proxying with <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> until you have <a href="#access">secured your server</a>.  Open proxy servers are dangerous
-      both to your network and to the Internet at large.</p>
+    <p>If the Proxy directive scheme starts with the
+    <code>balancer://</code> (eg: <code>balancer://cluster</code>,
+    any path information is ignored)  then a virtual worker that does not really
+    communicate with the backend server will be created. Instead it is responsible
+    for the management of several "real" workers. In that case the special set of
+    parameters can be add to this virtual worker. See <code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code>
+    for more information about how the balancer works.
+    </p>
+    <table class="bordered"><tr><th>Balancer parameters</th></tr></table>
+    <table>
+    <tr><th>Parameter</th>
+        <th>Default</th>
+        <th>Description</th></tr>
+    <tr><td>lbmethod</td>
+        <td>byrequests</td>
+        <td>Balancer load-balance method. Select the load-balancing scheduler
+        method to use. Either <code>byrequests</code>, to perform weighted
+        request counting, <code>bytraffic</code>, to perform weighted
+        traffic byte count balancing, or <code>bybusyness</code>, to perform
+        pending request balancing. Default is <code>byrequests</code>.
+    </td></tr>
+    <tr><td>maxattempts</td>
+        <td>One less than the number of workers, or 1 with a single worker.</td>
+        <td>Maximum number of failover attempts before giving up.
+    </td></tr>
+    <tr><td>nofailover</td>
+        <td>Off</td>
+        <td>If set to <code>On</code> the session will break if the worker is in
+        error state or disabled. Set this value to On if backend servers do not
+        support session replication.
+    </td></tr>
+    <tr><td>stickysession</td>
+        <td>-</td>
+        <td>Balancer sticky session name. The value is usually set to something
+        like <code>JSESSIONID</code> or <code>PHPSESSIONID</code>,
+        and it depends on the backend application server that support sessions.
+        If the backend application server uses different name for cookies
+        and url encoded id (like servlet containers) use | to to separate them.
+        The first part is for the cookie the second for the path.<br />
+        Available in Apache HTTP Server 2.4.4 and later.
+    </td></tr>
+    <tr><td>stickysessionsep</td>
+        <td>"."</td>
+        <td>Sets the separation symbol in the session cookie. Some backend application servers
+        do not use the '.' as the symbol. For example the Oracle Weblogic server uses 
+        '!'. The correct symbol can be set using this option. The setting of 'Off'
+        signifies that no symbol is used.
+    </td></tr>
+    <tr><td>scolonpathdelim</td>
+        <td>Off</td>
+        <td>If set to <code>On</code> the semi-colon character ';' will be
+        used as an additional sticky session path delimiter/separator. This
+        is mainly used to emulate mod_jk's behavior when dealing with paths such
+        as <code>JSESSIONID=6736bcf34;foo=aabfa</code>
+    </td></tr>
+    <tr><td>timeout</td>
+        <td>0</td>
+        <td>Balancer timeout in seconds. If set this will be the maximum time
+        to wait for a free worker. Default is not to wait.
+    </td></tr>
+    <tr><td>failonstatus</td>
+        <td>-</td>
+        <td>A single or comma-separated list of HTTP status codes. If set this will
+        force the worker into error state when the backend returns any status code
+        in the list. Worker recovery behaves the same as other worker errors.
+    </td></tr>
+    <tr><td>failontimeout</td>
+        <td>Off</td>
+        <td>If set, an IO read timeout after a request is sent to the backend will
+        force the worker into error state. Worker recovery behaves the same as other
+        worker errors.<br />
+        Available in Apache HTTP Server 2.4.5 and later.
+    </td></tr>
+    <tr><td>nonce</td>
+        <td>&lt;auto&gt;</td>
+        <td>The protective nonce used in the <code>balancer-manager</code> application page.
+        The default is to use an automatically determined UUID-based
+        nonce, to provide for further protection for the page. If set,
+        then the nonce is set to that value. A setting of <code>None</code>
+        disables all nonce checking.
+    <div class="note"><h3>Note</h3>
+      <p>In addition to the nonce, the <code>balancer-manager</code> page
+      should be protected via an ACL.</p>
     </div>
+     </td></tr>
+    <tr><td>growth</td>
+        <td>0</td>
+        <td>Number of additional BalancerMembers to allow to be added
+        to this balancer in addition to those defined at configuration.
+    </td></tr>
+    <tr><td>forcerecovery</td>
+        <td>On</td>
+        <td>Force the immediate recovery of all workers without considering the
+        retry parameter of the workers if all workers of a balancer are
+        in error state. There might be cases where an already overloaded backend
+        can get into deeper trouble if the recovery of all workers is enforced
+        without considering the retry parameter of each worker. In this case
+        set to <code>Off</code>.<br />
+        Available in Apache HTTP Server 2.4.2 and later.
+    </td></tr>
 
-<h3>See also</h3>
-<ul>
-<li><a href="#forwardreverse">Forward and Reverse Proxies/Gateways</a></li>
-</ul>
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxySet" id="ProxySet">ProxySet</a> <a name="proxyset" id="proxyset">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Set various Proxy balancer or member parameters</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxySet <var>url</var> <var>key=value [key=value ...]</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>ProxySet is only available in Apache HTTP Server 2.2
-  and later.</td></tr>
-</table>
-    <p>This directive is used as an alternate method of setting any of the
-    parameters available to Proxy balancers and workers normally done via the
-    <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive. If used
-    within a <code>&lt;Proxy <var>balancer url|worker url</var>&gt;</code>
-    container directive, the <var>url</var> argument is not required. As a side
-    effect the respective balancer or worker gets created. This can be useful
-    when doing reverse proxying via a
-    <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> instead of a
-    <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive.</p>
+    </table>
+    <p>A sample balancer setup</p>
+    <pre class="prettyprint lang-config">ProxyPass "/special-area" "http://special.example.com" smax=5 max=10
+ProxyPass "/" "balancer://mycluster/" stickysession=JSESSIONID|jsessionid nofailover=On
+&lt;Proxy "balancer://mycluster"&gt;
+    BalancerMember "ajp://1.2.3.4:8009"
+    BalancerMember "ajp://1.2.3.5:8009" loadfactor=20
+    # Less powerful server, don't send as many requests there,
+    BalancerMember "ajp://1.2.3.6:8009" loadfactor=5
+&lt;/Proxy&gt;</pre>
 
-    <div class="example"><pre class="prettyprint lang-config">&lt;Proxy "balancer://hotcluster"&gt;
-    BalancerMember "http://www2.example.com:8080" loadfactor=1
-    BalancerMember "http://www3.example.com:8080" loadfactor=2
+
+    <p>Setting up a hot-standby, that will only be used if no other
+     members are available</p>
+    <pre class="prettyprint lang-config">ProxyPass "/" "balancer://hotcluster/"
+&lt;Proxy "balancer://hotcluster"&gt;
+    BalancerMember "ajp://1.2.3.4:8009" loadfactor=1
+    BalancerMember "ajp://1.2.3.5:8009" loadfactor=2
+    # The server below is on hot standby
+    BalancerMember "ajp://1.2.3.6:8009" status=+H
     ProxySet lbmethod=bytraffic
 &lt;/Proxy&gt;</pre>
-</div>
 
-    <pre class="prettyprint lang-config">&lt;Proxy "http://backend"&gt;
-    ProxySet keepalive=On
-&lt;/Proxy&gt;</pre>
 
+    <p>Normally, mod_proxy will canonicalise ProxyPassed URLs.
+    But this may be incompatible with some backends, particularly those
+    that make use of <var>PATH_INFO</var>.  The optional <var>nocanon</var>
+    keyword suppresses this, and passes the URL path "raw" to the
+    backend.  Note that may affect the security of your backend, as it
+    removes the normal limited protection against URL-based attacks
+    provided by the proxy.</p>
 
-    <pre class="prettyprint lang-config">ProxySet "balancer://foo" lbmethod=bytraffic timeout=15</pre>
+    <p>Normally, mod_proxy will include the query string when
+    generating the <var>SCRIPT_FILENAME</var> environment variable.
+    The optional <var>noquery</var> keyword (available in
+    httpd 2.4.1 and later) prevents this.</p>
 
+    <p>When used inside a <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code> section, the first argument is omitted and the local
+    directory is obtained from the <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code>. The same will occur inside a
+    <code class="directive"><a href="../mod/core.html#locationmatch">&lt;LocationMatch&gt;</a></code> section,
+    however ProxyPass does not interpret the regexp as such, so it is necessary
+    to use <code class="directive">ProxyPassMatch</code> in this situation instead.</p>
 
-    <pre class="prettyprint lang-config">ProxySet "ajp://backend:7001" timeout=15</pre>
+    <p>This directive is not supported in <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code> or <code class="directive"><a href="../mod/core.html#files">&lt;Files&gt;</a></code> sections.</p>
 
+    <p>If you require a more flexible reverse-proxy configuration, see the
+    <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> directive with the
+    <code>[P]</code> flag.</p>
 
-   <div class="warning"><h3>Warning</h3>
-      <p>Keep in mind that the same parameter key can have a different meaning
-      depending whether it is applied to a balancer or a worker as shown by the two
-      examples above regarding timeout.</p>
-   </div>
+    <p>The optional <var>interpolate</var> keyword, in combination with
+    <code class="directive">ProxyPassInterpolateEnv</code> causes the ProxyPass
+    to interpolate environment variables, using the syntax
+    <var>${VARNAME}</var>.  Note that many of the standard CGI-derived
+    environment variables will not exist when this interpolation happens,
+    so you may still have to resort to <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>
+    for complex rules.  Also note that interpolation is not supported
+    within the scheme portion of a URL.  Dynamic determination of the
+    scheme can be accomplished with <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> as in the
+    following example.</p>
+
+    <pre class="prettyprint lang-config">RewriteEngine On
+
+RewriteCond "%{HTTPS}" =off
+RewriteRule "." "-" [E=protocol:http]
+RewriteCond "%{HTTPS}" =on
+RewriteRule "." "-" [E=protocol:https]
 
+RewriteRule "^/mirror/foo/(.*)" "%{ENV:protocol}://backend.example.com/$1" [P]
+ProxyPassReverse  "/mirror/foo/" "http://backend.example.com/"
+ProxyPassReverse  "/mirror/foo/" "https://backend.example.com/"</pre>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxySourceAddress" id="ProxySourceAddress">ProxySourceAddress</a> <a name="proxysourceaddress" id="proxysourceaddress">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Set local IP address for outgoing proxy connections</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxySourceAddress <var>address</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.9 and later</td></tr>
-</table>
-    <p>This directive allows to set a specific local address to bind to when connecting
-    to a backend server.</p>
 
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyStatus" id="ProxyStatus">ProxyStatus</a> <a name="proxystatus" id="proxystatus">Directive</a></h2>
+<div class="directive-section"><h2><a name="ProxyPassInherit" id="ProxyPassInherit">ProxyPassInherit</a> <a name="proxypassinherit" id="proxypassinherit">Directive</a></h2>
 <table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Show Proxy LoadBalancer status in mod_status</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyStatus Off|On|Full</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyStatus Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Inherit ProxyPass directives defined from the main server</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPassInherit On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyPassInherit On</code></td></tr>
 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.2 and later</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>ProxyPassInherit is only available in Apache HTTP Server 2.4.5 and later.
+        and later.</td></tr>
 </table>
-    <p>This directive determines whether or not proxy
-    loadbalancer status data is displayed via the <code class="module"><a href="../mod/mod_status.html">mod_status</a></code>
-    server-status page.</p>
-    <div class="note"><h3>Note</h3>
-      <p><strong>Full</strong> is synonymous with <strong>On</strong></p>
-    </div>
-
-
+        <p>This directive will cause the current server/vhost to "inherit"
+            <code class="directive"><a href="#proxypass">ProxyPass</a></code>
+            directives defined in the main server. This can cause issues and
+            inconsistent behavior if using the Balancer Manager for dynamic changes
+            and so should be disabled if using that feature.</p>
+        <p>The setting in the global server defines the default for all vhosts.</p>
+        <p>Disabling ProxyPassInherit also disables <code class="directive"><a href="#balancerinherit">BalancerInherit</a></code>.</p>
+    
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyTimeout" id="ProxyTimeout">ProxyTimeout</a> <a name="proxytimeout" id="proxytimeout">Directive</a></h2>
+<div class="directive-section"><h2><a name="ProxyPassInterpolateEnv" id="ProxyPassInterpolateEnv">ProxyPassInterpolateEnv</a> <a name="proxypassinterpolateenv" id="proxypassinterpolateenv">Directive</a></h2>
 <table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Network timeout for proxied requests</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyTimeout <var>seconds</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>Value of <code class="directive"><a href="../mod/core.html#timeout">Timeout</a></code></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable Environment Variable interpolation in Reverse Proxy configurations</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPassInterpolateEnv On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyPassInterpolateEnv Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in httpd 2.2.9 and later</td></tr>
 </table>
-    <p>This directive allows a user to specifiy a timeout on proxy requests.
-    This is useful when you have a slow/buggy appserver which hangs, and you
-    would rather just return a timeout and fail gracefully instead of waiting
-    however long it takes the server to return.</p>
+    <p>This directive, together with the <var>interpolate</var> argument to
+    <code class="directive">ProxyPass</code>, <code class="directive">ProxyPassReverse</code>,
+    <code class="directive">ProxyPassReverseCookieDomain</code> and
+    <code class="directive">ProxyPassReverseCookiePath</code>
+    enables reverse proxies to be dynamically
+    configured using environment variables, which may be set by
+    another module such as <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>.
+    It affects the <code class="directive">ProxyPass</code>,
+    <code class="directive">ProxyPassReverse</code>,
+    <code class="directive">ProxyPassReverseCookieDomain</code>, and
+    <code class="directive">ProxyPassReverseCookiePath</code> directives,
+    and causes them to substitute the value of an environment
+    variable <code>varname</code> for the string <code>${varname}</code>
+    in configuration directives (if the <var>interpolate</var> option is set).</p>
+    <p>Keep this turned off (for server performance) unless you need it!</p>
 
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyVia" id="ProxyVia">ProxyVia</a> <a name="proxyvia" id="proxyvia">Directive</a></h2>
+<div class="directive-section"><h2><a name="ProxyPassMatch" id="ProxyPassMatch">ProxyPassMatch</a> <a name="proxypassmatch" id="proxypassmatch">Directive</a></h2>
 <table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Information provided in the <code>Via</code> HTTP response
-header for proxied requests</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyVia On|Off|Full|Block</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyVia Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maps remote servers into the local server URL-space using regular expressions</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPassMatch [<var>regex</var>] !|<var>url</var> [<var>key=value</var>
+	<var>[key=value</var> ...]]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
 </table>
-    <p>This directive controls the use of the <code>Via:</code> HTTP
-    header by the proxy. Its intended use is to control the flow of
-    proxy requests along a chain of proxy servers.  See <a href="http://www.ietf.org/rfc/rfc2616.txt">RFC 2616</a> (HTTP/1.1), section
-    14.45 for an explanation of <code>Via:</code> header lines.</p>
-
-    <ul>
-    <li>If set to <code>Off</code>, which is the default, no special processing
-    is performed. If a request or reply contains a <code>Via:</code> header,
-    it is passed through unchanged.</li>
-
-    <li>If set to <code>On</code>, each request and reply will get a
-    <code>Via:</code> header line added for the current host.</li>
-
-    <li>If set to <code>Full</code>, each generated <code>Via:</code> header
-    line will additionally have the Apache httpd server version shown as a
-    <code>Via:</code> comment field.</li>
-
-    <li>If set to <code>Block</code>, every proxy request will have all its
-    <code>Via:</code> header lines removed. No new <code>Via:</code> header will
-    be generated.</li>
-    </ul>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="forwardreverse" id="forwardreverse">Forward Proxies and Reverse
-       Proxies/Gateways</a></h2>
-      <p>Apache HTTP Server can be configured in both a <dfn>forward</dfn> and
-      <dfn>reverse</dfn> proxy (also known as <dfn>gateway</dfn>) mode.</p>
-
-      <p>An ordinary <dfn>forward proxy</dfn> is an intermediate
-      server that sits between the client and the <em>origin
-      server</em>.  In order to get content from the origin server,
-      the client sends a request to the proxy naming the origin server
-      as the target and the proxy then requests the content from the
-      origin server and returns it to the client.  The client must be
-      specially configured to use the forward proxy to access other
-      sites.</p>
-
-      <p>A typical usage of a forward proxy is to provide Internet
-      access to internal clients that are otherwise restricted by a
-      firewall.  The forward proxy can also use caching (as provided
-      by <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code>) to reduce network usage.</p>
-
-      <p>The forward proxy is activated using the <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> directive.  Because
-      forward proxies allow clients to access arbitrary sites through
-      your server and to hide their true origin, it is essential that
-      you <a href="#access">secure your server</a> so that only
-      authorized clients can access the proxy before activating a
-      forward proxy.</p>
+    <p>This directive is equivalent to <code class="directive"><a href="#proxypass">ProxyPass</a></code>,
+       but makes use of regular expressions, instead of simple prefix matching. The
+       supplied regular expression is matched against the <var>url</var>, and if it
+       matches, the server will substitute any parenthesized matches into the given
+       string and use it as a new <var>url</var>.</p>
 
-      <p>A <dfn>reverse proxy</dfn> (or <dfn>gateway</dfn>), by
-      contrast, appears to the client just like an ordinary web
-      server.  No special configuration on the client is necessary.
-      The client makes ordinary requests for content in the name-space
-      of the reverse proxy.  The reverse proxy then decides where to
-      send those requests, and returns the content as if it was itself
-      the origin.</p>
+    <div class="note"><strong>Note: </strong>This directive cannot be used within a 
+    <code>&lt;Directory&gt;</code> context.</div>
+    
+    <p>Suppose the local server has address <code>http://example.com/</code>;
+    then</p>
 
-      <p>A typical usage of a reverse proxy is to provide Internet
-      users access to a server that is behind a firewall.  Reverse
-      proxies can also be used to balance load among several back-end
-      servers, or to provide caching for a slower back-end server.
-      In addition, reverse proxies can be used simply to bring
-      several servers into the same URL space.</p>
+    <pre class="prettyprint lang-config">ProxyPassMatch "^/(.*\.gif)$" "http://backend.example.com/$1"</pre>
 
-      <p>A reverse proxy is activated using the <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive or the
-      <code>[P]</code> flag to the <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> directive.  It is
-      <strong>not</strong> necessary to turn <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> on in order to
-      configure a reverse proxy.</p>
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="examples" id="examples">Basic Examples</a></h2>
 
-    <p>The examples below are only a very basic idea to help you
-    get started.  Please read the documentation on the individual
-    directives.</p>
+    <p>will cause a local request for
+    <code>http://example.com/foo/bar.gif</code> to be internally converted
+    into a proxy request to <code>http://backend.example.com/foo/bar.gif</code>.</p>
+    <div class="note"><h3>Note</h3>
+      <p>The URL argument must be parsable as a URL <em>before</em> regexp
+      substitutions (as well as after).  This limits the matches you can use.
+      For instance, if we had used</p>
+      <pre class="prettyprint lang-config">ProxyPassMatch "^(/.*\.gif)$" "http://backend.example.com:8000$1"</pre>
 
-    <p>In addition, if you wish to have caching enabled, consult
-    the documentation from <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code>.</p>
+      <p>in our previous example, it would fail with a syntax error
+      at server startup.  This is a bug (PR 46665 in the ASF bugzilla),
+      and the workaround is to reformulate the match:</p>
+      <pre class="prettyprint lang-config">ProxyPassMatch "^/(.*\.gif)$" "http://backend.example.com:8000/$1"</pre>
 
-    <div class="example"><h3>Reverse Proxy</h3><pre class="prettyprint lang-config">ProxyPass "/foo" "http://foo.example.com/bar"
-ProxyPassReverse "/foo" "http://foo.example.com/bar"</pre>
-</div>
+    </div>
+    <p>The <code>!</code> directive is useful in situations where you don't want
+    to reverse-proxy a subdirectory.</p>
 
-    <div class="example"><h3>Forward Proxy</h3><pre class="prettyprint lang-config">ProxyRequests On
-ProxyVia On
+    <p>When used inside a <code class="directive"><a href="../mod/core.html#locationmatch">&lt;LocationMatch&gt;</a></code> section, the first argument is omitted and the
+    regexp is obtained from the <code class="directive"><a href="../mod/core.html#locationmatch">&lt;LocationMatch&gt;</a></code>.</p>
 
-&lt;Proxy "*"&gt;
-  Require host internal.example.com
-&lt;/Proxy&gt;</pre>
-</div>
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="handler" id="handler">Access via Handler</a></h2>
+    <p>If you require a more flexible reverse-proxy configuration, see the
+    <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> directive with the
+    <code>[P]</code> flag.</p>
 
-      <p>You can also force a request to be handled as a reverse-proxy
-        request, by creating a suitable Handler pass-through. The example
-        configuration below will pass all requests for PHP scripts to the
-        specified FastCGI server using reverse proxy:
+    <div class="note">
+      <h3>Default Substitution</h3>
+      <p>When the URL parameter doesn't use any backreferences into the regular
+      expression, the original URL will be appended to the URL parameter.
       </p>
+    </div>
 
-      <div class="example"><h3>Reverse Proxy PHP scripts</h3><pre class="prettyprint lang-config">&lt;FilesMatch "\.php$"&gt;
-    # Unix sockets require 2.4.7 or later
-    SetHandler  "proxy:unix:/path/to/app.sock|fcgi://localhost/"
-&lt;/FilesMatch&gt;</pre>
-</div>
-
-      <p>This feature is available in Apache HTTP Server 2.4.10 and later.</p>
+    <div class="warning">
+      <h3>Security Warning</h3>
+      <p>Take care when constructing the target URL of the rule, considering
+        the security impact from allowing the client influence over the set of
+        URLs to which your server will act as a proxy.  Ensure that the scheme
+        and hostname part of the URL is either fixed, or does not allow the
+        client undue influence.</p>
+    </div>
 
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="workers" id="workers">Workers</a></h2>
-      <p>The proxy manages the configuration of origin servers and their
-      communication parameters in objects called <dfn>workers</dfn>.
-      There are two built-in workers, the default forward proxy worker and the
-      default reverse proxy worker. Additional workers can be configured
-      explicitly.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxyPassReverse" id="ProxyPassReverse">ProxyPassReverse</a> <a name="proxypassreverse" id="proxypassreverse">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Adjusts the URL in HTTP response headers sent from a reverse
+proxied server</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPassReverse [<var>path</var>] <var>url</var>
+[<var>interpolate</var>]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+</table>
+    <p>This directive lets Apache httpd adjust the URL in the <code>Location</code>,
+    <code>Content-Location</code> and <code>URI</code> headers on HTTP
+    redirect responses. This is essential when Apache httpd is used as a
+    reverse proxy (or gateway) to avoid by-passing the reverse proxy
+    because of HTTP redirects on the backend servers which stay behind
+    the reverse proxy.</p>
 
-      <p>The two default workers have a fixed configuration
-      and will be used if no other worker matches the request.
-      They do not use HTTP Keep-Alive or connection pooling.
-      The TCP connections to the origin server will instead be
-      opened and closed for each request.</p>
+    <p>Only the HTTP response headers specifically mentioned above
+    will be rewritten. Apache httpd will not rewrite other response
+    headers, nor will it by default rewrite URL references inside HTML pages.
+    This means that if the proxied content contains absolute URL
+    references, they will by-pass the proxy. To rewrite HTML content to
+    match the proxy, you must load and enable <code class="module"><a href="../mod/mod_proxy_html.html">mod_proxy_html</a></code>.
+    </p>
 
-      <p>Explicitly configured workers are identified by their URL.
-      They are usually created and configured using
-      <code class="directive"><a href="#proxypass">ProxyPass</a></code> or
-      <code class="directive"><a href="#proxypassmatch">ProxyPassMatch</a></code> when used
-      for a reverse proxy:</p>
+    <p><var>path</var> is the name of a local virtual path. <var>url</var> is a
+    partial URL for the remote server - the same way they are used for the
+    <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive.</p>
 
-      <pre class="prettyprint lang-config">ProxyPass "/example" "http://backend.example.com" connectiontimeout=5 timeout=30</pre>
+    <p>For example, suppose the local server has address
+    <code>http://example.com/</code>; then</p>
 
+    <pre class="prettyprint lang-config">ProxyPass         "/mirror/foo/" "http://backend.example.com/"
+ProxyPassReverse  "/mirror/foo/" "http://backend.example.com/"
+ProxyPassReverseCookieDomain  "backend.example.com"  "public.example.com"
+ProxyPassReverseCookiePath  "/"  "/mirror/foo/"</pre>
 
-      <p>This will create a worker associated with the origin server URL
-      <code>http://backend.example.com</code> and using the given timeout
-      values. When used in a forward proxy, workers are usually defined
-      via the <code class="directive"><a href="#proxyset">ProxySet</a></code> directive:</p>
 
-      <pre class="prettyprint lang-config">ProxySet "http://backend.example.com" connectiontimeout=5 timeout=30</pre>
+    <p>will not only cause a local request for the
+    <code>http://example.com/mirror/foo/bar</code> to be internally converted
+    into a proxy request to <code>http://backend.example.com/bar</code>
+    (the functionality <code>ProxyPass</code> provides here). It also takes care
+    of redirects the server <code>backend.example.com</code> sends: when
+    <code>http://backend.example.com/bar</code> is redirected by him to
+    <code>http://backend.example.com/quux</code> Apache httpd adjusts this to
+    <code>http://example.com/mirror/foo/quux</code> before forwarding the HTTP
+    redirect response to the client. Note that the hostname used for
+    constructing the URL is chosen in respect to the setting of the <code class="directive"><a href="../mod/core.html#usecanonicalname">UseCanonicalName</a></code> directive.</p>
 
+    <p>Note that this <code class="directive">ProxyPassReverse</code> directive can
+    also be used in conjunction with the proxy pass-through feature
+    (<code>RewriteRule ...  [P]</code>) from <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>
+    because it doesn't depend on a corresponding <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive.</p>
 
-      <p>or alternatively using <code class="directive"><a href="#proxy">Proxy</a></code>
-      and <code class="directive"><a href="#proxyset">ProxySet</a></code>:</p>
+    <p>The optional <var>interpolate</var> keyword, used together with
+    <code class="directive">ProxyPassInterpolateEnv</code>, enables interpolation
+    of environment variables specified using the format <var>${VARNAME}</var>.
+    Note that interpolation is not supported within the scheme portion of a
+    URL.</p>
 
-      <pre class="prettyprint lang-config">&lt;Proxy "http://backend.example.com"&gt;
-  ProxySet connectiontimeout=5 timeout=30
-&lt;/Proxy&gt;</pre>
+    <p>When used inside a <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code> section, the first argument is omitted and the local
+    directory is obtained from the <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code>. The same occurs inside a <code class="directive"><a href="../mod/core.html#locationmatch">&lt;LocationMatch&gt;</a></code> section, but will probably not work as
+    intended, as ProxyPassReverse will interpret the regexp literally as a
+    path; if needed in this situation, specify the ProxyPassReverse outside
+    the section, or in a separate <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code> section.</p>
 
+    <p>This directive is not supported in <code class="directive"><a href="../mod/core.html#directory">&lt;Directory&gt;</a></code> or <code class="directive"><a href="../mod/core.html#files">&lt;Files&gt;</a></code> sections.</p>
 
-      <p>Using explicitly configured workers in the forward mode is
-      not very common, because forward proxies usually communicate with many
-      different origin servers. Creating explicit workers for some of the
-      origin servers can still be useful, if they are used very often.
-      Explicitly configured workers have no concept of forward or reverse
-      proxying by themselves. They encapsulate a common concept of
-      communication with origin servers. A worker created by
-      <code class="directive"><a href="#proxypass">ProxyPass</a></code> for use in a
-      reverse proxy will be also used for forward proxy requests whenever
-      the URL to the origin server matches the worker URL and vice versa.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxyPassReverseCookieDomain" id="ProxyPassReverseCookieDomain">ProxyPassReverseCookieDomain</a> <a name="proxypassreversecookiedomain" id="proxypassreversecookiedomain">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Adjusts the Domain string in Set-Cookie headers from a reverse-
+proxied server</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPassReverseCookieDomain <var>internal-domain</var>
+<var>public-domain</var> [<var>interpolate</var>]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+</table>
+<p>Usage is basically similar to
+<code class="directive"><a href="#proxypassreverse">ProxyPassReverse</a></code>, but instead of
+rewriting headers that are a URL, this rewrites the <code>domain</code>
+string in <code>Set-Cookie</code> headers.</p>
 
-      <p>The URL identifying a direct worker is the URL of its
-      origin server including any path components given:</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxyPassReverseCookiePath" id="ProxyPassReverseCookiePath">ProxyPassReverseCookiePath</a> <a name="proxypassreversecookiepath" id="proxypassreversecookiepath">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Adjusts the Path string in Set-Cookie headers from a reverse-
+proxied server</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPassReverseCookiePath <var>internal-path</var>
+<var>public-path</var> [<var>interpolate</var>]</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+</table>
+<p>
+Useful in conjunction with
+<code class="directive"><a href="#proxypassreverse">ProxyPassReverse</a></code>
+in situations where backend URL paths are mapped to public paths on the
+reverse proxy. This directive rewrites the <code>path</code> string in
+<code>Set-Cookie</code> headers. If the beginning of the cookie path matches
+<var>internal-path</var>, the cookie path will be replaced with
+<var>public-path</var>.
+</p><p>
+In the example given with 
+<code class="directive"><a href="#proxypassreverse">ProxyPassReverse</a></code>, the directive:
+</p>
+    <pre class="prettyprint lang-config">ProxyPassReverseCookiePath  "/"  "/mirror/foo/"</pre>
 
-     <pre class="prettyprint lang-config">ProxyPass "/examples" "http://backend.example.com/examples"
-ProxyPass "/docs" "http://backend.example.com/docs"</pre>
+<p>
+will rewrite a cookie with backend path <code>/</code> (or
+<code>/example</code> or, in fact, anything) to <code>/mirror/foo/</code>.
+</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxyPreserveHost" id="ProxyPreserveHost">ProxyPreserveHost</a> <a name="proxypreservehost" id="proxypreservehost">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Use incoming Host HTTP request header for proxy
+request</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyPreserveHost On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyPreserveHost Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Usable in directory
+context in 2.3.3 and later.</td></tr>
+</table>
+    <p>When enabled, this option will pass the Host: line from the incoming
+    request to the proxied host, instead of the hostname specified in the
+    <code class="directive">ProxyPass</code> line.</p>
 
+    <p>This option should normally be turned <code>Off</code>. It is mostly
+    useful in special configurations like proxied mass name-based virtual
+    hosting, where the original Host header needs to be evaluated by the
+    backend server.</p>
 
-      <p>This example defines two different workers, each using a separate
-      connection pool and configuration.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxyReceiveBufferSize" id="ProxyReceiveBufferSize">ProxyReceiveBufferSize</a> <a name="proxyreceivebuffersize" id="proxyreceivebuffersize">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Network buffer size for proxied HTTP and FTP
+connections</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyReceiveBufferSize <var>bytes</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyReceiveBufferSize 0</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+</table>
+    <p>The <code class="directive">ProxyReceiveBufferSize</code> directive specifies an
+    explicit (TCP/IP) network buffer size for proxied HTTP and FTP connections,
+    for increased throughput. It has to be greater than <code>512</code> or set
+    to <code>0</code> to indicate that the system's default buffer size should
+    be used.</p>
 
-      <div class="warning"><h3>Worker Sharing</h3>
-        <p>Worker sharing happens if the worker URLs overlap, which occurs when
-        the URL of some worker is a leading substring of the URL of another
-        worker defined later in the configuration file. In the following example</p>
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ProxyReceiveBufferSize 2048</pre>
+</div>
 
-        <pre class="prettyprint lang-config">ProxyPass "/apps" "http://backend.example.com/" timeout=60
-ProxyPass "/examples" "http://backend.example.com/examples" timeout=10</pre>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxyRemote" id="ProxyRemote">ProxyRemote</a> <a name="proxyremote" id="proxyremote">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Remote proxy used to handle certain requests</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyRemote <var>match</var> <var>remote-server</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+</table>
+    <p>This defines remote proxies to this proxy. <var>match</var> is either the
+    name of a URL-scheme that the remote server supports, or a partial URL
+    for which the remote server should be used, or <code>*</code> to indicate
+    the server should be contacted for all requests. <var>remote-server</var> is
+    a partial URL for the remote server. Syntax:</p>
 
+    <div class="example"><p><code>
+      <dfn>remote-server</dfn> =
+          <var>scheme</var>://<var>hostname</var>[:<var>port</var>]
+    </code></p></div>
 
-        <p>the second worker isn't actually created. Instead the first
-        worker is used. The benefit is, that there is only one connection pool,
-        so connections are more often reused. Note that all configuration attributes
-        given explicitly for the later worker will be ignored. This will be logged
-        as a warning. In the above example the resulting timeout value
-        for the URL <code>/examples</code> will be <code>60</code> instead
-        of <code>10</code>!</p>
+    <p><var>scheme</var> is effectively the protocol that should be used to
+    communicate with the remote server; only <code>http</code> and <code>https</code>
+    are supported by this module. When using <code>https</code>, the requests
+    are forwarded through the remote proxy using the HTTP CONNECT method.</p>
 
-        <p>If you want to avoid worker sharing, sort your worker definitions
-        by URL length, starting with the longest worker URLs. If you want to maximize
-        worker sharing use the reverse sort order. See also the related warning about
-        ordering <code class="directive"><a href="#proxypass">ProxyPass</a></code> directives.</p>
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ProxyRemote "http://goodguys.example.com/" "http://mirrorguys.example.com:8000"
+ProxyRemote "*" "http://cleverproxy.localdomain"
+ProxyRemote "ftp" "http://ftpproxy.mydomain:8080"</pre>
+</div>
 
-      </div> 
+    <p>In the last example, the proxy will forward FTP requests, encapsulated
+    as yet another HTTP proxy request, to another proxy which can handle
+    them.</p>
 
-      <p>Explicitly configured workers come in two flavors:
-      <dfn>direct workers</dfn> and <dfn>(load) balancer workers</dfn>.
-      They support many important configuration attributes which are
-      described below in the <code class="directive"><a href="#proxypass">ProxyPass</a></code>
-      directive. The same attributes can also be set using
-      <code class="directive"><a href="#proxyset">ProxySet</a></code>.</p>
+    <p>This option also supports reverse proxy configuration - a backend
+    webserver can be embedded within a virtualhost URL space even if that
+    server is hidden by another forward proxy.</p>
 
-      <p>The set of options available for a direct worker
-      depends on the protocol, which is specified in the origin server URL.
-      Available protocols include <code>ajp</code>, <code>fcgi</code>,
-      <code>ftp</code>, <code>http</code> and <code>scgi</code>.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxyRemoteMatch" id="ProxyRemoteMatch">ProxyRemoteMatch</a> <a name="proxyremotematch" id="proxyremotematch">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Remote proxy used to handle requests matched by regular
+expressions</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyRemoteMatch <var>regex</var> <var>remote-server</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+</table>
+    <p>The <code class="directive">ProxyRemoteMatch</code> is identical to the
+    <code class="directive"><a href="#proxyremote">ProxyRemote</a></code> directive, except the
+    first argument is a <a class="glossarylink" href="../glossary.html#regex" title="see glossary">regular expression</a>
+    match against the requested URL.</p>
 
-      <p>Balancer workers are virtual workers that use direct workers known
-      as their members to actually handle the requests. Each balancer can
-      have multiple members. When it handles a request, it chooses a member
-      based on the configured load balancing algorithm.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxyRequests" id="ProxyRequests">ProxyRequests</a> <a name="proxyrequests" id="proxyrequests">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enables forward (standard) proxy requests</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyRequests On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyRequests Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+</table>
+    <p>This allows or prevents Apache httpd from functioning as a forward proxy
+    server. (Setting ProxyRequests to <code>Off</code> does not disable use of
+    the <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive.)</p>
 
-      <p>A balancer worker is created if its worker URL uses
-      <code>balancer</code> as the protocol scheme.
-      The balancer URL uniquely identifies the balancer worker.
-      Members are added to a balancer using
-      <code class="directive"><a href="#balancermember">BalancerMember</a></code>.</p>
+    <p>In a typical reverse proxy or gateway configuration, this
+    option should be set to
+    <code>Off</code>.</p>
 
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="access" id="access">Controlling access to your proxy</a></h2>
-      <p>You can control who can access your proxy via the <code class="directive"><a href="#proxy">&lt;Proxy&gt;</a></code> control block as in
-      the following example:</p>
+    <p>In order to get the functionality of proxying HTTP or FTP sites, you
+    need also <code class="module"><a href="../mod/mod_proxy_http.html">mod_proxy_http</a></code> or <code class="module"><a href="../mod/mod_proxy_ftp.html">mod_proxy_ftp</a></code>
+    (or both) present in the server.</p>
 
-      <pre class="prettyprint lang-config">&lt;Proxy "*"&gt;
-  Require ip 192.168.0
-&lt;/Proxy&gt;</pre>
+    <p>In order to get the functionality of (forward) proxying HTTPS sites, you
+    need <code class="module"><a href="../mod/mod_proxy_connect.html">mod_proxy_connect</a></code> enabled in the server.</p>
 
+    <div class="warning"><h3>Warning</h3>
+      <p>Do not enable proxying with <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> until you have <a href="#access">secured your server</a>.  Open proxy servers are dangerous
+      both to your network and to the Internet at large.</p>
+    </div>
 
-      <p>For more information on access control directives, see
-      <code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code>.</p>
+<h3>See also</h3>
+<ul>
+<li><a href="#forwardreverse">Forward and Reverse Proxies/Gateways</a></li>
+</ul>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxySet" id="ProxySet">ProxySet</a> <a name="proxyset" id="proxyset">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Set various Proxy balancer or member parameters</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxySet <var>url</var> <var>key=value [key=value ...]</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>ProxySet is only available in Apache HTTP Server 2.2
+  and later.</td></tr>
+</table>
+    <p>This directive is used as an alternate method of setting any of the
+    parameters available to Proxy balancers and workers normally done via the
+    <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive. If used
+    within a <code>&lt;Proxy <var>balancer url|worker url</var>&gt;</code>
+    container directive, the <var>url</var> argument is not required. As a side
+    effect the respective balancer or worker gets created. This can be useful
+    when doing reverse proxying via a
+    <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> instead of a
+    <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive.</p>
 
-      <p>Strictly limiting access is essential if you are using a
-      forward proxy (using the <code class="directive"><a href="#proxyrequests">ProxyRequests</a></code> directive).
-      Otherwise, your server can be used by any client to access
-      arbitrary hosts while hiding his or her true identity.  This is
-      dangerous both for your network and for the Internet at large.
-      When using a reverse proxy (using the <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive with
-      <code>ProxyRequests Off</code>), access control is less
-      critical because clients can only contact the hosts that you
-      have specifically configured.</p>
+    <div class="example"><pre class="prettyprint lang-config">&lt;Proxy "balancer://hotcluster"&gt;
+    BalancerMember "http://www2.example.com:8080" loadfactor=1
+    BalancerMember "http://www3.example.com:8080" loadfactor=2
+    ProxySet lbmethod=bytraffic
+&lt;/Proxy&gt;</pre>
+</div>
 
-      <p><strong>See Also</strong> the <a href="mod_proxy_http.html#env">Proxy-Chain-Auth</a> environment variable.</p>
+    <pre class="prettyprint lang-config">&lt;Proxy "http://backend"&gt;
+    ProxySet keepalive=On
+&lt;/Proxy&gt;</pre>
 
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="startup" id="startup">Slow Startup</a></h2>
-      <p>If you're using the <code class="directive"><a href="#proxyblock">ProxyBlock</a></code> directive, hostnames' IP addresses are looked up
-      and cached during startup for later match test. This may take a few
-      seconds (or more) depending on the speed with which the hostname lookups
-      occur.</p>
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="intranet" id="intranet">Intranet Proxy</a></h2>
-      <p>An Apache httpd proxy server situated in an intranet needs to forward
-      external requests through the company's firewall (for this, configure
-      the <code class="directive"><a href="#proxyremote">ProxyRemote</a></code> directive
-      to forward the respective <var>scheme</var> to the firewall proxy).
-      However, when it has to
-      access resources within the intranet, it can bypass the firewall when
-      accessing hosts. The <code class="directive"><a href="#noproxy">NoProxy</a></code>
-      directive is useful for specifying which hosts belong to the intranet and
-      should be accessed directly.</p>
 
-      <p>Users within an intranet tend to omit the local domain name from their
-      WWW requests, thus requesting "http://somehost/" instead of
-      <code>http://somehost.example.com/</code>. Some commercial proxy servers
-      let them get away with this and simply serve the request, implying a
-      configured local domain. When the <code class="directive"><a href="#proxydomain">ProxyDomain</a></code> directive is used and the server is <a href="#proxyrequests">configured for proxy service</a>, Apache httpd can return
-      a redirect response and send the client to the correct, fully qualified,
-      server address. This is the preferred method since the user's bookmark
-      files will then contain fully qualified hosts.</p>
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="envsettings" id="envsettings">Protocol Adjustments</a></h2>
-      <p>For circumstances where <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> is sending
-      requests to an origin server that doesn't properly implement
-      keepalives or HTTP/1.1, there are two <a href="../env.html">environment variables</a> that can force the
-      request to use HTTP/1.0 with no keepalive. These are set via the
-      <code class="directive"><a href="../mod/mod_env.html#setenv">SetEnv</a></code> directive.</p>
+    <pre class="prettyprint lang-config">ProxySet "balancer://foo" lbmethod=bytraffic timeout=15</pre>
 
-      <p>These are the <code>force-proxy-request-1.0</code> and
-      <code>proxy-nokeepalive</code> notes.</p>
 
-      <pre class="prettyprint lang-config">&lt;Location "/buggyappserver/"&gt;
-  ProxyPass "http://buggyappserver:7001/foo/"
-  SetEnv force-proxy-request-1.0 1
-  SetEnv proxy-nokeepalive 1
-&lt;/Location&gt;</pre>
+    <pre class="prettyprint lang-config">ProxySet "ajp://backend:7001" timeout=15</pre>
 
 
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="request-bodies" id="request-bodies">Request Bodies</a></h2>
+   <div class="warning"><h3>Warning</h3>
+      <p>Keep in mind that the same parameter key can have a different meaning
+      depending whether it is applied to a balancer or a worker as shown by the two
+      examples above regarding timeout.</p>
+   </div>
 
-    <p>Some request methods such as POST include a request body.
-    The HTTP protocol requires that requests which include a body
-    either use chunked transfer encoding or send a
-    <code>Content-Length</code> request header.  When passing these
-    requests on to the origin server, <code class="module"><a href="../mod/mod_proxy_http.html">mod_proxy_http</a></code>
-    will always attempt to send the <code>Content-Length</code>.  But
-    if the body is large and the original request used chunked
-    encoding, then chunked encoding may also be used in the upstream
-    request.  You can control this selection using <a href="../env.html">environment variables</a>.  Setting
-    <code>proxy-sendcl</code> ensures maximum compatibility with
-    upstream servers by always sending the
-    <code>Content-Length</code>, while setting
-    <code>proxy-sendchunked</code> minimizes resource usage by using
-    chunked encoding.</p>
 
-    <p>Under some circumstances, the server must spool request bodies
-    to disk to satisfy the requested handling of request bodies.  For
-    example, this spooling will occur if the original body was sent with
-    chunked encoding (and is large), but the administrator has
-    asked for backend requests to be sent with Content-Length or as HTTP/1.0.
-    This spooling can also occur if the request body already has a
-    Content-Length header, but the server is configured to filter incoming
-    request bodies.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxySourceAddress" id="ProxySourceAddress">ProxySourceAddress</a> <a name="proxysourceaddress" id="proxysourceaddress">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Set local IP address for outgoing proxy connections</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxySourceAddress <var>address</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.3.9 and later</td></tr>
+</table>
+    <p>This directive allows to set a specific local address to bind to when connecting
+    to a backend server.</p>
 
-    <p><code class="directive"><a href="../mod/core.html#limitrequestbody">LimitRequestBody</a></code> only applies to
-    request bodies that the server will spool to disk</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxyStatus" id="ProxyStatus">ProxyStatus</a> <a name="proxystatus" id="proxystatus">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Show Proxy LoadBalancer status in mod_status</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyStatus Off|On|Full</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyStatus Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.2 and later</td></tr>
+</table>
+    <p>This directive determines whether or not proxy
+    loadbalancer status data is displayed via the <code class="module"><a href="../mod/mod_status.html">mod_status</a></code>
+    server-status page.</p>
+    <div class="note"><h3>Note</h3>
+      <p><strong>Full</strong> is synonymous with <strong>On</strong></p>
+    </div>
 
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="x-headers" id="x-headers">Reverse Proxy Request Headers</a></h2>
 
-    <p>When acting in a reverse-proxy mode (using the <code class="directive"><a href="#proxypass">ProxyPass</a></code> directive, for example),
-    <code class="module"><a href="../mod/mod_proxy_http.html">mod_proxy_http</a></code> adds several request headers in
-    order to pass information to the origin server. These headers
-    are:</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxyTimeout" id="ProxyTimeout">ProxyTimeout</a> <a name="proxytimeout" id="proxytimeout">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Network timeout for proxied requests</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyTimeout <var>seconds</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>Value of <code class="directive"><a href="../mod/core.html#timeout">Timeout</a></code></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+</table>
+    <p>This directive allows a user to specifiy a timeout on proxy requests.
+    This is useful when you have a slow/buggy appserver which hangs, and you
+    would rather just return a timeout and fail gracefully instead of waiting
+    however long it takes the server to return.</p>
 
-    <dl>
-      <dt><code>X-Forwarded-For</code></dt>
-      <dd>The IP address of the client.</dd>
-      <dt><code>X-Forwarded-Host</code></dt>
-      <dd>The original host requested by the client in the <code>Host</code>
-       HTTP request header.</dd>
-      <dt><code>X-Forwarded-Server</code></dt>
-      <dd>The hostname of the proxy server.</dd>
-    </dl>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxyVia" id="ProxyVia">ProxyVia</a> <a name="proxyvia" id="proxyvia">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Information provided in the <code>Via</code> HTTP response
+header for proxied requests</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyVia On|Off|Full|Block</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyVia Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
+</table>
+    <p>This directive controls the use of the <code>Via:</code> HTTP
+    header by the proxy. Its intended use is to control the flow of
+    proxy requests along a chain of proxy servers.  See <a href="http://www.ietf.org/rfc/rfc2616.txt">RFC 2616</a> (HTTP/1.1), section
+    14.45 for an explanation of <code>Via:</code> header lines.</p>
 
-    <p>Be careful when using these headers on the origin server, since
-    they will contain more than one (comma-separated) value if the
-    original request already contained one of these headers. For
-    example, you can use <code>%{X-Forwarded-For}i</code> in the log
-    format string of the origin server to log the original clients IP
-    address, but you may get more than one address if the request
-    passes through several proxies.</p>
+    <ul>
+    <li>If set to <code>Off</code>, which is the default, no special processing
+    is performed. If a request or reply contains a <code>Via:</code> header,
+    it is passed through unchanged.</li>
 
-    <p>See also the <code class="directive"><a href="#proxypreservehost">ProxyPreserveHost</a></code> and <code class="directive"><a href="#proxyvia">ProxyVia</a></code> directives, which control
-    other request headers.</p>
+    <li>If set to <code>On</code>, each request and reply will get a
+    <code>Via:</code> header line added for the current host.</li>
 
-    <p>Note:  If you need to specify custom request headers to be
-    added to the forwarded request, use the 
-    <code class="directive"><a href="../mod/mod_headers.html#requestheader">RequestHeader</a></code>
-    directive.</p>
+    <li>If set to <code>Full</code>, each generated <code>Via:</code> header
+    line will additionally have the Apache httpd server version shown as a
+    <code>Via:</code> comment field.</li>
 
-   </div>
+    <li>If set to <code>Block</code>, every proxy request will have all its
+    <code>Via:</code> header lines removed. No new <code>Via:</code> header will
+    be generated.</li>
+    </ul>
+
+</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_proxy.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_proxy_ajp.html.en b/docs/manual/mod/mod_proxy_ajp.html.en
index 5142d9b34b..938f261715 100644
--- a/docs/manual/mod/mod_proxy_ajp.html.en
+++ b/docs/manual/mod/mod_proxy_ajp.html.en
@@ -50,10 +50,7 @@
       large.</p>
     </div>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<p>This module provides no
-            directives.</p>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#usage">Usage</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#env">Environment Variables</a></li>
@@ -61,7 +58,10 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#basppacketstruct">Basic Packet Structure</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#rpacetstruct">Request Packet Structure</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#resppacketstruct">Response Packet Structure</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<p>This module provides no
+            directives.</p>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code></li>
 <li><a href="../env.html">Environment Variable documentation</a></li>
diff --git a/docs/manual/mod/mod_proxy_balancer.html.en b/docs/manual/mod/mod_proxy_balancer.html.en
index 729411cead..822ef9b3d2 100644
--- a/docs/manual/mod/mod_proxy_balancer.html.en
+++ b/docs/manual/mod/mod_proxy_balancer.html.en
@@ -58,10 +58,7 @@
       large.</p>
     </div>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<p>This module provides no
-            directives.</p>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#scheduler">Load balancer scheduler algorithm</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#stickyness">Load balancer stickyness</a></li>
@@ -70,7 +67,10 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#balancer_manager">Enabling Balancer Manager Support</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#stickyness_implementation">Details on load balancer stickyness</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#stickyness_troubleshooting">Troubleshooting load balancer stickyness</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<p>This module provides no
+            directives.</p>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
diff --git a/docs/manual/mod/mod_proxy_connect.html.en b/docs/manual/mod/mod_proxy_connect.html.en
index 7174cc7fa5..14e4ffab07 100644
--- a/docs/manual/mod/mod_proxy_connect.html.en
+++ b/docs/manual/mod/mod_proxy_connect.html.en
@@ -54,18 +54,31 @@
       large.</p>
     </div>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#notes">Request notes</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#allowconnect">AllowCONNECT</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#notes">Request notes</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="notes" id="notes">Request notes</a></h2>
+    <p><code class="module"><a href="../mod/mod_proxy_connect.html">mod_proxy_connect</a></code> creates the following request notes for
+        logging using the <code>%{VARNAME}n</code> format in
+        <code class="directive"><a href="../mod/mod_log_config.html#logformat">LogFormat</a></code> or
+        <code class="directive"><a href="../mod/core.html#errorlogformat">ErrorLogFormat</a></code>:
+    </p>
+    <dl>
+        <dt>proxy-source-port</dt>
+        <dd>The local port used for the connection to the backend server.</dd>
+    </dl>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="AllowCONNECT" id="AllowCONNECT">AllowCONNECT</a> <a name="allowconnect" id="allowconnect">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Ports that are allowed to <code>CONNECT</code> through the
@@ -90,19 +103,6 @@ Port ranges available since Apache 2.3.7.</td></tr>
     allow connections to the listed ports only.</p>
 
 </div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="notes" id="notes">Request notes</a></h2>
-    <p><code class="module"><a href="../mod/mod_proxy_connect.html">mod_proxy_connect</a></code> creates the following request notes for
-        logging using the <code>%{VARNAME}n</code> format in
-        <code class="directive"><a href="../mod/mod_log_config.html#logformat">LogFormat</a></code> or
-        <code class="directive"><a href="../mod/core.html#errorlogformat">ErrorLogFormat</a></code>:
-    </p>
-    <dl>
-        <dt>proxy-source-port</dt>
-        <dd>The local port used for the connection to the backend server.</dd>
-    </dl>
-</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_proxy_connect.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_proxy_express.html.en b/docs/manual/mod/mod_proxy_express.html.en
index 3d7975e69d..6eb52c1f75 100644
--- a/docs/manual/mod/mod_proxy_express.html.en
+++ b/docs/manual/mod/mod_proxy_express.html.en
@@ -87,6 +87,7 @@
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="ProxyExpressDBMFile" id="ProxyExpressDBMFile">ProxyExpressDBMFile</a> <a name="proxyexpressdbmfile" id="proxyexpressdbmfile">Directive</a></h2>
 <table class="directive">
@@ -170,7 +171,6 @@
     controls whether the module will be active.</p>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_proxy_express.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_proxy_fcgi.html.en b/docs/manual/mod/mod_proxy_fcgi.html.en
index 08221e72e3..6d58cbdc0b 100644
--- a/docs/manual/mod/mod_proxy_fcgi.html.en
+++ b/docs/manual/mod/mod_proxy_fcgi.html.en
@@ -56,14 +56,14 @@
       large.</p>
     </div>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<p>This module provides no
-            directives.</p>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#env">Environment Variables</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<p>This module provides no
+            directives.</p>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="program"><a href="../programs/fcgistarter.html">fcgistarter</a></code></li>
 <li><code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code></li>
diff --git a/docs/manual/mod/mod_proxy_ftp.html.en b/docs/manual/mod/mod_proxy_ftp.html.en
index ca0d91576f..42f79b0970 100644
--- a/docs/manual/mod/mod_proxy_ftp.html.en
+++ b/docs/manual/mod/mod_proxy_ftp.html.en
@@ -48,13 +48,7 @@
       large.</p>
     </div>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#proxyftpdircharset">ProxyFtpDirCharset</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#proxyftpescapewildcards">ProxyFtpEscapeWildcards</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#proxyftplistonwildcard">ProxyFtpListOnWildcard</a></li>
-</ul>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#mimetypes">Why doesn't file type <var>xxx</var>
     download via FTP?</a></li>
@@ -67,68 +61,17 @@
     in my browser's URL line?</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#wildcard">Why do I get a file listing when I expected
         a file to be downloaded?</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<ul id="toc">
+<li><img alt="" src="../images/down.gif" /> <a href="#proxyftpdircharset">ProxyFtpDirCharset</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#proxyftpescapewildcards">ProxyFtpEscapeWildcards</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#proxyftplistonwildcard">ProxyFtpListOnWildcard</a></li>
+</ul>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyFtpDirCharset" id="ProxyFtpDirCharset">ProxyFtpDirCharset</a> <a name="proxyftpdircharset" id="proxyftpdircharset">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Define the character set for proxied FTP listings</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyFtpDirCharset <var>character set</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyFtpDirCharset ISO-8859-1</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy_ftp</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.2.7 and later. Moved from <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> in Apache 2.3.5.</td></tr>
-</table>
-    <p>The <code class="directive">ProxyFtpDirCharset</code> directive defines the
-    character set to be set for FTP directory listings in HTML generated by
-    <code class="module"><a href="../mod/mod_proxy_ftp.html">mod_proxy_ftp</a></code>.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyFtpEscapeWildcards" id="ProxyFtpEscapeWildcards">ProxyFtpEscapeWildcards</a> <a name="proxyftpescapewildcards" id="proxyftpescapewildcards">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Whether wildcards in requested filenames are escaped when sent to the FTP server</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyFtpEscapeWildcards [on|off]</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>on</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy_ftp</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.3.3 and later</td></tr>
-</table>
-  <p>The <code class="directive">ProxyFtpEscapeWildcards</code> directive
-    controls whether wildcard characters ("*?[{~") in requested
-    filenames are escaped with backslash before sending them to the
-    FTP server.  That is the default behavior, but many FTP servers
-    don't know about the escaping and try to serve the literal filenames
-    they were sent, including the backslashes in the names.  </p>
-    <p>Set to "off" to allow downloading files with wildcards
-    in their names from FTP servers that don't understand wildcard
-    escaping.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ProxyFtpListOnWildcard" id="ProxyFtpListOnWildcard">ProxyFtpListOnWildcard</a> <a name="proxyftplistonwildcard" id="proxyftplistonwildcard">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Whether wildcards in requested filenames trigger a file listing</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyFtpListOnWildcard [on|off]</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>on</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy_ftp</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.3.3 and later</td></tr>
-</table>
-  <p>The <code class="directive">ProxyFtpListOnWildcard</code> directive
-    controls whether wildcard characters ("*?[{~") in requested
-    filenames cause <code class="module"><a href="../mod/mod_proxy_ftp.html">mod_proxy_ftp</a></code> to return a listing
-    of files instead of downloading a file.  By default (value on),
-    they do.  Set to "off" to allow downloading files even if they
-    have wildcard characters in their names.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="mimetypes" id="mimetypes">Why doesn't file type <var>xxx</var>
     download via FTP?</a></h2>
@@ -232,6 +175,63 @@
         See the <code class="directive">ProxyFtpListOnWildcard</code> directive.
       </p>
     </div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxyFtpDirCharset" id="ProxyFtpDirCharset">ProxyFtpDirCharset</a> <a name="proxyftpdircharset" id="proxyftpdircharset">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Define the character set for proxied FTP listings</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyFtpDirCharset <var>character set</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyFtpDirCharset ISO-8859-1</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy_ftp</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.2.7 and later. Moved from <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> in Apache 2.3.5.</td></tr>
+</table>
+    <p>The <code class="directive">ProxyFtpDirCharset</code> directive defines the
+    character set to be set for FTP directory listings in HTML generated by
+    <code class="module"><a href="../mod/mod_proxy_ftp.html">mod_proxy_ftp</a></code>.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxyFtpEscapeWildcards" id="ProxyFtpEscapeWildcards">ProxyFtpEscapeWildcards</a> <a name="proxyftpescapewildcards" id="proxyftpescapewildcards">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Whether wildcards in requested filenames are escaped when sent to the FTP server</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyFtpEscapeWildcards [on|off]</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>on</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy_ftp</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.3.3 and later</td></tr>
+</table>
+  <p>The <code class="directive">ProxyFtpEscapeWildcards</code> directive
+    controls whether wildcard characters ("*?[{~") in requested
+    filenames are escaped with backslash before sending them to the
+    FTP server.  That is the default behavior, but many FTP servers
+    don't know about the escaping and try to serve the literal filenames
+    they were sent, including the backslashes in the names.  </p>
+    <p>Set to "off" to allow downloading files with wildcards
+    in their names from FTP servers that don't understand wildcard
+    escaping.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ProxyFtpListOnWildcard" id="ProxyFtpListOnWildcard">ProxyFtpListOnWildcard</a> <a name="proxyftplistonwildcard" id="proxyftplistonwildcard">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Whether wildcards in requested filenames trigger a file listing</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyFtpListOnWildcard [on|off]</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>on</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy_ftp</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.3.3 and later</td></tr>
+</table>
+  <p>The <code class="directive">ProxyFtpListOnWildcard</code> directive
+    controls whether wildcard characters ("*?[{~") in requested
+    filenames cause <code class="module"><a href="../mod/mod_proxy_ftp.html">mod_proxy_ftp</a></code> to return a listing
+    of files instead of downloading a file.  By default (value on),
+    they do.  Set to "off" to allow downloading files even if they
+    have wildcard characters in their names.</p>
+
+</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_proxy_ftp.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_proxy_html.html.en b/docs/manual/mod/mod_proxy_html.html.en
index 975e114270..3259c46a19 100644
--- a/docs/manual/mod/mod_proxy_html.html.en
+++ b/docs/manual/mod/mod_proxy_html.html.en
@@ -71,6 +71,7 @@ extensive <a href="http://apache.webthing.com/mod_proxy_html/">documentation</a>
 <li><img alt="" src="../images/down.gif" /> <a href="#proxyhtmlurlmap">ProxyHTMLURLMap</a></li>
 </ul>
 <ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="ProxyHTMLBufSize" id="ProxyHTMLBufSize">ProxyHTMLBufSize</a> <a name="proxyhtmlbufsize" id="proxyhtmlbufsize">Directive</a></h2>
 <table class="directive">
@@ -425,7 +426,6 @@ If TRUE, or if no condition is defined, the map is applied.</p>
 in mod_proxy_html 3.x for HTTPD 2.0 and 2.2 is also supported.</p>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_proxy_html.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_proxy_http.html.en b/docs/manual/mod/mod_proxy_http.html.en
index 6a1410adff..80f83f82d3 100644
--- a/docs/manual/mod/mod_proxy_http.html.en
+++ b/docs/manual/mod/mod_proxy_http.html.en
@@ -51,14 +51,14 @@
       large.</p>
     </div>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<p>This module provides no
-            directives.</p>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#env">Environment Variables</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#notes">Request notes</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<p>This module provides no
+            directives.</p>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code></li>
 <li><code class="module"><a href="../mod/mod_proxy_connect.html">mod_proxy_connect</a></code></li>
diff --git a/docs/manual/mod/mod_proxy_scgi.html.en b/docs/manual/mod/mod_proxy_scgi.html.en
index a35c1a0d6b..4e16a5f1e6 100644
--- a/docs/manual/mod/mod_proxy_scgi.html.en
+++ b/docs/manual/mod/mod_proxy_scgi.html.en
@@ -48,21 +48,63 @@
       large.</p>
     </div>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#env">Environment Variables</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#proxyscgiinternalredirect">ProxySCGIInternalRedirect</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#proxyscgisendfile">ProxySCGISendfile</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#env">Environment Variables</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code></li>
 <li><code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="examples" id="examples">Examples</a></h2>
+    <p>Remember, in order to make the following examples work, you have to
+    enable <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> and <code class="module"><a href="../mod/mod_proxy_scgi.html">mod_proxy_scgi</a></code>.</p>
+
+    <div class="example"><h3>Simple gateway</h3><pre class="prettyprint lang-config">ProxyPass /scgi-bin/ scgi://localhost:4000/</pre>
+</div>
+
+    <p>The balanced gateway needs <code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code> and
+    at least one load balancer algorithm module, such as
+    <code class="module"><a href="../mod/mod_lbmethod_byrequests.html">mod_lbmethod_byrequests</a></code>, in addition to the proxy
+    modules listed above.  <code class="module"><a href="../mod/mod_lbmethod_byrequests.html">mod_lbmethod_byrequests</a></code> is the
+    default, and will be used for this example configuration.</p>
+
+    <div class="example"><h3>Balanced gateway</h3><pre class="prettyprint lang-config">ProxyPass "/scgi-bin/" "balancer://somecluster/"
+&lt;Proxy "balancer://somecluster"&gt;
+    BalancerMember "scgi://localhost:4000"
+    BalancerMember "scgi://localhost:4001"
+&lt;/Proxy&gt;</pre>
+</div>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="env" id="env">Environment Variables</a></h2>
+    <p>In addition to the configuration directives that control the
+    behaviour of <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code>, an <dfn>environment
+    variable</dfn> may also control the SCGI protocol
+    provider:</p>
+    <dl>
+        <dt>proxy-scgi-pathinfo</dt>
+        <dd>By default <code class="module"><a href="../mod/mod_proxy_scgi.html">mod_proxy_scgi</a></code> will neither create
+        nor export the <var>PATH_INFO</var> environment variable. This allows
+        the backend SCGI server to correctly determine <var>SCRIPT_NAME</var>
+        and <var>Script-URI</var> and be compliant with RFC 3875 section 3.3.
+        If instead you need <code class="module"><a href="../mod/mod_proxy_scgi.html">mod_proxy_scgi</a></code> to generate
+        a "best guess" for <var>PATH_INFO</var>, set this env-var.  The
+        variable must be set before <code class="directive"><a href="../mod/env.html#setenv">SetEnv</a></code>
+        is effective.  <code class="directive"><a href="../mod/setenv.html#setenvif">SetEnvIf</a></code> can be
+        used instead: <code>SetEnvIf Request_URI . proxy-scgi-pathinfo</code>
+        </dd>
+    </dl>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="ProxySCGIInternalRedirect" id="ProxySCGIInternalRedirect">ProxySCGIInternalRedirect</a> <a name="proxyscgiinternalredirect" id="proxyscgiinternalredirect">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable or disable internal redirect responses from the
@@ -129,48 +171,6 @@ ProxySCGISendfile On
 ProxySCGISendfile X-Send-Static</pre>
 </div>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="examples" id="examples">Examples</a></h2>
-    <p>Remember, in order to make the following examples work, you have to
-    enable <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> and <code class="module"><a href="../mod/mod_proxy_scgi.html">mod_proxy_scgi</a></code>.</p>
-
-    <div class="example"><h3>Simple gateway</h3><pre class="prettyprint lang-config">ProxyPass /scgi-bin/ scgi://localhost:4000/</pre>
-</div>
-
-    <p>The balanced gateway needs <code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code> and
-    at least one load balancer algorithm module, such as
-    <code class="module"><a href="../mod/mod_lbmethod_byrequests.html">mod_lbmethod_byrequests</a></code>, in addition to the proxy
-    modules listed above.  <code class="module"><a href="../mod/mod_lbmethod_byrequests.html">mod_lbmethod_byrequests</a></code> is the
-    default, and will be used for this example configuration.</p>
-
-    <div class="example"><h3>Balanced gateway</h3><pre class="prettyprint lang-config">ProxyPass "/scgi-bin/" "balancer://somecluster/"
-&lt;Proxy "balancer://somecluster"&gt;
-    BalancerMember "scgi://localhost:4000"
-    BalancerMember "scgi://localhost:4001"
-&lt;/Proxy&gt;</pre>
-</div>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="env" id="env">Environment Variables</a></h2>
-    <p>In addition to the configuration directives that control the
-    behaviour of <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code>, an <dfn>environment
-    variable</dfn> may also control the SCGI protocol
-    provider:</p>
-    <dl>
-        <dt>proxy-scgi-pathinfo</dt>
-        <dd>By default <code class="module"><a href="../mod/mod_proxy_scgi.html">mod_proxy_scgi</a></code> will neither create
-        nor export the <var>PATH_INFO</var> environment variable. This allows
-        the backend SCGI server to correctly determine <var>SCRIPT_NAME</var>
-        and <var>Script-URI</var> and be compliant with RFC 3875 section 3.3.
-        If instead you need <code class="module"><a href="../mod/mod_proxy_scgi.html">mod_proxy_scgi</a></code> to generate
-        a "best guess" for <var>PATH_INFO</var>, set this env-var.  The
-        variable must be set before <code class="directive"><a href="../mod/env.html#setenv">SetEnv</a></code>
-        is effective.  <code class="directive"><a href="../mod/setenv.html#setenvif">SetEnvIf</a></code> can be
-        used instead: <code>SetEnvIf Request_URI . proxy-scgi-pathinfo</code>
-        </dd>
-    </dl>
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_reflector.html.en b/docs/manual/mod/mod_reflector.html.en
index 7c09a405aa..31e22ed073 100644
--- a/docs/manual/mod/mod_reflector.html.en
+++ b/docs/manual/mod/mod_reflector.html.en
@@ -40,30 +40,14 @@
     the request into a response. This module can be used to turn an output
     filter into an HTTP service.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#reflectorheader">ReflectorHeader</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="ReflectorHeader" id="ReflectorHeader">ReflectorHeader</a> <a name="reflectorheader" id="reflectorheader">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Reflect an input header to the output headers</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ReflectorHeader <var>inputheader</var> <var>[outputheader]</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>Options</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_reflector</td></tr>
-</table>
-    <p>This directive controls the reflection of request headers to the response.
-    The first argument is the name of the request header to copy. If the optional
-    second argument is specified, it will be used as the name of the response
-    header, otherwise the original request header name will be used.</p>
-
-</div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="examples" id="examples">Examples</a></h2>
@@ -90,6 +74,22 @@
     </dd>
     </dl>
 </div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="ReflectorHeader" id="ReflectorHeader">ReflectorHeader</a> <a name="reflectorheader" id="reflectorheader">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Reflect an input header to the output headers</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ReflectorHeader <var>inputheader</var> <var>[outputheader]</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>Options</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_reflector</td></tr>
+</table>
+    <p>This directive controls the reflection of request headers to the response.
+    The first argument is the name of the request header to copy. If the optional
+    second argument is specified, it will be used as the name of the response
+    header, otherwise the original request header name will be used.</p>
+
+</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_reflector.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_remoteip.html.en b/docs/manual/mod/mod_remoteip.html.en
index 7bba4f54ed..8e73d219b8 100644
--- a/docs/manual/mod/mod_remoteip.html.en
+++ b/docs/manual/mod/mod_remoteip.html.en
@@ -58,7 +58,10 @@ via the request headers.
     it is trivial for the remote useragent to impersonate another
     useragent.</div>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#processing">Remote IP Processing</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#remoteipheader">RemoteIPHeader</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#remoteipinternalproxy">RemoteIPInternalProxy</a></li>
@@ -67,16 +70,55 @@ via the request headers.
 <li><img alt="" src="../images/down.gif" /> <a href="#remoteiptrustedproxy">RemoteIPTrustedProxy</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#remoteiptrustedproxylist">RemoteIPTrustedProxyList</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#processing">Remote IP Processing</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code></li>
 <li><code class="module"><a href="../mod/mod_status.html">mod_status</a></code></li>
 <li><code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="processing" id="processing">Remote IP Processing</a></h2>
+
+    <p>Apache by default identifies the useragent with the connection's
+    client_ip value, and the connection remote_host and remote_logname are
+    derived from this value. These fields play a role in authentication,
+    authorization and logging and other purposes by other loadable
+    modules.</p>
+
+    <p>mod_remoteip overrides the client IP of the connection with the
+    advertised useragent IP as provided by a proxy or load balancer, for
+    the duration of the request. A load balancer might establish a long
+    lived keepalive connection with the server, and each request will
+    have the correct useragent IP, even though the underlying client IP
+    address of the load balancer remains unchanged.</p>
+
+    <p>When multiple, comma delimited useragent IP addresses are listed in the
+    header value, they are processed in Right-to-Left order.  Processing
+    halts when a given useragent IP address is not trusted to present the
+    preceding IP address.  The header field is updated to this remaining
+    list of unconfirmed IP addresses, or if all IP addresses were trusted,
+    this header is removed from the request altogether.</p>
+
+    <p>In overriding the client IP, the module stores the list of intermediate
+    hosts in a remoteip-proxy-ip-list note, which <code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code>
+    can record using the <code>%{remoteip-proxy-ip-list}n</code> format token.
+    If the administrator needs to store this as an additional header, this
+    same value can also be recording as a header using the directive
+    <code class="directive"><a href="#remoteipproxiesheader">RemoteIPProxiesHeader</a></code>.</p>
+
+    <div class="note"><h3>IPv4-over-IPv6 Mapped Addresses</h3>
+    As with httpd in general, any IPv4-over-IPv6 mapped addresses are recorded
+    in their IPv4 representation.</div>
+
+    <div class="note"><h3>Internal (Private) Addresses</h3>
+    All internal addresses 10/8, 172.16/12, 192.168/16, 169.254/16 and 127/8
+    blocks (and IPv6 addresses outside of the public 2000::/3 block) are only
+    evaluated by mod_remoteip when <code class="directive"><a href="#remoteipinternalproxy">RemoteIPInternalProxy</a></code>
+    internal (intranet) proxies are registered.</div>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="RemoteIPHeader" id="RemoteIPHeader">RemoteIPHeader</a> <a name="remoteipheader" id="remoteipheader">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Declare the header field which should be parsed for useragent IP addresses</td></tr>
@@ -222,48 +264,6 @@ RemoteIPTrustedProxyList conf/trusted-proxies.lst</pre>
        proxy.isp.example.com #some well known ISP
     </code></p></div>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="processing" id="processing">Remote IP Processing</a></h2>
-
-    <p>Apache by default identifies the useragent with the connection's
-    client_ip value, and the connection remote_host and remote_logname are
-    derived from this value. These fields play a role in authentication,
-    authorization and logging and other purposes by other loadable
-    modules.</p>
-
-    <p>mod_remoteip overrides the client IP of the connection with the
-    advertised useragent IP as provided by a proxy or load balancer, for
-    the duration of the request. A load balancer might establish a long
-    lived keepalive connection with the server, and each request will
-    have the correct useragent IP, even though the underlying client IP
-    address of the load balancer remains unchanged.</p>
-
-    <p>When multiple, comma delimited useragent IP addresses are listed in the
-    header value, they are processed in Right-to-Left order.  Processing
-    halts when a given useragent IP address is not trusted to present the
-    preceding IP address.  The header field is updated to this remaining
-    list of unconfirmed IP addresses, or if all IP addresses were trusted,
-    this header is removed from the request altogether.</p>
-
-    <p>In overriding the client IP, the module stores the list of intermediate
-    hosts in a remoteip-proxy-ip-list note, which <code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code>
-    can record using the <code>%{remoteip-proxy-ip-list}n</code> format token.
-    If the administrator needs to store this as an additional header, this
-    same value can also be recording as a header using the directive
-    <code class="directive"><a href="#remoteipproxiesheader">RemoteIPProxiesHeader</a></code>.</p>
-
-    <div class="note"><h3>IPv4-over-IPv6 Mapped Addresses</h3>
-    As with httpd in general, any IPv4-over-IPv6 mapped addresses are recorded
-    in their IPv4 representation.</div>
-
-    <div class="note"><h3>Internal (Private) Addresses</h3>
-    All internal addresses 10/8, 172.16/12, 192.168/16, 169.254/16 and 127/8
-    blocks (and IPv6 addresses outside of the public 2000::/3 block) are only
-    evaluated by mod_remoteip when <code class="directive"><a href="#remoteipinternalproxy">RemoteIPInternalProxy</a></code>
-    internal (intranet) proxies are registered.</div>
-
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_reqtimeout.html.en b/docs/manual/mod/mod_reqtimeout.html.en
index 8aafa445c4..846e1c91d9 100644
--- a/docs/manual/mod/mod_reqtimeout.html.en
+++ b/docs/manual/mod/mod_reqtimeout.html.en
@@ -34,14 +34,59 @@
 <tr><th><a href="module-dict.html#SourceFile">Source File:</a></th><td>mod_reqtimeout.c</td></tr>
 <tr><th><a href="module-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTPD 2.2.15 and later</td></tr></table>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#requestreadtimeout">RequestReadTimeout</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="examples" id="examples">Examples</a></h2>
+
+    <ol>
+      <li>
+        Allow 10 seconds to receive the request including the headers and
+        30 seconds for receiving the request body:
+
+        <pre class="prettyprint lang-config">RequestReadTimeout header=10 body=30</pre>
+
+      </li>
+
+      <li>
+        Allow at least 10 seconds to receive the request body.
+        If the client sends data, increase the timeout by 1 second for every
+        1000 bytes received, with no upper limit for the timeout (except for
+        the limit given indirectly by
+        <code class="directive"><a href="../mod/core.html#limitrequestbody">LimitRequestBody</a></code>):
+
+        <pre class="prettyprint lang-config">RequestReadTimeout body=10,MinRate=1000</pre>
+
+      </li>
+
+      <li>
+        Allow at least 10 seconds to receive the request including the headers.
+        If the client sends data, increase the timeout by 1 second for every
+        500 bytes received. But do not allow more than 30 seconds for the
+        request including the headers:
+
+        <pre class="prettyprint lang-config">RequestReadTimeout header=10-30,MinRate=500</pre>
+
+      </li>
+
+      <li>
+        Usually, a server should have both header and body timeouts configured.
+        If a common configuration is used for http and https virtual hosts, the
+        timeouts should not be set too low:
+
+        <pre class="prettyprint lang-config">RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500</pre>
+
+      </li>
+
+    </ol>
+</div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="RequestReadTimeout" id="RequestReadTimeout">RequestReadTimeout</a> <a name="requestreadtimeout" id="requestreadtimeout">Directive</a></h2>
 <table class="directive">
@@ -124,51 +169,6 @@ version 2.3.14 and earlier.</td></tr>
     </ul>
 
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="examples" id="examples">Examples</a></h2>
-
-    <ol>
-      <li>
-        Allow 10 seconds to receive the request including the headers and
-        30 seconds for receiving the request body:
-
-        <pre class="prettyprint lang-config">RequestReadTimeout header=10 body=30</pre>
-
-      </li>
-
-      <li>
-        Allow at least 10 seconds to receive the request body.
-        If the client sends data, increase the timeout by 1 second for every
-        1000 bytes received, with no upper limit for the timeout (except for
-        the limit given indirectly by
-        <code class="directive"><a href="../mod/core.html#limitrequestbody">LimitRequestBody</a></code>):
-
-        <pre class="prettyprint lang-config">RequestReadTimeout body=10,MinRate=1000</pre>
-
-      </li>
-
-      <li>
-        Allow at least 10 seconds to receive the request including the headers.
-        If the client sends data, increase the timeout by 1 second for every
-        500 bytes received. But do not allow more than 30 seconds for the
-        request including the headers:
-
-        <pre class="prettyprint lang-config">RequestReadTimeout header=10-30,MinRate=500</pre>
-
-      </li>
-
-      <li>
-        Usually, a server should have both header and body timeouts configured.
-        If a common configuration is used for http and https virtual hosts, the
-        timeouts should not be set too low:
-
-        <pre class="prettyprint lang-config">RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500</pre>
-
-      </li>
-
-    </ol>
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_request.html.en b/docs/manual/mod/mod_request.html.en
index f416fd51c3..0456c8e7ea 100644
--- a/docs/manual/mod/mod_request.html.en
+++ b/docs/manual/mod/mod_request.html.en
@@ -39,6 +39,7 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#keptbodysize">KeptBodySize</a></li>
 </ul>
 <ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="KeptBodySize" id="KeptBodySize">KeptBodySize</a> <a name="keptbodysize" id="keptbodysize">Directive</a></h2>
 <table class="directive">
@@ -95,7 +96,6 @@ mod_include.</td></tr>
 <li><a href="mod_auth_form.html">mod_auth_form</a> documentation</li>
 </ul>
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_request.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_rewrite.html.en b/docs/manual/mod/mod_rewrite.html.en
index 83fc59430b..41d18d2f4a 100644
--- a/docs/manual/mod/mod_rewrite.html.en
+++ b/docs/manual/mod/mod_rewrite.html.en
@@ -54,7 +54,10 @@ URLs on the fly</td></tr>
       <p>Further details, discussion, and examples, are provided in the
       <a href="../rewrite/">detailed mod_rewrite documentation</a>.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#logging">Logging</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#rewritebase">RewriteBase</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#rewritecond">RewriteCond</a></li>
@@ -63,10 +66,43 @@ URLs on the fly</td></tr>
 <li><img alt="" src="../images/down.gif" /> <a href="#rewriteoptions">RewriteOptions</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#rewriterule">RewriteRule</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#logging">Logging</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="logging" id="logging">Logging</a></h2>
+
+    <p><code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> offers detailed logging of its actions
+    at the <code>trace1</code> to <code>trace8</code> log levels. The
+    log level can be set specifically for <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>
+    using the <code class="directive"><a href="../mod/core.html#loglevel">LogLevel</a></code> directive: Up to
+    level <code>debug</code>, no actions are logged, while <code>trace8</code>
+    means that practically all actions are logged.</p>
+
+    <div class="note">
+      Using a high trace log level for <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>
+      will slow down your Apache HTTP Server dramatically! Use a log
+      level higher than <code>trace2</code> only for debugging!
+    </div>
+
+    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">LogLevel alert rewrite:trace3</pre>
+</div>
+
+    <div class="note"><h3>RewriteLog</h3>
+      <p>Those familiar with earlier versions of
+      <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> will no doubt be looking for the
+      <code>RewriteLog</code> and <code>RewriteLogLevel</code>
+      directives. This functionality has been completely replaced by the
+      new per-module logging configuration mentioned above.
+      </p>
+
+      <p>To get just the <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>-specific log
+      messages, pipe the log file through grep:</p>
+    <div class="example"><p><code>
+    tail -f error_log|fgrep '[rewrite:'
+    </code></p></div>
+    </div>
+
+</div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="RewriteBase" id="RewriteBase">RewriteBase</a> <a name="rewritebase" id="rewritebase">Directive</a></h2>
 <table class="directive">
@@ -1421,42 +1457,6 @@ redirection</td>
 </table>
 
   
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="logging" id="logging">Logging</a></h2>
-
-    <p><code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> offers detailed logging of its actions
-    at the <code>trace1</code> to <code>trace8</code> log levels. The
-    log level can be set specifically for <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>
-    using the <code class="directive"><a href="../mod/core.html#loglevel">LogLevel</a></code> directive: Up to
-    level <code>debug</code>, no actions are logged, while <code>trace8</code>
-    means that practically all actions are logged.</p>
-
-    <div class="note">
-      Using a high trace log level for <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>
-      will slow down your Apache HTTP Server dramatically! Use a log
-      level higher than <code>trace2</code> only for debugging!
-    </div>
-
-    <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">LogLevel alert rewrite:trace3</pre>
-</div>
-
-    <div class="note"><h3>RewriteLog</h3>
-      <p>Those familiar with earlier versions of
-      <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> will no doubt be looking for the
-      <code>RewriteLog</code> and <code>RewriteLogLevel</code>
-      directives. This functionality has been completely replaced by the
-      new per-module logging configuration mentioned above.
-      </p>
-
-      <p>To get just the <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>-specific log
-      messages, pipe the log file through grep:</p>
-    <div class="example"><p><code>
-    tail -f error_log|fgrep '[rewrite:'
-    </code></p></div>
-    </div>
-
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_sed.html.en b/docs/manual/mod/mod_sed.html.en
index 9bc6b313ae..17d5913918 100644
--- a/docs/manual/mod/mod_sed.html.en
+++ b/docs/manual/mod/mod_sed.html.en
@@ -62,44 +62,16 @@ string or regular expression search and replace, is available <a href="https://b
 the author's blog</a>.</p>
 
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#sampleconf">Sample Configuration</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#sed_commands">Sed Commands</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#inputsed">InputSed</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#outputsed">OutputSed</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#sampleconf">Sample Configuration</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#sed_commands">Sed Commands</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="InputSed" id="InputSed">InputSed</a> <a name="inputsed" id="inputsed">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sed command to filter request data (typically <code>POST</code> data)</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>InputSed <var>sed-command</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_sed</td></tr>
-</table>
-    <p>The <code class="directive">InputSed</code> directive specifies the <code>sed</code> command
-    to execute on the request data e.g., <code>POST</code> data.
-    </p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="OutputSed" id="OutputSed">OutputSed</a> <a name="outputsed" id="outputsed">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sed command for filtering response content</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>OutputSed <var>sed-command</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_sed</td></tr>
-</table>
-    <p>The <code class="directive">OutputSed</code> directive specifies the <code>sed</code>
-    command to execute on the response.
-    </p>
-
-</div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="sampleconf" id="sampleconf">Sample Configuration</a></h2>
@@ -145,6 +117,34 @@ page</a>.
         <dd>Swap the contents of the hold buffer and the current line.</dd>
     </dl>
 </div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="InputSed" id="InputSed">InputSed</a> <a name="inputsed" id="inputsed">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sed command to filter request data (typically <code>POST</code> data)</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>InputSed <var>sed-command</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_sed</td></tr>
+</table>
+    <p>The <code class="directive">InputSed</code> directive specifies the <code>sed</code> command
+    to execute on the request data e.g., <code>POST</code> data.
+    </p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="OutputSed" id="OutputSed">OutputSed</a> <a name="outputsed" id="outputsed">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sed command for filtering response content</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>OutputSed <var>sed-command</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_sed</td></tr>
+</table>
+    <p>The <code class="directive">OutputSed</code> directive specifies the <code>sed</code>
+    command to execute on the response.
+    </p>
+
+</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_sed.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_session.html.en b/docs/manual/mod/mod_session.html.en
index 9c8214657a..d503bb604f 100644
--- a/docs/manual/mod/mod_session.html.en
+++ b/docs/manual/mod/mod_session.html.en
@@ -61,16 +61,7 @@
     environment variables and HTTP headers, as appropriate.</p>
 
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#session">Session</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#sessionenv">SessionEnv</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#sessionexclude">SessionExclude</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#sessionheader">SessionHeader</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#sessioninclude">SessionInclude</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#sessionmaxage">SessionMaxAge</a></li>
-</ul>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#whatisasession">What is a session?</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#whocanuseasession">Who can use a session?</a></li>
@@ -81,151 +72,22 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#cookieprivacy">Cookie Privacy</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#authentication">Session Support for Authentication</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#integration">Integrating Sessions with External Applications</a></li>
-</ul><h3>See also</h3>
+</ul><h3 class="directives">Directives</h3>
+<ul id="toc">
+<li><img alt="" src="../images/down.gif" /> <a href="#session">Session</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#sessionenv">SessionEnv</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#sessionexclude">SessionExclude</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#sessionheader">SessionHeader</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#sessioninclude">SessionInclude</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#sessionmaxage">SessionMaxAge</a></li>
+</ul>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_session_cookie.html">mod_session_cookie</a></code></li>
 <li><code class="module"><a href="../mod/mod_session_crypto.html">mod_session_crypto</a></code></li>
 <li><code class="module"><a href="../mod/mod_session_dbd.html">mod_session_dbd</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="Session" id="Session">Session</a> <a name="session" id="session">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enables a session for the current directory or location</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Session On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>Session Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_session</td></tr>
-</table>
-    <p>The <code class="directive">Session</code> directive enables a session for the
-    directory or location container. Further directives control where the
-    session will be stored and how privacy is maintained.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="SessionEnv" id="SessionEnv">SessionEnv</a> <a name="sessionenv" id="sessionenv">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Control whether the contents of the session are written to the
-<var>HTTP_SESSION</var> environment variable</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SessionEnv On|Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SessionEnv Off</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_session</td></tr>
-</table>
-    <p>If set to <var>On</var>, the <code class="directive">SessionEnv</code> directive
-    causes the contents of the session to be written to a CGI environment
-    variable called <var>HTTP_SESSION</var>.</p>
-
-    <p>The string is written in the URL query format, for example:</p>
-
-    <div class="example"><p><code>
-      <code>key1=foo&amp;key3=bar</code>
-    </code></p></div>
-
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="SessionExclude" id="SessionExclude">SessionExclude</a> <a name="sessionexclude" id="sessionexclude">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Define URL prefixes for which a session is ignored</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SessionExclude <var>path</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_session</td></tr>
-</table>
-    <p>The <code class="directive">SessionExclude</code> directive allows sessions to
-    be disabled relative to URL prefixes only. This can be used to make a
-    website more efficient, by targeting a more precise URL space for which
-    a session should be maintained. By default, all URLs within the directory
-    or location are included in the session. The
-    <code class="directive"><a href="#sessionexclude">SessionExclude</a></code> directive takes
-    precedence over the
-    <code class="directive"><a href="#sessioninclude">SessionInclude</a></code> directive.</p>
-
-    <div class="warning"><h3>Warning</h3>
-    <p>This directive has a similar purpose to the <var>path</var> attribute
-    in HTTP cookies, but should not be confused with this attribute. This
-    directive does not set the <var>path</var> attribute, which must be
-    configured separately.</p></div>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="SessionHeader" id="SessionHeader">SessionHeader</a> <a name="sessionheader" id="sessionheader">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Import session updates from a given HTTP response header</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SessionHeader <var>header</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_session</td></tr>
-</table>
-    <p>The <code class="directive">SessionHeader</code> directive defines the name of an
-    HTTP response header which, if present, will be parsed and written to the
-    current session.</p>
-
-    <p>The header value is expected to be in the URL query format, for example:</p>
-
-    <div class="example"><p><code>
-      <code>key1=foo&amp;key2=&amp;key3=bar</code>
-    </code></p></div>
-
-    <p>Where a key is set to the empty string, that key will be removed from the
-    session.</p>
-
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="SessionInclude" id="SessionInclude">SessionInclude</a> <a name="sessioninclude" id="sessioninclude">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Define URL prefixes for which a session is valid</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SessionInclude <var>path</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>all URLs</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_session</td></tr>
-</table>
-    <p>The <code class="directive">SessionInclude</code> directive allows sessions to
-    be made valid for specific URL prefixes only. This can be used to make a
-    website more efficient, by targeting a more precise URL space for which
-    a session should be maintained. By default, all URLs within the directory
-    or location are included in the session.</p>
-
-    <div class="warning"><h3>Warning</h3>
-    <p>This directive has a similar purpose to the <var>path</var> attribute
-    in HTTP cookies, but should not be confused with this attribute. This
-    directive does not set the <var>path</var> attribute, which must be
-    configured separately.</p></div>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="SessionMaxAge" id="SessionMaxAge">SessionMaxAge</a> <a name="sessionmaxage" id="sessionmaxage">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Define a maximum age in seconds for a session</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SessionMaxAge <var>maxage</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SessionMaxAge 0</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_session</td></tr>
-</table>
-    <p>The <code class="directive">SessionMaxAge</code> directive defines a time limit
-    for which a session will remain valid. When a session is saved, this time
-    limit is reset and an existing session can be continued. If a session
-    becomes older than this limit without a request to the server to refresh
-    the session, the session will time out and be removed. Where a session is
-    used to stored user login details, this has the effect of logging the user
-    out automatically after the given time.</p>
-
-    <p>Setting the maxage to zero disables session expiry.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="whatisasession" id="whatisasession">What is a session?</a></h2>
       <p>At the core of the session interface is a table of key and value pairs
@@ -481,6 +343,144 @@ AuthName realm
       </dl>
 
     </div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="Session" id="Session">Session</a> <a name="session" id="session">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enables a session for the current directory or location</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>Session On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>Session Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_session</td></tr>
+</table>
+    <p>The <code class="directive">Session</code> directive enables a session for the
+    directory or location container. Further directives control where the
+    session will be stored and how privacy is maintained.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="SessionEnv" id="SessionEnv">SessionEnv</a> <a name="sessionenv" id="sessionenv">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Control whether the contents of the session are written to the
+<var>HTTP_SESSION</var> environment variable</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SessionEnv On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SessionEnv Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_session</td></tr>
+</table>
+    <p>If set to <var>On</var>, the <code class="directive">SessionEnv</code> directive
+    causes the contents of the session to be written to a CGI environment
+    variable called <var>HTTP_SESSION</var>.</p>
+
+    <p>The string is written in the URL query format, for example:</p>
+
+    <div class="example"><p><code>
+      <code>key1=foo&amp;key3=bar</code>
+    </code></p></div>
+
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="SessionExclude" id="SessionExclude">SessionExclude</a> <a name="sessionexclude" id="sessionexclude">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Define URL prefixes for which a session is ignored</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SessionExclude <var>path</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_session</td></tr>
+</table>
+    <p>The <code class="directive">SessionExclude</code> directive allows sessions to
+    be disabled relative to URL prefixes only. This can be used to make a
+    website more efficient, by targeting a more precise URL space for which
+    a session should be maintained. By default, all URLs within the directory
+    or location are included in the session. The
+    <code class="directive"><a href="#sessionexclude">SessionExclude</a></code> directive takes
+    precedence over the
+    <code class="directive"><a href="#sessioninclude">SessionInclude</a></code> directive.</p>
+
+    <div class="warning"><h3>Warning</h3>
+    <p>This directive has a similar purpose to the <var>path</var> attribute
+    in HTTP cookies, but should not be confused with this attribute. This
+    directive does not set the <var>path</var> attribute, which must be
+    configured separately.</p></div>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="SessionHeader" id="SessionHeader">SessionHeader</a> <a name="sessionheader" id="sessionheader">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Import session updates from a given HTTP response header</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SessionHeader <var>header</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>none</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_session</td></tr>
+</table>
+    <p>The <code class="directive">SessionHeader</code> directive defines the name of an
+    HTTP response header which, if present, will be parsed and written to the
+    current session.</p>
+
+    <p>The header value is expected to be in the URL query format, for example:</p>
+
+    <div class="example"><p><code>
+      <code>key1=foo&amp;key2=&amp;key3=bar</code>
+    </code></p></div>
+
+    <p>Where a key is set to the empty string, that key will be removed from the
+    session.</p>
+
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="SessionInclude" id="SessionInclude">SessionInclude</a> <a name="sessioninclude" id="sessioninclude">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Define URL prefixes for which a session is valid</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SessionInclude <var>path</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>all URLs</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_session</td></tr>
+</table>
+    <p>The <code class="directive">SessionInclude</code> directive allows sessions to
+    be made valid for specific URL prefixes only. This can be used to make a
+    website more efficient, by targeting a more precise URL space for which
+    a session should be maintained. By default, all URLs within the directory
+    or location are included in the session.</p>
+
+    <div class="warning"><h3>Warning</h3>
+    <p>This directive has a similar purpose to the <var>path</var> attribute
+    in HTTP cookies, but should not be confused with this attribute. This
+    directive does not set the <var>path</var> attribute, which must be
+    configured separately.</p></div>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="SessionMaxAge" id="SessionMaxAge">SessionMaxAge</a> <a name="sessionmaxage" id="sessionmaxage">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Define a maximum age in seconds for a session</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SessionMaxAge <var>maxage</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>SessionMaxAge 0</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_session</td></tr>
+</table>
+    <p>The <code class="directive">SessionMaxAge</code> directive defines a time limit
+    for which a session will remain valid. When a session is saved, this time
+    limit is reset and an existing session can be continued. If a session
+    becomes older than this limit without a request to the server to refresh
+    the session, the session will time out and be removed. Where a session is
+    used to stored user login details, this has the effect of logging the user
+    out automatically after the given time.</p>
+
+    <p>Setting the maxage to zero disables session expiry.</p>
+
+</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_session.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_session_cookie.html.en b/docs/manual/mod/mod_session_cookie.html.en
index b638bff330..4894fbd98b 100644
--- a/docs/manual/mod/mod_session_cookie.html.en
+++ b/docs/manual/mod/mod_session_cookie.html.en
@@ -58,22 +58,41 @@
     the <code class="module"><a href="../mod/mod_session.html">mod_session</a></code> module.</p>
 
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#basicexamples">Basic Examples</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#sessioncookiename">SessionCookieName</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#sessioncookiename2">SessionCookieName2</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#sessioncookieremove">SessionCookieRemove</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#basicexamples">Basic Examples</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_session.html">mod_session</a></code></li>
 <li><code class="module"><a href="../mod/mod_session_crypto.html">mod_session_crypto</a></code></li>
 <li><code class="module"><a href="../mod/mod_session_dbd.html">mod_session_dbd</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="basicexamples" id="basicexamples">Basic Examples</a></h2>
+
+      <p>To create a simple session and store it in a cookie called
+      <var>session</var>, configure the session as follows:</p>
+
+      <div class="example"><h3>Browser based session</h3><pre class="prettyprint lang-config">Session On
+SessionCookieName session path=/</pre>
+</div>
+
+      <p>For more examples on how the session can be configured to be read
+      from and written to by a CGI application, see the
+      <code class="module"><a href="../mod/mod_session.html">mod_session</a></code> examples section.</p>
+
+      <p>For documentation on how the session can be used to store username
+      and password details, see the <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> module.</p>
+
+    </div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="SessionCookieName" id="SessionCookieName">SessionCookieName</a> <a name="sessioncookiename" id="sessioncookiename">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Name and attributes for the RFC2109 cookie storing the session</td></tr>
@@ -145,25 +164,6 @@ SessionCookieName2 session path=/private;domain=example.com;httponly;secure;vers
 
 
 </div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="basicexamples" id="basicexamples">Basic Examples</a></h2>
-
-      <p>To create a simple session and store it in a cookie called
-      <var>session</var>, configure the session as follows:</p>
-
-      <div class="example"><h3>Browser based session</h3><pre class="prettyprint lang-config">Session On
-SessionCookieName session path=/</pre>
-</div>
-
-      <p>For more examples on how the session can be configured to be read
-      from and written to by a CGI application, see the
-      <code class="module"><a href="../mod/mod_session.html">mod_session</a></code> examples section.</p>
-
-      <p>For documentation on how the session can be used to store username
-      and password details, see the <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> module.</p>
-
-    </div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_session_cookie.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_session_crypto.html.en b/docs/manual/mod/mod_session_crypto.html.en
index 2f46202e3c..4a4a7f59df 100644
--- a/docs/manual/mod/mod_session_crypto.html.en
+++ b/docs/manual/mod/mod_session_crypto.html.en
@@ -54,23 +54,46 @@
     the <code class="module"><a href="../mod/mod_session.html">mod_session</a></code> module.</p>
 
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#basicusage">Basic Usage</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#sessioncryptocipher">SessionCryptoCipher</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#sessioncryptodriver">SessionCryptoDriver</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#sessioncryptopassphrase">SessionCryptoPassphrase</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#sessioncryptopassphrasefile">SessionCryptoPassphraseFile</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#basicusage">Basic Usage</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_session.html">mod_session</a></code></li>
 <li><code class="module"><a href="../mod/mod_session_cookie.html">mod_session_cookie</a></code></li>
 <li><code class="module"><a href="../mod/mod_session_dbd.html">mod_session_dbd</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="basicusage" id="basicusage">Basic Usage</a></h2>
+
+      <p>To create a simple encrypted session and store it in a cookie called
+      <var>session</var>, configure the session as follows:</p>
+
+      <div class="example"><h3>Browser based encrypted session</h3><pre class="prettyprint lang-config">Session On
+SessionCookieName session path=/
+SessionCryptoPassphrase secret</pre>
+</div>
+
+      <p>The session will be encrypted with the given key. Different servers can
+      be configured to share sessions by ensuring the same encryption key is used
+      on each server.</p>
+
+      <p>If the encryption key is changed, sessions will be invalidated
+      automatically.</p>
+
+      <p>For documentation on how the session can be used to store username
+      and password details, see the <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> module.</p>
+
+    </div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="SessionCryptoCipher" id="SessionCryptoCipher">SessionCryptoCipher</a> <a name="sessioncryptocipher" id="sessioncryptocipher">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The crypto cipher to be used to encrypt the session</td></tr>
@@ -209,29 +232,6 @@ SessionCryptoPassphrase "exec:/path/to/otherProgram argument1"</pre></div>
 
 
 </div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="basicusage" id="basicusage">Basic Usage</a></h2>
-
-      <p>To create a simple encrypted session and store it in a cookie called
-      <var>session</var>, configure the session as follows:</p>
-
-      <div class="example"><h3>Browser based encrypted session</h3><pre class="prettyprint lang-config">Session On
-SessionCookieName session path=/
-SessionCryptoPassphrase secret</pre>
-</div>
-
-      <p>The session will be encrypted with the given key. Different servers can
-      be configured to share sessions by ensuring the same encryption key is used
-      on each server.</p>
-
-      <p>If the encryption key is changed, sessions will be invalidated
-      automatically.</p>
-
-      <p>For documentation on how the session can be used to store username
-      and password details, see the <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> module.</p>
-
-    </div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_session_crypto.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_session_dbd.html.en b/docs/manual/mod/mod_session_dbd.html.en
index 423112a049..8d7118644e 100644
--- a/docs/manual/mod/mod_session_dbd.html.en
+++ b/docs/manual/mod/mod_session_dbd.html.en
@@ -61,7 +61,13 @@
     the <code class="module"><a href="../mod/mod_session.html">mod_session</a></code> module.</p>
 
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#dbdconfig">DBD Configuration</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#anonymous">Anonymous Sessions</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#peruser">Per User Sessions</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#housekeeping">Database Housekeeping</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#sessiondbdcookiename">SessionDBDCookieName</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#sessiondbdcookiename2">SessionDBDCookieName2</a></li>
@@ -72,13 +78,7 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#sessiondbdselectlabel">SessionDBDSelectLabel</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#sessiondbdupdatelabel">SessionDBDUpdateLabel</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#dbdconfig">DBD Configuration</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#anonymous">Anonymous Sessions</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#peruser">Per User Sessions</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#housekeeping">Database Housekeeping</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="module"><a href="../mod/mod_session.html">mod_session</a></code></li>
 <li><code class="module"><a href="../mod/mod_session_crypto.html">mod_session_crypto</a></code></li>
@@ -86,6 +86,86 @@
 <li><code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="dbdconfig" id="dbdconfig">DBD Configuration</a></h2>
+
+      <p>Before the <code class="module"><a href="../mod/mod_session_dbd.html">mod_session_dbd</a></code> module can be configured to maintain a
+      session, the <code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code> module must be configured to make the various database queries
+      available to the server.</p>
+
+      <p>There are four queries required to keep a session maintained, to select an existing session,
+      to update an existing session, to insert a new session, and to delete an expired or empty
+      session. These queries are configured as per the example below.</p>
+
+      <div class="example"><h3>Sample DBD configuration</h3><pre class="prettyprint lang-config">DBDriver pgsql
+DBDParams "dbname=apachesession user=apache password=xxxxx host=localhost"
+DBDPrepareSQL "delete from session where key = %s" deletesession
+DBDPrepareSQL "update session set value = %s, expiry = %lld, key = %s where key = %s" updatesession
+DBDPrepareSQL "insert into session (value, expiry, key) values (%s, %lld, %s)" insertsession
+DBDPrepareSQL "select value from session where key = %s and (expiry = 0 or expiry &gt; %lld)" selectsession
+DBDPrepareSQL "delete from session where expiry != 0 and expiry &lt; %lld" cleansession</pre>
+</div>
+
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="anonymous" id="anonymous">Anonymous Sessions</a></h2>
+
+      <p>Anonymous sessions are keyed against a unique UUID, and stored on the
+      browser within an HTTP cookie. This method is similar to that used by most
+      application servers to store session information.</p>
+
+      <p>To create a simple anonymous session and store it in a postgres database
+      table called <var>apachesession</var>, and save the session ID in a cookie
+      called <var>session</var>, configure the session as follows:</p>
+
+      <div class="example"><h3>SQL based anonymous session</h3><pre class="prettyprint lang-config">Session On
+SessionDBDCookieName session path=/</pre>
+</div>
+
+      <p>For more examples on how the session can be configured to be read
+      from and written to by a CGI application, see the
+      <code class="module"><a href="../mod/mod_session.html">mod_session</a></code> examples section.</p>
+
+      <p>For documentation on how the session can be used to store username
+      and password details, see the <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> module.</p>
+
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="peruser" id="peruser">Per User Sessions</a></h2>
+
+      <p>Per user sessions are keyed against the username of a successfully
+      authenticated user. It offers the most privacy, as no external handle
+      to the session exists outside of the authenticated realm.</p>
+
+      <p>Per user sessions work within a correctly configured authenticated
+      environment, be that using basic authentication, digest authentication
+      or SSL client certificates. Due to the limitations of who came first,
+      the chicken or the egg, per user sessions cannot be used to store
+      authentication credentials from a module like
+      <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code>.</p>
+
+      <p>To create a simple per user session and store it in a postgres database
+      table called <var>apachesession</var>, and with the session keyed to the
+      userid, configure the session as follows:</p>
+
+      <div class="example"><h3>SQL based per user session</h3><pre class="prettyprint lang-config">Session On
+SessionDBDPerUser On</pre>
+</div>
+
+    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="housekeeping" id="housekeeping">Database Housekeeping</a></h2>
+      <p>Over the course of time, the database can be expected to start accumulating
+      expired sessions. At this point, the <code class="module"><a href="../mod/mod_session_dbd.html">mod_session_dbd</a></code> module
+      is not yet able to handle session expiry automatically.</p>
+
+      <div class="warning"><h3>Warning</h3>
+      <p>The administrator will need to set up an external process via cron to clean
+      out expired sessions.</p>
+      </div>
+
+    </div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="SessionDBDCookieName" id="SessionDBDCookieName">SessionDBDCookieName</a> <a name="sessiondbdcookiename" id="sessiondbdcookiename">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
@@ -244,86 +324,6 @@ SessionDBDCookieName2 session path=/private;domain=example.com;httponly;secure;v
 
 
 </div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="dbdconfig" id="dbdconfig">DBD Configuration</a></h2>
-
-      <p>Before the <code class="module"><a href="../mod/mod_session_dbd.html">mod_session_dbd</a></code> module can be configured to maintain a
-      session, the <code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code> module must be configured to make the various database queries
-      available to the server.</p>
-
-      <p>There are four queries required to keep a session maintained, to select an existing session,
-      to update an existing session, to insert a new session, and to delete an expired or empty
-      session. These queries are configured as per the example below.</p>
-
-      <div class="example"><h3>Sample DBD configuration</h3><pre class="prettyprint lang-config">DBDriver pgsql
-DBDParams "dbname=apachesession user=apache password=xxxxx host=localhost"
-DBDPrepareSQL "delete from session where key = %s" deletesession
-DBDPrepareSQL "update session set value = %s, expiry = %lld, key = %s where key = %s" updatesession
-DBDPrepareSQL "insert into session (value, expiry, key) values (%s, %lld, %s)" insertsession
-DBDPrepareSQL "select value from session where key = %s and (expiry = 0 or expiry &gt; %lld)" selectsession
-DBDPrepareSQL "delete from session where expiry != 0 and expiry &lt; %lld" cleansession</pre>
-</div>
-
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="anonymous" id="anonymous">Anonymous Sessions</a></h2>
-
-      <p>Anonymous sessions are keyed against a unique UUID, and stored on the
-      browser within an HTTP cookie. This method is similar to that used by most
-      application servers to store session information.</p>
-
-      <p>To create a simple anonymous session and store it in a postgres database
-      table called <var>apachesession</var>, and save the session ID in a cookie
-      called <var>session</var>, configure the session as follows:</p>
-
-      <div class="example"><h3>SQL based anonymous session</h3><pre class="prettyprint lang-config">Session On
-SessionDBDCookieName session path=/</pre>
-</div>
-
-      <p>For more examples on how the session can be configured to be read
-      from and written to by a CGI application, see the
-      <code class="module"><a href="../mod/mod_session.html">mod_session</a></code> examples section.</p>
-
-      <p>For documentation on how the session can be used to store username
-      and password details, see the <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> module.</p>
-
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="peruser" id="peruser">Per User Sessions</a></h2>
-
-      <p>Per user sessions are keyed against the username of a successfully
-      authenticated user. It offers the most privacy, as no external handle
-      to the session exists outside of the authenticated realm.</p>
-
-      <p>Per user sessions work within a correctly configured authenticated
-      environment, be that using basic authentication, digest authentication
-      or SSL client certificates. Due to the limitations of who came first,
-      the chicken or the egg, per user sessions cannot be used to store
-      authentication credentials from a module like
-      <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code>.</p>
-
-      <p>To create a simple per user session and store it in a postgres database
-      table called <var>apachesession</var>, and with the session keyed to the
-      userid, configure the session as follows:</p>
-
-      <div class="example"><h3>SQL based per user session</h3><pre class="prettyprint lang-config">Session On
-SessionDBDPerUser On</pre>
-</div>
-
-    </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="housekeeping" id="housekeeping">Database Housekeeping</a></h2>
-      <p>Over the course of time, the database can be expected to start accumulating
-      expired sessions. At this point, the <code class="module"><a href="../mod/mod_session_dbd.html">mod_session_dbd</a></code> module
-      is not yet able to handle session expiry automatically.</p>
-
-      <div class="warning"><h3>Warning</h3>
-      <p>The administrator will need to set up an external process via cron to clean
-      out expired sessions.</p>
-      </div>
-
-    </div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_session_dbd.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_setenvif.html.en b/docs/manual/mod/mod_setenvif.html.en
index 01391ea269..db944390a3 100644
--- a/docs/manual/mod/mod_setenvif.html.en
+++ b/docs/manual/mod/mod_setenvif.html.en
@@ -77,6 +77,7 @@ BrowserMatch MSIE !netscape</pre>
 <ul class="seealso">
 <li><a href="../env.html">Environment Variables in Apache HTTP Server</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="BrowserMatch" id="BrowserMatch">BrowserMatch</a> <a name="browsermatch" id="browsermatch">Directive</a></h2>
 <table class="directive">
@@ -321,7 +322,6 @@ without respect to case</td></tr>
     combination.</p>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_setenvif.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_so.html.en b/docs/manual/mod/mod_so.html.en
index 9c2db2cf16..b972af627f 100644
--- a/docs/manual/mod/mod_so.html.en
+++ b/docs/manual/mod/mod_so.html.en
@@ -57,62 +57,15 @@ Windows</td></tr></table>
     version.</p>
     </div>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#windows">Creating Loadable Modules for Windows</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#loadfile">LoadFile</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#loadmodule">LoadModule</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#windows">Creating Loadable Modules for Windows</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LoadFile" id="LoadFile">LoadFile</a> <a name="loadfile" id="loadfile">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Link in the named object file or library</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LoadFile <em>filename</em> [<em>filename</em>] ...</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_so</td></tr>
-</table>
-
-    <p>The LoadFile directive links in the named object files or
-    libraries when the server is started or restarted; this is used
-    to load additional code which may be required for some module
-    to work. <em>Filename</em> is either an absolute path or
-    relative to <a href="core.html#serverroot">ServerRoot</a>.</p>
-
-    <p>For example:</p>
-
-    <pre class="prettyprint lang-config">LoadFile libexec/libxmlparse.so</pre>
-
-
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="LoadModule" id="LoadModule">LoadModule</a> <a name="loadmodule" id="loadmodule">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Links in the object file or library, and adds to the list
-of active modules</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LoadModule <em>module filename</em></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_so</td></tr>
-</table>
-    <p>The LoadModule directive links in the object file or library
-    <em>filename</em> and adds the module structure named
-    <em>module</em> to the list of active modules. <em>Module</em>
-    is the name of the external variable of type
-    <code>module</code> in the file, and is listed as the <a href="module-dict.html#ModuleIdentifier">Module Identifier</a>
-    in the module documentation. Example:</p>
-
-    <pre class="prettyprint lang-config">LoadModule status_module modules/mod_status.so</pre>
-
-
-    <p>loads the named module from the modules subdirectory of the
-    ServerRoot.</p>
-
-</div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="windows" id="windows">Creating Loadable Modules for Windows</a></h2>
@@ -187,6 +140,53 @@ of active modules</td></tr>
     root, and use the <code class="directive">LoadModule</code>
     directive to load it.</p>
 
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LoadFile" id="LoadFile">LoadFile</a> <a name="loadfile" id="loadfile">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Link in the named object file or library</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LoadFile <em>filename</em> [<em>filename</em>] ...</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_so</td></tr>
+</table>
+
+    <p>The LoadFile directive links in the named object files or
+    libraries when the server is started or restarted; this is used
+    to load additional code which may be required for some module
+    to work. <em>Filename</em> is either an absolute path or
+    relative to <a href="core.html#serverroot">ServerRoot</a>.</p>
+
+    <p>For example:</p>
+
+    <pre class="prettyprint lang-config">LoadFile libexec/libxmlparse.so</pre>
+
+
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="LoadModule" id="LoadModule">LoadModule</a> <a name="loadmodule" id="loadmodule">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Links in the object file or library, and adds to the list
+of active modules</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LoadModule <em>module filename</em></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_so</td></tr>
+</table>
+    <p>The LoadModule directive links in the object file or library
+    <em>filename</em> and adds the module structure named
+    <em>module</em> to the list of active modules. <em>Module</em>
+    is the name of the external variable of type
+    <code>module</code> in the file, and is listed as the <a href="module-dict.html#ModuleIdentifier">Module Identifier</a>
+    in the module documentation. Example:</p>
+
+    <pre class="prettyprint lang-config">LoadModule status_module modules/mod_status.so</pre>
+
+
+    <p>loads the named module from the modules subdirectory of the
+    ServerRoot.</p>
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_speling.html.en b/docs/manual/mod/mod_speling.html.en
index 8b3836fc65..8c3451b695 100644
--- a/docs/manual/mod/mod_speling.html.en
+++ b/docs/manual/mod/mod_speling.html.en
@@ -72,6 +72,7 @@ misspellings.</td></tr>
 <li><img alt="" src="../images/down.gif" /> <a href="#checkspelling">CheckSpelling</a></li>
 </ul>
 <ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="CheckCaseOnly" id="CheckCaseOnly">CheckCaseOnly</a> <a name="checkcaseonly" id="checkcaseonly">Directive</a></h2>
 <table class="directive">
@@ -132,7 +133,6 @@ module</td></tr>
     </p>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_speling.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_ssl.html.en b/docs/manual/mod/mod_ssl.html.en
index 36482a7c8f..c239995299 100644
--- a/docs/manual/mod/mod_ssl.html.en
+++ b/docs/manual/mod/mod_ssl.html.en
@@ -43,7 +43,13 @@ to provide the cryptography engine.</p>
 <p>Further details, discussion, and examples are provided in the
 <a href="../ssl/">SSL documentation</a>.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#envvars">Environment Variables</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#logformats">Custom Log Formats</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#notes">Request Notes</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#authzproviders">Authorization providers for use with Require</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#sslcacertificatefile">SSLCACertificateFile</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#sslcacertificatepath">SSLCACertificatePath</a></li>
@@ -114,13 +120,202 @@ to provide the cryptography engine.</p>
 <li><img alt="" src="../images/down.gif" /> <a href="#sslverifyclient">SSLVerifyClient</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#sslverifydepth">SSLVerifyDepth</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#envvars">Environment Variables</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#logformats">Custom Log Formats</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#notes">Request Notes</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#authzproviders">Authorization providers for use with Require</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="envvars" id="envvars">Environment Variables</a></h2>
+
+<p>This module can be configured to provide several items of SSL information
+as additional environment variables to the SSI and CGI namespace. This
+information is not provided by default for performance reasons. (See
+<code class="directive">SSLOptions</code> StdEnvVars, below.) The generated variables
+are listed in the table below. For backward compatibility the information can
+be made available under different names, too. Look in the <a href="../ssl/ssl_compat.html">Compatibility</a> chapter for details on the
+compatibility variables.</p>
+
+<table class="bordered">
+
+<tr>
+ <th><a name="table3">Variable Name:</a></th>
+ <th>Value Type:</th>
+ <th>Description:</th>
+</tr>
+<tr><td><code>HTTPS</code></td>                         <td>flag</td>      <td>HTTPS is being used.</td></tr>
+<tr><td><code>SSL_PROTOCOL</code></td>                  <td>string</td>    <td>The SSL protocol version (SSLv3, TLSv1, TLSv1.1, TLSv1.2)</td></tr>
+<tr><td><code>SSL_SESSION_ID</code></td>                <td>string</td>    <td>The hex-encoded SSL session id</td></tr>
+<tr><td><code>SSL_SESSION_RESUMED</code></td>           <td>string</td>    <td>Initial or Resumed SSL Session.  Note: multiple requests may be served over the same (Initial or Resumed) SSL session if HTTP KeepAlive is in use</td></tr>
+<tr><td><code>SSL_SECURE_RENEG</code></td>              <td>string</td>    <td><code>true</code> if secure renegotiation is supported, else <code>false</code></td></tr>
+<tr><td><code>SSL_CIPHER</code></td>                    <td>string</td>    <td>The cipher specification name</td></tr>
+<tr><td><code>SSL_CIPHER_EXPORT</code></td>             <td>string</td>    <td><code>true</code> if cipher is an export cipher</td></tr>
+<tr><td><code>SSL_CIPHER_USEKEYSIZE</code></td>         <td>number</td>    <td>Number of cipher bits (actually used)</td></tr>
+<tr><td><code>SSL_CIPHER_ALGKEYSIZE</code></td>         <td>number</td>    <td>Number of cipher bits (possible)</td></tr>
+<tr><td><code>SSL_COMPRESS_METHOD</code></td>           <td>string</td>    <td>SSL compression method negotiated</td></tr>
+<tr><td><code>SSL_VERSION_INTERFACE</code></td>         <td>string</td>    <td>The mod_ssl program version</td></tr>
+<tr><td><code>SSL_VERSION_LIBRARY</code></td>           <td>string</td>    <td>The OpenSSL program version</td></tr>
+<tr><td><code>SSL_CLIENT_M_VERSION</code></td>          <td>string</td>    <td>The version of the client certificate</td></tr>
+<tr><td><code>SSL_CLIENT_M_SERIAL</code></td>           <td>string</td>    <td>The serial of the client certificate</td></tr>
+<tr><td><code>SSL_CLIENT_S_DN</code></td>               <td>string</td>    <td>Subject DN in client's certificate</td></tr>
+<tr><td><code>SSL_CLIENT_S_DN_</code><em>x509</em></td> <td>string</td>    <td>Component of client's Subject DN</td></tr>
+<tr><td><code>SSL_CLIENT_I_DN</code></td>               <td>string</td>    <td>Issuer DN of client's certificate</td></tr>
+<tr><td><code>SSL_CLIENT_I_DN_</code><em>x509</em></td> <td>string</td>    <td>Component of client's Issuer DN</td></tr>
+<tr><td><code>SSL_CLIENT_V_START</code></td>            <td>string</td>    <td>Validity of client's certificate (start time)</td></tr>
+<tr><td><code>SSL_CLIENT_V_END</code></td>              <td>string</td>    <td>Validity of client's certificate (end time)</td></tr>
+<tr><td><code>SSL_CLIENT_V_REMAIN</code></td>           <td>string</td>    <td>Number of days until client's certificate expires</td></tr>
+<tr><td><code>SSL_CLIENT_A_SIG</code></td>              <td>string</td>    <td>Algorithm used for the signature of client's certificate</td></tr>
+<tr><td><code>SSL_CLIENT_A_KEY</code></td>              <td>string</td>    <td>Algorithm used for the public key of client's certificate</td></tr>
+<tr><td><code>SSL_CLIENT_CERT</code></td>               <td>string</td>    <td>PEM-encoded client certificate</td></tr>
+<tr><td><code>SSL_CLIENT_CERT_CHAIN_</code><em>n</em></td> <td>string</td>    <td>PEM-encoded certificates in client certificate chain</td></tr>
+<tr><td><code>SSL_CLIENT_CERT_RFC4523_CEA</code></td>   <td>string</td>    <td>Serial number and issuer of the certificate. The format matches that of the CertificateExactAssertion in RFC4523</td></tr>
+<tr><td><code>SSL_CLIENT_VERIFY</code></td>             <td>string</td>    <td><code>NONE</code>, <code>SUCCESS</code>, <code>GENEROUS</code> or <code>FAILED:</code><em>reason</em></td></tr>
+<tr><td><code>SSL_SERVER_M_VERSION</code></td>          <td>string</td>    <td>The version of the server certificate</td></tr>
+<tr><td><code>SSL_SERVER_M_SERIAL</code></td>           <td>string</td>    <td>The serial of the server certificate</td></tr>
+<tr><td><code>SSL_SERVER_S_DN</code></td>               <td>string</td>    <td>Subject DN in server's certificate</td></tr>
+<tr><td><code>SSL_SERVER_S_DN_</code><em>x509</em></td> <td>string</td>    <td>Component of server's Subject DN</td></tr>
+<tr><td><code>SSL_SERVER_I_DN</code></td>               <td>string</td>    <td>Issuer DN of server's certificate</td></tr>
+<tr><td><code>SSL_SERVER_I_DN_</code><em>x509</em></td> <td>string</td>    <td>Component of server's Issuer DN</td></tr>
+<tr><td><code>SSL_SERVER_V_START</code></td>            <td>string</td>    <td>Validity of server's certificate (start time)</td></tr>
+<tr><td><code>SSL_SERVER_V_END</code></td>              <td>string</td>    <td>Validity of server's certificate (end time)</td></tr>
+<tr><td><code>SSL_SERVER_A_SIG</code></td>              <td>string</td>    <td>Algorithm used for the signature of server's certificate</td></tr>
+<tr><td><code>SSL_SERVER_A_KEY</code></td>              <td>string</td>    <td>Algorithm used for the public key of server's certificate</td></tr>
+<tr><td><code>SSL_SERVER_CERT</code></td>               <td>string</td>    <td>PEM-encoded server certificate</td></tr>
+<tr><td><code>SSL_SRP_USER</code></td>                  <td>string</td>    <td>SRP username</td></tr>
+<tr><td><code>SSL_SRP_USERINFO</code></td>              <td>string</td>    <td>SRP user info</td></tr>
+<tr><td><code>SSL_TLS_SNI</code></td>                   <td>string</td>    <td>Contents of the SNI TLS extension (if supplied with ClientHello)</td></tr>
+</table>
+
+<p><em>x509</em> specifies a component of an X.509 DN; one of
+<code>C,ST,L,O,OU,CN,T,I,G,S,D,UID,Email</code>.  In Apache 2.1 and
+later, <em>x509</em> may also include a numeric <code>_n</code>
+suffix.  If the DN in question contains multiple attributes of the
+same name, this suffix is used as a zero-based index to select a
+particular attribute.  For example, where the server certificate
+subject DN included two OU attributes, <code>SSL_SERVER_S_DN_OU_0</code>
+and
+<code>SSL_SERVER_S_DN_OU_1</code> could be used to reference each.  A
+variable name without a <code>_n</code> suffix is equivalent to that
+name with a <code>_0</code> suffix; the first (or only) attribute.
+When the environment table is populated using
+the <code>StdEnvVars</code> option of
+the <code class="directive"><a href="#ssloptions">SSLOptions</a></code> directive, the
+first (or only) attribute of any DN is added only under a non-suffixed
+name; i.e. no <code>_0</code> suffixed entries are added.</p>
+
+<p>The format of the <em>*_DN</em> variables has changed in Apache HTTPD
+2.3.11. See the <code>LegacyDNStringFormat</code> option for
+<code class="directive"><a href="#ssloptions">SSLOptions</a></code> for details.</p>
+
+<p><code>SSL_CLIENT_V_REMAIN</code> is only available in version 2.1
+and later.</p>
+
+<p>A number of additional environment variables can also be used
+in <code class="directive">SSLRequire</code> expressions, or in custom log
+formats:</p>
+
+<div class="note"><pre>HTTP_USER_AGENT        PATH_INFO             AUTH_TYPE
+HTTP_REFERER           QUERY_STRING          SERVER_SOFTWARE
+HTTP_COOKIE            REMOTE_HOST           API_VERSION
+HTTP_FORWARDED         REMOTE_IDENT          TIME_YEAR
+HTTP_HOST              IS_SUBREQ             TIME_MON
+HTTP_PROXY_CONNECTION  DOCUMENT_ROOT         TIME_DAY
+HTTP_ACCEPT            SERVER_ADMIN          TIME_HOUR
+THE_REQUEST            SERVER_NAME           TIME_MIN
+REQUEST_FILENAME       SERVER_PORT           TIME_SEC
+REQUEST_METHOD         SERVER_PROTOCOL       TIME_WDAY
+REQUEST_SCHEME         REMOTE_ADDR           TIME
+REQUEST_URI            REMOTE_USER</pre></div>
+
+<p>In these contexts, two special formats can also be used:</p>
+
+<dl>
+  <dt><code>ENV:<em>variablename</em></code></dt>
+  <dd>This will expand to the standard environment
+  variable <em>variablename</em>.</dd>
+
+  <dt><code>HTTP:<em>headername</em></code></dt>
+  <dd>This will expand to the value of the request header with name
+  <em>headername</em>.</dd>
+</dl>
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="logformats" id="logformats">Custom Log Formats</a></h2>
+
+<p>When <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> is built into Apache or at least
+loaded (under DSO situation) additional functions exist for the <a href="mod_log_config.html#formats">Custom Log Format</a> of
+<code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code>. First there is an
+additional ``<code>%{</code><em>varname</em><code>}x</code>''
+eXtension format function which can be used to expand any variables
+provided by any module, especially those provided by mod_ssl which can
+you find in the above table.</p>
+<p>
+For backward compatibility there is additionally a special
+``<code>%{</code><em>name</em><code>}c</code>'' cryptography format function
+provided. Information about this function is provided in the <a href="../ssl/ssl_compat.html">Compatibility</a> chapter.</p>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">CustomLog "logs/ssl_request_log" "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"</pre>
+</div>
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="notes" id="notes">Request Notes</a></h2>
+
+<p><code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> sets "notes" for the request which can be
+used in logging with the <code>%{<em>name</em>}n</code> format
+string in <code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code>.</p>
+
+<p>The notes supported are as follows:</p>
+
+<dl>
+  <dt><code>ssl-access-forbidden</code></dt>
+  <dd>This note is set to the value <code>1</code> if access was
+  denied due to an <code class="directive">SSLRequire</code>
+  or <code class="directive">SSLRequireSSL</code> directive.</dd>
+
+  <dt><code>ssl-secure-reneg</code></dt>
+  <dd>If <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> is built against a version of
+  OpenSSL which supports the secure renegotiation extension, this note
+  is set to the value <code>1</code> if SSL is in used for the current
+  connection, and the client also supports the secure renegotiation
+  extension.  If the client does not support the secure renegotiation
+  extension, the note is set to the value <code>0</code>.
+  If <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> is not built against a version of
+  OpenSSL which supports secure renegotiation, or if SSL is not in use
+  for the current connection, the note is not set.</dd>
+</dl>
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="authzproviders" id="authzproviders">Authorization providers for use with Require</a></h2>
+
+  <p><code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> provides a few authentication providers for use
+  with <code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code>'s
+  <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> directive.</p>
+
+  <h3><a name="reqssl" id="reqssl">Require ssl</a></h3>
+
+    <p>The <code>ssl</code> provider denies access if a connection is not
+       encrypted with SSL. This is similar to the
+       <code class="directive">SSLRequireSSL</code> directive.</p>
+
+    <pre class="prettyprint lang-config">Require ssl</pre>
+
+
+  
+
+  <h3><a name="reqverifyclient" id="reqverifyclient">Require ssl-verify-client</a></h3>
+
+    <p>The <code>ssl</code> provider allows access if the user is
+       authenticated with a valid client certificate. This is only
+       useful if <code>SSLVerifyClient optional</code> is in effect.</p>
+
+    <p>The following example grants access if the user is authenticated
+       either with a client certificate or by username and password.</p>
+
+    <pre class="prettyprint lang-config">      Require ssl-verify-client<br />
+      Require valid-user</pre>
+
+
+  
+
+</div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="SSLCACertificateFile" id="SSLCACertificateFile">SSLCACertificateFile</a> <a name="sslcacertificatefile" id="sslcacertificatefile">Directive</a></h2>
 <table class="directive">
@@ -2364,201 +2559,6 @@ known to the server (i.e. the CA's certificate is under
 <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLVerifyDepth 10</pre>
 </div>
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="envvars" id="envvars">Environment Variables</a></h2>
-
-<p>This module can be configured to provide several items of SSL information
-as additional environment variables to the SSI and CGI namespace. This
-information is not provided by default for performance reasons. (See
-<code class="directive">SSLOptions</code> StdEnvVars, below.) The generated variables
-are listed in the table below. For backward compatibility the information can
-be made available under different names, too. Look in the <a href="../ssl/ssl_compat.html">Compatibility</a> chapter for details on the
-compatibility variables.</p>
-
-<table class="bordered">
-
-<tr>
- <th><a name="table3">Variable Name:</a></th>
- <th>Value Type:</th>
- <th>Description:</th>
-</tr>
-<tr><td><code>HTTPS</code></td>                         <td>flag</td>      <td>HTTPS is being used.</td></tr>
-<tr><td><code>SSL_PROTOCOL</code></td>                  <td>string</td>    <td>The SSL protocol version (SSLv3, TLSv1, TLSv1.1, TLSv1.2)</td></tr>
-<tr><td><code>SSL_SESSION_ID</code></td>                <td>string</td>    <td>The hex-encoded SSL session id</td></tr>
-<tr><td><code>SSL_SESSION_RESUMED</code></td>           <td>string</td>    <td>Initial or Resumed SSL Session.  Note: multiple requests may be served over the same (Initial or Resumed) SSL session if HTTP KeepAlive is in use</td></tr>
-<tr><td><code>SSL_SECURE_RENEG</code></td>              <td>string</td>    <td><code>true</code> if secure renegotiation is supported, else <code>false</code></td></tr>
-<tr><td><code>SSL_CIPHER</code></td>                    <td>string</td>    <td>The cipher specification name</td></tr>
-<tr><td><code>SSL_CIPHER_EXPORT</code></td>             <td>string</td>    <td><code>true</code> if cipher is an export cipher</td></tr>
-<tr><td><code>SSL_CIPHER_USEKEYSIZE</code></td>         <td>number</td>    <td>Number of cipher bits (actually used)</td></tr>
-<tr><td><code>SSL_CIPHER_ALGKEYSIZE</code></td>         <td>number</td>    <td>Number of cipher bits (possible)</td></tr>
-<tr><td><code>SSL_COMPRESS_METHOD</code></td>           <td>string</td>    <td>SSL compression method negotiated</td></tr>
-<tr><td><code>SSL_VERSION_INTERFACE</code></td>         <td>string</td>    <td>The mod_ssl program version</td></tr>
-<tr><td><code>SSL_VERSION_LIBRARY</code></td>           <td>string</td>    <td>The OpenSSL program version</td></tr>
-<tr><td><code>SSL_CLIENT_M_VERSION</code></td>          <td>string</td>    <td>The version of the client certificate</td></tr>
-<tr><td><code>SSL_CLIENT_M_SERIAL</code></td>           <td>string</td>    <td>The serial of the client certificate</td></tr>
-<tr><td><code>SSL_CLIENT_S_DN</code></td>               <td>string</td>    <td>Subject DN in client's certificate</td></tr>
-<tr><td><code>SSL_CLIENT_S_DN_</code><em>x509</em></td> <td>string</td>    <td>Component of client's Subject DN</td></tr>
-<tr><td><code>SSL_CLIENT_I_DN</code></td>               <td>string</td>    <td>Issuer DN of client's certificate</td></tr>
-<tr><td><code>SSL_CLIENT_I_DN_</code><em>x509</em></td> <td>string</td>    <td>Component of client's Issuer DN</td></tr>
-<tr><td><code>SSL_CLIENT_V_START</code></td>            <td>string</td>    <td>Validity of client's certificate (start time)</td></tr>
-<tr><td><code>SSL_CLIENT_V_END</code></td>              <td>string</td>    <td>Validity of client's certificate (end time)</td></tr>
-<tr><td><code>SSL_CLIENT_V_REMAIN</code></td>           <td>string</td>    <td>Number of days until client's certificate expires</td></tr>
-<tr><td><code>SSL_CLIENT_A_SIG</code></td>              <td>string</td>    <td>Algorithm used for the signature of client's certificate</td></tr>
-<tr><td><code>SSL_CLIENT_A_KEY</code></td>              <td>string</td>    <td>Algorithm used for the public key of client's certificate</td></tr>
-<tr><td><code>SSL_CLIENT_CERT</code></td>               <td>string</td>    <td>PEM-encoded client certificate</td></tr>
-<tr><td><code>SSL_CLIENT_CERT_CHAIN_</code><em>n</em></td> <td>string</td>    <td>PEM-encoded certificates in client certificate chain</td></tr>
-<tr><td><code>SSL_CLIENT_CERT_RFC4523_CEA</code></td>   <td>string</td>    <td>Serial number and issuer of the certificate. The format matches that of the CertificateExactAssertion in RFC4523</td></tr>
-<tr><td><code>SSL_CLIENT_VERIFY</code></td>             <td>string</td>    <td><code>NONE</code>, <code>SUCCESS</code>, <code>GENEROUS</code> or <code>FAILED:</code><em>reason</em></td></tr>
-<tr><td><code>SSL_SERVER_M_VERSION</code></td>          <td>string</td>    <td>The version of the server certificate</td></tr>
-<tr><td><code>SSL_SERVER_M_SERIAL</code></td>           <td>string</td>    <td>The serial of the server certificate</td></tr>
-<tr><td><code>SSL_SERVER_S_DN</code></td>               <td>string</td>    <td>Subject DN in server's certificate</td></tr>
-<tr><td><code>SSL_SERVER_S_DN_</code><em>x509</em></td> <td>string</td>    <td>Component of server's Subject DN</td></tr>
-<tr><td><code>SSL_SERVER_I_DN</code></td>               <td>string</td>    <td>Issuer DN of server's certificate</td></tr>
-<tr><td><code>SSL_SERVER_I_DN_</code><em>x509</em></td> <td>string</td>    <td>Component of server's Issuer DN</td></tr>
-<tr><td><code>SSL_SERVER_V_START</code></td>            <td>string</td>    <td>Validity of server's certificate (start time)</td></tr>
-<tr><td><code>SSL_SERVER_V_END</code></td>              <td>string</td>    <td>Validity of server's certificate (end time)</td></tr>
-<tr><td><code>SSL_SERVER_A_SIG</code></td>              <td>string</td>    <td>Algorithm used for the signature of server's certificate</td></tr>
-<tr><td><code>SSL_SERVER_A_KEY</code></td>              <td>string</td>    <td>Algorithm used for the public key of server's certificate</td></tr>
-<tr><td><code>SSL_SERVER_CERT</code></td>               <td>string</td>    <td>PEM-encoded server certificate</td></tr>
-<tr><td><code>SSL_SRP_USER</code></td>                  <td>string</td>    <td>SRP username</td></tr>
-<tr><td><code>SSL_SRP_USERINFO</code></td>              <td>string</td>    <td>SRP user info</td></tr>
-<tr><td><code>SSL_TLS_SNI</code></td>                   <td>string</td>    <td>Contents of the SNI TLS extension (if supplied with ClientHello)</td></tr>
-</table>
-
-<p><em>x509</em> specifies a component of an X.509 DN; one of
-<code>C,ST,L,O,OU,CN,T,I,G,S,D,UID,Email</code>.  In Apache 2.1 and
-later, <em>x509</em> may also include a numeric <code>_n</code>
-suffix.  If the DN in question contains multiple attributes of the
-same name, this suffix is used as a zero-based index to select a
-particular attribute.  For example, where the server certificate
-subject DN included two OU attributes, <code>SSL_SERVER_S_DN_OU_0</code>
-and
-<code>SSL_SERVER_S_DN_OU_1</code> could be used to reference each.  A
-variable name without a <code>_n</code> suffix is equivalent to that
-name with a <code>_0</code> suffix; the first (or only) attribute.
-When the environment table is populated using
-the <code>StdEnvVars</code> option of
-the <code class="directive"><a href="#ssloptions">SSLOptions</a></code> directive, the
-first (or only) attribute of any DN is added only under a non-suffixed
-name; i.e. no <code>_0</code> suffixed entries are added.</p>
-
-<p>The format of the <em>*_DN</em> variables has changed in Apache HTTPD
-2.3.11. See the <code>LegacyDNStringFormat</code> option for
-<code class="directive"><a href="#ssloptions">SSLOptions</a></code> for details.</p>
-
-<p><code>SSL_CLIENT_V_REMAIN</code> is only available in version 2.1
-and later.</p>
-
-<p>A number of additional environment variables can also be used
-in <code class="directive">SSLRequire</code> expressions, or in custom log
-formats:</p>
-
-<div class="note"><pre>HTTP_USER_AGENT        PATH_INFO             AUTH_TYPE
-HTTP_REFERER           QUERY_STRING          SERVER_SOFTWARE
-HTTP_COOKIE            REMOTE_HOST           API_VERSION
-HTTP_FORWARDED         REMOTE_IDENT          TIME_YEAR
-HTTP_HOST              IS_SUBREQ             TIME_MON
-HTTP_PROXY_CONNECTION  DOCUMENT_ROOT         TIME_DAY
-HTTP_ACCEPT            SERVER_ADMIN          TIME_HOUR
-THE_REQUEST            SERVER_NAME           TIME_MIN
-REQUEST_FILENAME       SERVER_PORT           TIME_SEC
-REQUEST_METHOD         SERVER_PROTOCOL       TIME_WDAY
-REQUEST_SCHEME         REMOTE_ADDR           TIME
-REQUEST_URI            REMOTE_USER</pre></div>
-
-<p>In these contexts, two special formats can also be used:</p>
-
-<dl>
-  <dt><code>ENV:<em>variablename</em></code></dt>
-  <dd>This will expand to the standard environment
-  variable <em>variablename</em>.</dd>
-
-  <dt><code>HTTP:<em>headername</em></code></dt>
-  <dd>This will expand to the value of the request header with name
-  <em>headername</em>.</dd>
-</dl>
-
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="logformats" id="logformats">Custom Log Formats</a></h2>
-
-<p>When <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> is built into Apache or at least
-loaded (under DSO situation) additional functions exist for the <a href="mod_log_config.html#formats">Custom Log Format</a> of
-<code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code>. First there is an
-additional ``<code>%{</code><em>varname</em><code>}x</code>''
-eXtension format function which can be used to expand any variables
-provided by any module, especially those provided by mod_ssl which can
-you find in the above table.</p>
-<p>
-For backward compatibility there is additionally a special
-``<code>%{</code><em>name</em><code>}c</code>'' cryptography format function
-provided. Information about this function is provided in the <a href="../ssl/ssl_compat.html">Compatibility</a> chapter.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">CustomLog "logs/ssl_request_log" "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"</pre>
-</div>
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="notes" id="notes">Request Notes</a></h2>
-
-<p><code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> sets "notes" for the request which can be
-used in logging with the <code>%{<em>name</em>}n</code> format
-string in <code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code>.</p>
-
-<p>The notes supported are as follows:</p>
-
-<dl>
-  <dt><code>ssl-access-forbidden</code></dt>
-  <dd>This note is set to the value <code>1</code> if access was
-  denied due to an <code class="directive">SSLRequire</code>
-  or <code class="directive">SSLRequireSSL</code> directive.</dd>
-
-  <dt><code>ssl-secure-reneg</code></dt>
-  <dd>If <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> is built against a version of
-  OpenSSL which supports the secure renegotiation extension, this note
-  is set to the value <code>1</code> if SSL is in used for the current
-  connection, and the client also supports the secure renegotiation
-  extension.  If the client does not support the secure renegotiation
-  extension, the note is set to the value <code>0</code>.
-  If <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> is not built against a version of
-  OpenSSL which supports secure renegotiation, or if SSL is not in use
-  for the current connection, the note is not set.</dd>
-</dl>
-
-</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="authzproviders" id="authzproviders">Authorization providers for use with Require</a></h2>
-
-  <p><code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> provides a few authentication providers for use
-  with <code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code>'s
-  <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> directive.</p>
-
-  <h3><a name="reqssl" id="reqssl">Require ssl</a></h3>
-
-    <p>The <code>ssl</code> provider denies access if a connection is not
-       encrypted with SSL. This is similar to the
-       <code class="directive">SSLRequireSSL</code> directive.</p>
-
-    <pre class="prettyprint lang-config">Require ssl</pre>
-
-
-  
-
-  <h3><a name="reqverifyclient" id="reqverifyclient">Require ssl-verify-client</a></h3>
-
-    <p>The <code>ssl</code> provider allows access if the user is
-       authenticated with a valid client certificate. This is only
-       useful if <code>SSLVerifyClient optional</code> is in effect.</p>
-
-    <p>The following example grants access if the user is authenticated
-       either with a client certificate or by username and password.</p>
-
-    <pre class="prettyprint lang-config">      Require ssl-verify-client<br />
-      Require valid-user</pre>
-
-
-  
-
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_status.html.en b/docs/manual/mod/mod_status.html.en
index b2dcc99c2e..3ded10fe33 100644
--- a/docs/manual/mod/mod_status.html.en
+++ b/docs/manual/mod/mod_status.html.en
@@ -76,16 +76,16 @@ performance</td></tr>
     toggle <code class="directive"><a href="../mod/core.html#extendedstatus">ExtendedStatus</a></code> On
     by default.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<p>This module provides no
-            directives.</p>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#enable">Enabling Status Support</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#autoupdate">Automatic Updates</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#machinereadable">Machine Readable Status File</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#troubleshoot">Using server-status to troubleshoot</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+</ul><h3 class="directives">Directives</h3>
+<p>This module provides no
+            directives.</p>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="enable" id="enable">Enabling Status Support</a></h2>
diff --git a/docs/manual/mod/mod_substitute.html.en b/docs/manual/mod/mod_substitute.html.en
index ad377ed3b4..79b4d3b7c6 100644
--- a/docs/manual/mod/mod_substitute.html.en
+++ b/docs/manual/mod/mod_substitute.html.en
@@ -44,6 +44,7 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#substitutemaxlinelength">SubstituteMaxLineLength</a></li>
 </ul>
 <ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="Substitute" id="Substitute">Substitute</a> <a name="substitute" id="substitute">Directive</a></h2>
 <table class="directive">
@@ -157,7 +158,6 @@ Substitute "s|http://internal.blog.example.com/|http://www.example.com/blog/|i"<
 
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_substitute.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_suexec.html.en b/docs/manual/mod/mod_suexec.html.en
index 59033112a3..1638989b76 100644
--- a/docs/manual/mod/mod_suexec.html.en
+++ b/docs/manual/mod/mod_suexec.html.en
@@ -48,6 +48,7 @@ and Group</td></tr>
 <ul class="seealso">
 <li><a href="../suexec.html">SuEXEC support</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="SuexecUserGroup" id="SuexecUserGroup">SuexecUserGroup</a> <a name="suexecusergroup" id="suexecusergroup">Directive</a></h2>
 <table class="directive">
@@ -72,7 +73,6 @@ and Group</td></tr>
 <li><code class="directive"><a href="../mod/mod_unixd.html#suexec">Suexec</a></code></li>
 </ul>
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_suexec.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_unique_id.html.en b/docs/manual/mod/mod_unique_id.html.en
index 1165f1f3e1..b2c71fd85d 100644
--- a/docs/manual/mod/mod_unique_id.html.en
+++ b/docs/manual/mod/mod_unique_id.html.en
@@ -46,13 +46,13 @@ identifier for each request</td></tr>
     useful for various reasons which are beyond the scope of this
     document.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<p>This module provides no
-            directives.</p>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#theory">Theory</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+</ul><h3 class="directives">Directives</h3>
+<p>This module provides no
+            directives.</p>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="theory" id="theory">Theory</a></h2>
diff --git a/docs/manual/mod/mod_unixd.html.en b/docs/manual/mod/mod_unixd.html.en
index c1f5d71110..ebfd44de71 100644
--- a/docs/manual/mod/mod_unixd.html.en
+++ b/docs/manual/mod/mod_unixd.html.en
@@ -44,6 +44,7 @@
 <ul class="seealso">
 <li><a href="../suexec.html">suEXEC support</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="ChrootDir" id="ChrootDir">ChrootDir</a> <a name="chrootdir" id="chrootdir">Directive</a></h2>
 <table class="directive">
@@ -176,7 +177,6 @@ requests</td></tr>
 <li><code class="directive"><a href="../mod/mod_suexec.html#suexecusergroup">SuexecUserGroup</a></code></li>
 </ul>
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_unixd.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_userdir.html.en b/docs/manual/mod/mod_userdir.html.en
index 0650f87957..5e1bec00ea 100644
--- a/docs/manual/mod/mod_userdir.html.en
+++ b/docs/manual/mod/mod_userdir.html.en
@@ -50,6 +50,7 @@ Filesystem</a></li>
 <li><a href="../howto/public_html.html">public_html
 tutorial</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="UserDir" id="UserDir">UserDir</a> <a name="userdir" id="userdir">Directive</a></h2>
 <table class="directive">
@@ -178,7 +179,6 @@ UserDir enabled user1 user2 user3</pre>
 </li>
 </ul>
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_userdir.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_usertrack.html.en b/docs/manual/mod/mod_usertrack.html.en
index b29cc71a15..446cec37b1 100644
--- a/docs/manual/mod/mod_usertrack.html.en
+++ b/docs/manual/mod/mod_usertrack.html.en
@@ -38,7 +38,10 @@
     <p>Provides tracking of a user through your website via browser
     cookies.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#logging">Logging</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#cookiedomain">CookieDomain</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#cookieexpires">CookieExpires</a></li>
@@ -46,10 +49,20 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#cookiestyle">CookieStyle</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#cookietracking">CookieTracking</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#logging">Logging</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="logging" id="logging">Logging</a></h2>
+
+
+    <p><code class="module"><a href="../mod/mod_usertrack.html">mod_usertrack</a></code> sets a cookie which can be logged
+    via <code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code> configurable logging formats:</p>
+
+    <pre class="prettyprint lang-config">LogFormat "%{Apache}n %r %t" usertrack
+CustomLog logs/clickstream.log usertrack</pre>
+
+
+</div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="CookieDomain" id="CookieDomain">CookieDomain</a> <a name="cookiedomain" id="cookiedomain">Directive</a></h2>
 <table class="directive">
@@ -194,19 +207,6 @@
 
 
 
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="logging" id="logging">Logging</a></h2>
-
-
-    <p><code class="module"><a href="../mod/mod_usertrack.html">mod_usertrack</a></code> sets a cookie which can be logged
-    via <code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code> configurable logging formats:</p>
-
-    <pre class="prettyprint lang-config">LogFormat "%{Apache}n %r %t" usertrack
-CustomLog logs/clickstream.log usertrack</pre>
-
-
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_version.html.en b/docs/manual/mod/mod_version.html.en
index 8b447c4f09..7201574133 100644
--- a/docs/manual/mod/mod_version.html.en
+++ b/docs/manual/mod/mod_version.html.en
@@ -56,6 +56,7 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#ifversion">&lt;IfVersion&gt;</a></li>
 </ul>
 <ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="IfVersion" id="IfVersion">&lt;IfVersion&gt;</a> <a name="ifversion" id="ifversion">Directive</a></h2>
 <table class="directive">
@@ -127,7 +128,6 @@
     <code>=</code>.</p>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_version.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/mod_vhost_alias.html.en b/docs/manual/mod/mod_vhost_alias.html.en
index cb1baed83b..4ac329806a 100644
--- a/docs/manual/mod/mod_vhost_alias.html.en
+++ b/docs/manual/mod/mod_vhost_alias.html.en
@@ -54,114 +54,24 @@ VirtualScriptAlias "/never/found/%0/cgi-bin/"</pre>
 
     </div>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#interpol">Directory Name Interpolation</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/down.gif" /> <a href="#virtualdocumentroot">VirtualDocumentRoot</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#virtualdocumentrootip">VirtualDocumentRootIP</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#virtualscriptalias">VirtualScriptAlias</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#virtualscriptaliasip">VirtualScriptAliasIP</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#interpol">Directory Name Interpolation</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#examples">Examples</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><code class="directive"><a href="../mod/core.html#usecanonicalname">UseCanonicalName</a></code></li>
 <li><a href="../vhosts/mass.html">Dynamically configured mass
     virtual hosting</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="VirtualDocumentRoot" id="VirtualDocumentRoot">VirtualDocumentRoot</a> <a name="virtualdocumentroot" id="virtualdocumentroot">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Dynamically configure the location of the document root
-for a given virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>VirtualDocumentRoot <em>interpolated-directory</em>|none</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>VirtualDocumentRoot none</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_vhost_alias</td></tr>
-</table>
-
-    <p>The <code class="directive">VirtualDocumentRoot</code> directive allows you to
-    determine where Apache HTTP Server will find your documents based on the
-    value of the server name. The result of expanding
-    <em>interpolated-directory</em> is used as the root of the
-    document tree in a similar manner to the <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> directive's argument.
-    If <em>interpolated-directory</em> is <code>none</code> then
-    <code class="directive">VirtualDocumentRoot</code> is turned off. This directive
-    cannot be used in the same context as <code class="directive"><a href="#virtualdocumentrootip">VirtualDocumentRootIP</a></code>.</p>
-
-<div class="warning"><h3>Note</h3>
-<code class="directive">VirtualDocumentRoot</code> will override any <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> directives you may have put in the same 
-context or child contexts. Putting a <code class="directive">VirtualDocumentRoot</code> 
-in the global server scope will effectively override <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> directives in any virtual hosts defined later 
-on, unless you set <code class="directive">VirtualDocumentRoot</code> to <code>None</code> 
-in each virtual host.
-</div>
-
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="VirtualDocumentRootIP" id="VirtualDocumentRootIP">VirtualDocumentRootIP</a> <a name="virtualdocumentrootip" id="virtualdocumentrootip">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Dynamically configure the location of the document root
-for a given virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>VirtualDocumentRootIP <em>interpolated-directory</em>|none</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>VirtualDocumentRootIP none</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_vhost_alias</td></tr>
-</table>
-
-<p>The <code class="directive">VirtualDocumentRootIP</code> directive is like the
-    <code class="directive"><a href="#virtualdocumentroot">VirtualDocumentRoot</a></code>
-    directive, except that it uses the IP address of the server end
-    of the connection for directory interpolation instead of the server
-    name.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="VirtualScriptAlias" id="VirtualScriptAlias">VirtualScriptAlias</a> <a name="virtualscriptalias" id="virtualscriptalias">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Dynamically configure the location of the CGI directory for
-a given virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>VirtualScriptAlias <em>interpolated-directory</em>|none</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>VirtualScriptAlias none</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_vhost_alias</td></tr>
-</table>
-
-    <p>The <code class="directive">VirtualScriptAlias</code> directive allows you to
-    determine where Apache httpd will find CGI scripts in a similar
-    manner to <code class="directive"><a href="#virtualdocumentroot">VirtualDocumentRoot</a></code> does for other documents. It matches
-    requests for URIs starting <code>/cgi-bin/</code>, much like <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code>
-    <code>/cgi-bin/</code> would.</p>
-
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="VirtualScriptAliasIP" id="VirtualScriptAliasIP">VirtualScriptAliasIP</a> <a name="virtualscriptaliasip" id="virtualscriptaliasip">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Dynamically configure the location of the CGI directory for
-a given virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>VirtualScriptAliasIP <em>interpolated-directory</em>|none</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>VirtualScriptAliasIP none</code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_vhost_alias</td></tr>
-</table>
-
-    <p>The <code class="directive">VirtualScriptAliasIP</code> directive is like the
-    <code class="directive"><a href="#virtualscriptalias">VirtualScriptAlias</a></code>
-    directive, except that it uses the IP address of the server end
-    of the connection for directory interpolation instead of the server
-    name.</p>
-
-    
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="interpol" id="interpol">Directory Name Interpolation</a></h2>
     
@@ -326,6 +236,96 @@ VirtualScriptAliasIP  "/usr/local/apache/vhosts/%1/%2/%3/%4/cgi-bin"</pre>
     <p>The <code class="directive"><a href="../mod/mod_log_config.html#logformat">LogFormat</a></code>
     directives <code>%V</code> and <code>%A</code> are useful
     in conjunction with this module.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="VirtualDocumentRoot" id="VirtualDocumentRoot">VirtualDocumentRoot</a> <a name="virtualdocumentroot" id="virtualdocumentroot">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Dynamically configure the location of the document root
+for a given virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>VirtualDocumentRoot <em>interpolated-directory</em>|none</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>VirtualDocumentRoot none</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_vhost_alias</td></tr>
+</table>
+
+    <p>The <code class="directive">VirtualDocumentRoot</code> directive allows you to
+    determine where Apache HTTP Server will find your documents based on the
+    value of the server name. The result of expanding
+    <em>interpolated-directory</em> is used as the root of the
+    document tree in a similar manner to the <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> directive's argument.
+    If <em>interpolated-directory</em> is <code>none</code> then
+    <code class="directive">VirtualDocumentRoot</code> is turned off. This directive
+    cannot be used in the same context as <code class="directive"><a href="#virtualdocumentrootip">VirtualDocumentRootIP</a></code>.</p>
+
+<div class="warning"><h3>Note</h3>
+<code class="directive">VirtualDocumentRoot</code> will override any <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> directives you may have put in the same 
+context or child contexts. Putting a <code class="directive">VirtualDocumentRoot</code> 
+in the global server scope will effectively override <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> directives in any virtual hosts defined later 
+on, unless you set <code class="directive">VirtualDocumentRoot</code> to <code>None</code> 
+in each virtual host.
+</div>
+
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="VirtualDocumentRootIP" id="VirtualDocumentRootIP">VirtualDocumentRootIP</a> <a name="virtualdocumentrootip" id="virtualdocumentrootip">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Dynamically configure the location of the document root
+for a given virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>VirtualDocumentRootIP <em>interpolated-directory</em>|none</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>VirtualDocumentRootIP none</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_vhost_alias</td></tr>
+</table>
+
+<p>The <code class="directive">VirtualDocumentRootIP</code> directive is like the
+    <code class="directive"><a href="#virtualdocumentroot">VirtualDocumentRoot</a></code>
+    directive, except that it uses the IP address of the server end
+    of the connection for directory interpolation instead of the server
+    name.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="VirtualScriptAlias" id="VirtualScriptAlias">VirtualScriptAlias</a> <a name="virtualscriptalias" id="virtualscriptalias">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Dynamically configure the location of the CGI directory for
+a given virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>VirtualScriptAlias <em>interpolated-directory</em>|none</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>VirtualScriptAlias none</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_vhost_alias</td></tr>
+</table>
+
+    <p>The <code class="directive">VirtualScriptAlias</code> directive allows you to
+    determine where Apache httpd will find CGI scripts in a similar
+    manner to <code class="directive"><a href="#virtualdocumentroot">VirtualDocumentRoot</a></code> does for other documents. It matches
+    requests for URIs starting <code>/cgi-bin/</code>, much like <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code>
+    <code>/cgi-bin/</code> would.</p>
+
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="VirtualScriptAliasIP" id="VirtualScriptAliasIP">VirtualScriptAliasIP</a> <a name="virtualscriptaliasip" id="virtualscriptaliasip">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Dynamically configure the location of the CGI directory for
+a given virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>VirtualScriptAliasIP <em>interpolated-directory</em>|none</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>VirtualScriptAliasIP none</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_vhost_alias</td></tr>
+</table>
+
+    <p>The <code class="directive">VirtualScriptAliasIP</code> directive is like the
+    <code class="directive"><a href="#virtualscriptalias">VirtualScriptAlias</a></code>
+    directive, except that it uses the IP address of the server end
+    of the connection for directory interpolation instead of the server
+    name.</p>
+
+    
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mod_watchdog.html.en b/docs/manual/mod/mod_watchdog.html.en
index a273e1a305..0c5c65e07d 100644
--- a/docs/manual/mod/mod_watchdog.html.en
+++ b/docs/manual/mod/mod_watchdog.html.en
@@ -53,6 +53,7 @@ core or, if a dynamic module, be loaded before the calling module.
 <li><img alt="" src="../images/down.gif" /> <a href="#watchdoginterval">WatchdogInterval</a></li>
 </ul>
 <ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="WatchdogInterval" id="WatchdogInterval">WatchdogInterval</a> <a name="watchdoginterval" id="watchdoginterval">Directive</a></h2>
 <table class="directive">
@@ -67,7 +68,6 @@ core or, if a dynamic module, be loaded before the calling module.
 second.</p>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mod_watchdog.html" title="English">&nbsp;en&nbsp;</a></p>
diff --git a/docs/manual/mod/mod_xml2enc.html.en b/docs/manual/mod/mod_xml2enc.html.en
index 76f7c777e5..0de3b12edc 100644
--- a/docs/manual/mod/mod_xml2enc.html.en
+++ b/docs/manual/mod/mod_xml2enc.html.en
@@ -44,72 +44,20 @@ for 2.2.x versions</td></tr></table>
     after markup processing, and will ensure the correct <var>charset</var>
     value is set in the HTTP <var>Content-Type</var> header.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
-<ul id="toc">
-<li><img alt="" src="../images/down.gif" /> <a href="#xml2encalias">xml2EncAlias</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#xml2encdefault">xml2EncDefault</a></li>
-<li><img alt="" src="../images/down.gif" /> <a href="#xml2startparse">xml2StartParse</a></li>
-</ul>
-<h3>Topics</h3>
+<div id="quickview"><h3>Topics</h3>
 <ul id="topics">
 <li><img alt="" src="../images/down.gif" /> <a href="#usage">Usage</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#api">Programming API</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#sniffing">Detecting an Encoding</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#output">Output Encoding</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#alias">Unsupported Encodings</a></li>
-</ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="xml2EncAlias" id="xml2EncAlias">xml2EncAlias</a> <a name="xml2encalias" id="xml2encalias">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Recognise Aliases for encoding values</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>xml2EncAlias <var>charset alias [alias ...]</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_xml2enc</td></tr>
-</table>
-    <p>This server-wide directive aliases one or more encoding to another
-    encoding.  This enables encodings not recognised by libxml2 to be handled
-    internally by libxml2's encoding support using the translation table for
-    a recognised encoding.  This serves two purposes: to support character sets
-    (or names) not recognised either by libxml2 or iconv, and to skip
-    conversion for an encoding where it is known to be unnecessary.</p>
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="xml2EncDefault" id="xml2EncDefault">xml2EncDefault</a> <a name="xml2encdefault" id="xml2encdefault">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets a default encoding to assume when absolutely no information
-can be <a href="#sniffing">automatically detected</a></td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>xml2EncDefault <var>name</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_xml2enc</td></tr>
-<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Version 2.4.0 and later; available as a third-party
-module for earlier versions.</td></tr>
-</table>
-    <p>If you are processing data with known encoding but no encoding
-    information, you can set this default to help mod_xml2enc process
-    the data correctly.  For example, to work with the default value
-    of Latin1 (<var>iso-8859-1</var> specified in HTTP/1.0, use</p>
-    <pre class="prettyprint lang-config">xml2EncDefault iso-8859-1</pre>
-
-
-</div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="directive-section"><h2><a name="xml2StartParse" id="xml2StartParse">xml2StartParse</a> <a name="xml2startparse" id="xml2startparse">Directive</a></h2>
-<table class="directive">
-<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Advise the parser to skip leading junk.</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>xml2StartParse <var>element [element ...]</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
-<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_xml2enc</td></tr>
-</table>
-    <p>Specify that the markup parser should start at the first instance
-    of any of the elements specified.  This can be used as a workaround
-    where a broken backend inserts leading junk that messes up the parser (<a href="http://bahumbug.wordpress.com/2006/10/12/mod_proxy_html-revisited/">example here</a>).</p>
-    <p>It should never be used for XML, nor well-formed HTML.</p>
-
-</div>
+</ul><h3 class="directives">Directives</h3>
+<ul id="toc">
+<li><img alt="" src="../images/down.gif" /> <a href="#xml2encalias">xml2EncAlias</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#xml2encdefault">xml2EncDefault</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#xml2startparse">xml2StartParse</a></li>
+</ul>
+<ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="section">
 <h2><a name="usage" id="usage">Usage</a></h2>
@@ -185,6 +133,58 @@ the server of an unnecessary conversion.</p>
 <p>If you are working with encodings that are not supported by any of
 the conversion methods available on your platform, you can still alias
 them to a supported encoding using <code class="directive">xml2EncAlias</code>.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="xml2EncAlias" id="xml2EncAlias">xml2EncAlias</a> <a name="xml2encalias" id="xml2encalias">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Recognise Aliases for encoding values</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>xml2EncAlias <var>charset alias [alias ...]</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_xml2enc</td></tr>
+</table>
+    <p>This server-wide directive aliases one or more encoding to another
+    encoding.  This enables encodings not recognised by libxml2 to be handled
+    internally by libxml2's encoding support using the translation table for
+    a recognised encoding.  This serves two purposes: to support character sets
+    (or names) not recognised either by libxml2 or iconv, and to skip
+    conversion for an encoding where it is known to be unnecessary.</p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="xml2EncDefault" id="xml2EncDefault">xml2EncDefault</a> <a name="xml2encdefault" id="xml2encdefault">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets a default encoding to assume when absolutely no information
+can be <a href="#sniffing">automatically detected</a></td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>xml2EncDefault <var>name</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_xml2enc</td></tr>
+<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Version 2.4.0 and later; available as a third-party
+module for earlier versions.</td></tr>
+</table>
+    <p>If you are processing data with known encoding but no encoding
+    information, you can set this default to help mod_xml2enc process
+    the data correctly.  For example, to work with the default value
+    of Latin1 (<var>iso-8859-1</var> specified in HTTP/1.0, use</p>
+    <pre class="prettyprint lang-config">xml2EncDefault iso-8859-1</pre>
+
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="xml2StartParse" id="xml2StartParse">xml2StartParse</a> <a name="xml2startparse" id="xml2startparse">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Advise the parser to skip leading junk.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>xml2StartParse <var>element [element ...]</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_xml2enc</td></tr>
+</table>
+    <p>Specify that the markup parser should start at the first instance
+    of any of the elements specified.  This can be used as a workaround
+    where a broken backend inserts leading junk that messes up the parser (<a href="http://bahumbug.wordpress.com/2006/10/12/mod_proxy_html-revisited/">example here</a>).</p>
+    <p>It should never be used for XML, nor well-formed HTML.</p>
+
 </div>
 </div>
 <div class="bottomlang">
diff --git a/docs/manual/mod/mpm_common.html.en b/docs/manual/mod/mpm_common.html.en
index 6052f3b204..8b1c87d5e9 100644
--- a/docs/manual/mod/mpm_common.html.en
+++ b/docs/manual/mod/mpm_common.html.en
@@ -58,6 +58,7 @@ more than one multi-processing module (MPM)</td></tr>
 <li><img alt="" src="../images/down.gif" /> <a href="#threadstacksize">ThreadStackSize</a></li>
 </ul>
 <ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="CoreDumpDirectory" id="CoreDumpDirectory">CoreDumpDirectory</a> <a name="coredumpdirectory" id="coredumpdirectory">Directive</a></h2>
 <table class="directive">
@@ -750,7 +751,6 @@ client connections</td></tr>
     causes crashes with some common modules.</div>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../de/mod/mpm_common.html" hreflang="de" rel="alternate" title="Deutsch">&nbsp;de&nbsp;</a> |
diff --git a/docs/manual/mod/mpm_netware.html.en b/docs/manual/mod/mpm_netware.html.en
index da54416178..d40d0bf10c 100644
--- a/docs/manual/mod/mpm_netware.html.en
+++ b/docs/manual/mod/mpm_netware.html.en
@@ -84,6 +84,7 @@
     ports Apache httpd uses</a>
 </li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
+
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="MaxThreads" id="MaxThreads">MaxThreads</a> <a name="maxthreads" id="maxthreads">Directive</a></h2>
 <table class="directive">
@@ -104,7 +105,6 @@
     </code></p></div>
 
 </div>
-
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/mod/mpm_netware.html" title="English">&nbsp;en&nbsp;</a> |
diff --git a/docs/manual/mod/prefork.html.en b/docs/manual/mod/prefork.html.en
index 61606ae3fc..4839858fd3 100644
--- a/docs/manual/mod/prefork.html.en
+++ b/docs/manual/mod/prefork.html.en
@@ -51,7 +51,10 @@
     small enough to assure that there is enough physical RAM for all
     processes.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#how-it-works">How it Works</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/right.gif" /> <a href="mpm_common.html#coredumpdirectory">CoreDumpDirectory</a></li>
 <li><img alt="" src="../images/right.gif" /> <a href="mpm_common.html#enableexceptionhook">EnableExceptionHook</a></li>
@@ -71,15 +74,55 @@
 <li><img alt="" src="../images/right.gif" /> <a href="mpm_common.html#startservers">StartServers</a></li>
 <li><img alt="" src="../images/right.gif" /> <a href="mod_unixd.html#user">User</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#how-it-works">How it Works</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><a href="../bind.html">Setting which addresses and ports Apache HTTP Server
 uses</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="section">
+<h2><a name="how-it-works" id="how-it-works">How it Works</a></h2>
+    <p>A single control process is responsible for launching child
+    processes which listen for connections and serve them when they
+    arrive. Apache httpd always tries to maintain several <dfn>spare</dfn>
+    or idle server processes, which stand ready to serve incoming
+    requests. In this way, clients do not need to wait for a new
+    child processes to be forked before their requests can be
+    served.</p>
+
+    <p>The <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code>,
+    <code class="directive"><a href="#minspareservers">MinSpareServers</a></code>,
+    <code class="directive"><a href="#maxspareservers">MaxSpareServers</a></code>, and
+    <code class="directive"><a href="../mod/mpm_common.html#maxrequestworkers">MaxRequestWorkers</a></code> regulate how
+    the parent process creates children to serve requests. In general,
+    Apache httpd is very self-regulating, so most sites do not need to
+    adjust these directives from their default values. Sites which
+    need to serve more than 256 simultaneous requests may need to
+    increase <code class="directive"><a href="../mod/mpm_common.html#maxrequestworkers">MaxRequestWorkers</a></code>,
+    while sites with limited memory may need to decrease <code class="directive"><a href="../mod/mpm_common.html#maxrequestworkers">MaxRequestWorkers</a></code> to keep the server from
+    thrashing (swapping memory to disk and back). More information
+    about tuning process creation is provided in the <a href="../misc/perf-tuning.html">performance hints</a>
+    documentation.</p>
+
+    <p>While the parent process is usually started as <code>root</code>
+    under Unix in order to bind to port 80, the child processes are
+    launched by Apache httpd as a less-privileged user. The <code class="directive"><a href="../mod/mod_unixd.html#user">User</a></code> and <code class="directive"><a href="../mod/mod_unixd.html#group">Group</a></code> directives are used to set
+    the privileges of the Apache httpd child processes. The child processes
+    must be able to read all the content that will be served, but
+    should have as few privileges beyond that as possible.</p>
+
+    <p><code class="directive"><a href="../mod/mpm_common.html#maxconnectionsperchild">MaxConnectionsPerChild</a></code>
+    controls how frequently the server recycles processes by killing
+    old ones and launching new ones.</p>
+
+    <p>This MPM uses the <code>mpm-accept</code> mutex to serialize
+    access to incoming connections when subject to the thundering herd
+    problem (generally, when there are multiple listening sockets).
+    The implementation aspects of this mutex can be configured with the
+    <code class="directive"><a href="../mod/core.html#mutex">Mutex</a></code> directive.  The <a href="../misc/perf-tuning.html">performance hints</a>
+    documentation has additional information about this mutex.</p>
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
 <div class="directive-section"><h2><a name="MaxSpareServers" id="MaxSpareServers">MaxSpareServers</a> <a name="maxspareservers" id="maxspareservers">Directive</a></h2>
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Maximum number of idle child server processes</td></tr>
@@ -139,49 +182,6 @@ uses</a></li>
 <li><code class="directive"><a href="../mod/mpm_common.html#minsparethreads">MinSpareThreads</a></code></li>
 </ul>
 </div>
-<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<div class="section">
-<h2><a name="how-it-works" id="how-it-works">How it Works</a></h2>
-    <p>A single control process is responsible for launching child
-    processes which listen for connections and serve them when they
-    arrive. Apache httpd always tries to maintain several <dfn>spare</dfn>
-    or idle server processes, which stand ready to serve incoming
-    requests. In this way, clients do not need to wait for a new
-    child processes to be forked before their requests can be
-    served.</p>
-
-    <p>The <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code>,
-    <code class="directive"><a href="#minspareservers">MinSpareServers</a></code>,
-    <code class="directive"><a href="#maxspareservers">MaxSpareServers</a></code>, and
-    <code class="directive"><a href="../mod/mpm_common.html#maxrequestworkers">MaxRequestWorkers</a></code> regulate how
-    the parent process creates children to serve requests. In general,
-    Apache httpd is very self-regulating, so most sites do not need to
-    adjust these directives from their default values. Sites which
-    need to serve more than 256 simultaneous requests may need to
-    increase <code class="directive"><a href="../mod/mpm_common.html#maxrequestworkers">MaxRequestWorkers</a></code>,
-    while sites with limited memory may need to decrease <code class="directive"><a href="../mod/mpm_common.html#maxrequestworkers">MaxRequestWorkers</a></code> to keep the server from
-    thrashing (swapping memory to disk and back). More information
-    about tuning process creation is provided in the <a href="../misc/perf-tuning.html">performance hints</a>
-    documentation.</p>
-
-    <p>While the parent process is usually started as <code>root</code>
-    under Unix in order to bind to port 80, the child processes are
-    launched by Apache httpd as a less-privileged user. The <code class="directive"><a href="../mod/mod_unixd.html#user">User</a></code> and <code class="directive"><a href="../mod/mod_unixd.html#group">Group</a></code> directives are used to set
-    the privileges of the Apache httpd child processes. The child processes
-    must be able to read all the content that will be served, but
-    should have as few privileges beyond that as possible.</p>
-
-    <p><code class="directive"><a href="../mod/mpm_common.html#maxconnectionsperchild">MaxConnectionsPerChild</a></code>
-    controls how frequently the server recycles processes by killing
-    old ones and launching new ones.</p>
-
-    <p>This MPM uses the <code>mpm-accept</code> mutex to serialize
-    access to incoming connections when subject to the thundering herd
-    problem (generally, when there are multiple listening sockets).
-    The implementation aspects of this mutex can be configured with the
-    <code class="directive"><a href="../mod/core.html#mutex">Mutex</a></code> directive.  The <a href="../misc/perf-tuning.html">performance hints</a>
-    documentation has additional information about this mutex.</p>
-</div>
 </div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../de/mod/prefork.html" hreflang="de" rel="alternate" title="Deutsch">&nbsp;de&nbsp;</a> |
diff --git a/docs/manual/mod/quickreference.html.en b/docs/manual/mod/quickreference.html.en
index cef742ea2d..041dfc717e 100644
--- a/docs/manual/mod/quickreference.html.en
+++ b/docs/manual/mod/quickreference.html.en
@@ -327,741 +327,743 @@ cache</td></tr>
 CGI program</td></tr>
 <tr class="odd"><td><a href="core.html#cgimapextension">CGIMapExtension <var>cgi-path</var> <var>.extension</var></a></td><td></td><td>dh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Technique for locating the interpreter for CGI
 scripts</td></tr>
-<tr><td><a href="mod_charset_lite.html#charsetdefault">CharsetDefault <var>charset</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Charset to translate into</td></tr>
-<tr class="odd"><td><a href="mod_charset_lite.html#charsetoptions">CharsetOptions <var>option</var> [<var>option</var>] ...</a></td><td> ImplicitAdd </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configures charset translation behavior</td></tr>
-<tr><td><a href="mod_charset_lite.html#charsetsourceenc">CharsetSourceEnc <var>charset</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Source charset of files</td></tr>
-<tr class="odd"><td><a href="mod_speling.html#checkcaseonly">CheckCaseOnly on|off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the action of the speling module to case corrections</td></tr>
-<tr><td><a href="mod_speling.html#checkspelling">CheckSpelling on|off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables the spelling
+<tr><td><a href="core.html#cgipassauth">CGIPassAuth On|Off</a></td><td> Off </td><td>dh</td><td>C</td></tr><tr><td class="descr" colspan="4">Enables passing HTTP authorization headers to scripts as CGI
+variables</td></tr>
+<tr class="odd"><td><a href="mod_charset_lite.html#charsetdefault">CharsetDefault <var>charset</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Charset to translate into</td></tr>
+<tr><td><a href="mod_charset_lite.html#charsetoptions">CharsetOptions <var>option</var> [<var>option</var>] ...</a></td><td> ImplicitAdd </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures charset translation behavior</td></tr>
+<tr class="odd"><td><a href="mod_charset_lite.html#charsetsourceenc">CharsetSourceEnc <var>charset</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Source charset of files</td></tr>
+<tr><td><a href="mod_speling.html#checkcaseonly">CheckCaseOnly on|off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Limits the action of the speling module to case corrections</td></tr>
+<tr class="odd"><td><a href="mod_speling.html#checkspelling">CheckSpelling on|off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables the spelling
 module</td></tr>
-<tr class="odd"><td><a href="mod_unixd.html#chrootdir">ChrootDir <var>/path/to/directory</var></a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Directory for apache to run chroot(8) after startup.</td></tr>
-<tr><td><a href="core.html#contentdigest">ContentDigest On|Off</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Enables the generation of <code>Content-MD5</code> HTTP Response
+<tr><td><a href="mod_unixd.html#chrootdir">ChrootDir <var>/path/to/directory</var></a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Directory for apache to run chroot(8) after startup.</td></tr>
+<tr class="odd"><td><a href="core.html#contentdigest">ContentDigest On|Off</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Enables the generation of <code>Content-MD5</code> HTTP Response
 headers</td></tr>
-<tr class="odd"><td><a href="mod_usertrack.html#cookiedomain">CookieDomain <em>domain</em></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The domain to which the tracking cookie applies</td></tr>
-<tr><td><a href="mod_usertrack.html#cookieexpires">CookieExpires <em>expiry-period</em></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Expiry time for the tracking cookie</td></tr>
-<tr class="odd"><td><a href="mod_usertrack.html#cookiename">CookieName <em>token</em></a></td><td> Apache </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name of the tracking cookie</td></tr>
-<tr><td><a href="mod_usertrack.html#cookiestyle">CookieStyle
-    <em>Netscape|Cookie|Cookie2|RFC2109|RFC2965</em></a></td><td> Netscape </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Format of the cookie header field</td></tr>
-<tr class="odd"><td><a href="mod_usertrack.html#cookietracking">CookieTracking on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables tracking cookie</td></tr>
-<tr><td><a href="mpm_common.html#coredumpdirectory">CoreDumpDirectory <var>directory</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Directory where Apache HTTP Server attempts to
+<tr><td><a href="mod_usertrack.html#cookiedomain">CookieDomain <em>domain</em></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The domain to which the tracking cookie applies</td></tr>
+<tr class="odd"><td><a href="mod_usertrack.html#cookieexpires">CookieExpires <em>expiry-period</em></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Expiry time for the tracking cookie</td></tr>
+<tr><td><a href="mod_usertrack.html#cookiename">CookieName <em>token</em></a></td><td> Apache </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name of the tracking cookie</td></tr>
+<tr class="odd"><td><a href="mod_usertrack.html#cookiestyle">CookieStyle
+    <em>Netscape|Cookie|Cookie2|RFC2109|RFC2965</em></a></td><td> Netscape </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Format of the cookie header field</td></tr>
+<tr><td><a href="mod_usertrack.html#cookietracking">CookieTracking on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables tracking cookie</td></tr>
+<tr class="odd"><td><a href="mpm_common.html#coredumpdirectory">CoreDumpDirectory <var>directory</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Directory where Apache HTTP Server attempts to
 switch before dumping core</td></tr>
-<tr class="odd"><td><a href="mod_log_config.html#customlog">CustomLog  <var>file</var>|<var>pipe</var>
+<tr><td><a href="mod_log_config.html#customlog">CustomLog  <var>file</var>|<var>pipe</var>
 <var>format</var>|<var>nickname</var>
 [env=[!]<var>environment-variable</var>|
-expr=<var>expression</var>]</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets filename and format of log file</td></tr>
-<tr><td><a href="mod_dav.html#dav" id="D" name="D">Dav On|Off|<var>provider-name</var></a></td><td> Off </td><td>d</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable WebDAV HTTP methods</td></tr>
-<tr class="odd"><td><a href="mod_dav.html#davdepthinfinity">DavDepthInfinity on|off</a></td><td> off </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Allow PROPFIND, Depth: Infinity requests</td></tr>
-<tr><td><a href="mod_dav_lock.html#davgenericlockdb">DavGenericLockDB <var>file-path</var></a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Location of the DAV lock database</td></tr>
-<tr class="odd"><td><a href="mod_dav_fs.html#davlockdb">DavLockDB <var>file-path</var></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the DAV lock database</td></tr>
-<tr><td><a href="mod_dav.html#davmintimeout">DavMinTimeout <var>seconds</var></a></td><td> 0 </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Minimum amount of time the server holds a lock on
+expr=<var>expression</var>]</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets filename and format of log file</td></tr>
+<tr class="odd"><td><a href="mod_dav.html#dav" id="D" name="D">Dav On|Off|<var>provider-name</var></a></td><td> Off </td><td>d</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable WebDAV HTTP methods</td></tr>
+<tr><td><a href="mod_dav.html#davdepthinfinity">DavDepthInfinity on|off</a></td><td> off </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Allow PROPFIND, Depth: Infinity requests</td></tr>
+<tr class="odd"><td><a href="mod_dav_lock.html#davgenericlockdb">DavGenericLockDB <var>file-path</var></a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the DAV lock database</td></tr>
+<tr><td><a href="mod_dav_fs.html#davlockdb">DavLockDB <var>file-path</var></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Location of the DAV lock database</td></tr>
+<tr class="odd"><td><a href="mod_dav.html#davmintimeout">DavMinTimeout <var>seconds</var></a></td><td> 0 </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Minimum amount of time the server holds a lock on
 a DAV resource</td></tr>
-<tr class="odd"><td><a href="mod_dbd.html#dbdexptime">DBDExptime <var>time-in-seconds</var></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Keepalive time for idle connections</td></tr>
-<tr><td><a href="mod_dbd.html#dbdinitsql">DBDInitSQL <var>"SQL statement"</var></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Execute an SQL statement after connecting to a database</td></tr>
-<tr class="odd"><td><a href="mod_dbd.html#dbdkeep">DBDKeep <var>number</var></a></td><td> 2 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum sustained number of connections</td></tr>
-<tr><td><a href="mod_dbd.html#dbdmax">DBDMax <var>number</var></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum number of connections</td></tr>
-<tr class="odd"><td><a href="mod_dbd.html#dbdmin">DBDMin <var>number</var></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Minimum number of connections</td></tr>
-<tr><td><a href="mod_dbd.html#dbdparams">DBDParams
-<var>param1</var>=<var>value1</var>[,<var>param2</var>=<var>value2</var>]</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Parameters for database connection</td></tr>
-<tr class="odd"><td><a href="mod_dbd.html#dbdpersist">DBDPersist On|Off</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to use persistent connections</td></tr>
-<tr><td><a href="mod_dbd.html#dbdpreparesql">DBDPrepareSQL <var>"SQL statement"</var> <var>label</var></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Define an SQL prepared statement</td></tr>
-<tr class="odd"><td><a href="mod_dbd.html#dbdriver">DBDriver <var>name</var></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Specify an SQL driver</td></tr>
-<tr><td><a href="mod_autoindex.html#defaulticon">DefaultIcon <var>url-path</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Icon to display for files when no specific icon is
+<tr><td><a href="mod_dbd.html#dbdexptime">DBDExptime <var>time-in-seconds</var></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Keepalive time for idle connections</td></tr>
+<tr class="odd"><td><a href="mod_dbd.html#dbdinitsql">DBDInitSQL <var>"SQL statement"</var></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Execute an SQL statement after connecting to a database</td></tr>
+<tr><td><a href="mod_dbd.html#dbdkeep">DBDKeep <var>number</var></a></td><td> 2 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum sustained number of connections</td></tr>
+<tr class="odd"><td><a href="mod_dbd.html#dbdmax">DBDMax <var>number</var></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of connections</td></tr>
+<tr><td><a href="mod_dbd.html#dbdmin">DBDMin <var>number</var></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Minimum number of connections</td></tr>
+<tr class="odd"><td><a href="mod_dbd.html#dbdparams">DBDParams
+<var>param1</var>=<var>value1</var>[,<var>param2</var>=<var>value2</var>]</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Parameters for database connection</td></tr>
+<tr><td><a href="mod_dbd.html#dbdpersist">DBDPersist On|Off</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to use persistent connections</td></tr>
+<tr class="odd"><td><a href="mod_dbd.html#dbdpreparesql">DBDPrepareSQL <var>"SQL statement"</var> <var>label</var></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define an SQL prepared statement</td></tr>
+<tr><td><a href="mod_dbd.html#dbdriver">DBDriver <var>name</var></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Specify an SQL driver</td></tr>
+<tr class="odd"><td><a href="mod_autoindex.html#defaulticon">DefaultIcon <var>url-path</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Icon to display for files when no specific icon is
 configured</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#defaultlanguage">DefaultLanguage <var>language-tag</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a default language-tag to be sent in the Content-Language
+<tr><td><a href="mod_mime.html#defaultlanguage">DefaultLanguage <var>language-tag</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Defines a default language-tag to be sent in the Content-Language
 header field for all resources in the current context that have not been
 assigned a language-tag by some other means.</td></tr>
-<tr><td><a href="core.html#defaultruntimedir">DefaultRuntimeDir <var>directory-path</var></a></td><td> DEFAULT_REL_RUNTIME +</td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Base directory for the server run-time files</td></tr>
-<tr class="odd"><td><a href="core.html#defaulttype">DefaultType <var>media-type|none</var></a></td><td> none </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">This directive has no effect other than to emit warnings
+<tr class="odd"><td><a href="core.html#defaultruntimedir">DefaultRuntimeDir <var>directory-path</var></a></td><td> DEFAULT_REL_RUNTIME +</td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Base directory for the server run-time files</td></tr>
+<tr><td><a href="core.html#defaulttype">DefaultType <var>media-type|none</var></a></td><td> none </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">This directive has no effect other than to emit warnings
 if the value is not <code>none</code>. In prior versions, DefaultType
 would specify a default media type to assign to response content for
 which no other media type configuration could be found.
 </td></tr>
-<tr><td><a href="core.html#define">Define <var>parameter-name</var> [<var>parameter-value</var>]</a></td><td></td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Define a variable</td></tr>
-<tr class="odd"><td><a href="mod_deflate.html#deflatebuffersize">DeflateBufferSize <var>value</var></a></td><td> 8096 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Fragment size to be compressed at one time by zlib</td></tr>
-<tr><td><a href="mod_deflate.html#deflatecompressionlevel">DeflateCompressionLevel <var>value</var></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">How much compression do we apply to the output</td></tr>
-<tr class="odd"><td><a href="mod_deflate.html#deflatefilternote">DeflateFilterNote [<var>type</var>] <var>notename</var></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Places the compression ratio in a note for logging</td></tr>
-<tr><td><a href="mod_deflate.html#deflateinflatelimitrequestbody">DeflateInflateLimitRequestBody<var>value</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum size of inflated request bodies</td></tr>
-<tr class="odd"><td><a href="mod_deflate.html#deflateinflateratioburst">DeflateInflateRatioBurst <var>value</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of times the inflation ratio for request bodies 
+<tr class="odd"><td><a href="core.html#define">Define <var>parameter-name</var> [<var>parameter-value</var>]</a></td><td></td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Define a variable</td></tr>
+<tr><td><a href="mod_deflate.html#deflatebuffersize">DeflateBufferSize <var>value</var></a></td><td> 8096 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Fragment size to be compressed at one time by zlib</td></tr>
+<tr class="odd"><td><a href="mod_deflate.html#deflatecompressionlevel">DeflateCompressionLevel <var>value</var></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">How much compression do we apply to the output</td></tr>
+<tr><td><a href="mod_deflate.html#deflatefilternote">DeflateFilterNote [<var>type</var>] <var>notename</var></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Places the compression ratio in a note for logging</td></tr>
+<tr class="odd"><td><a href="mod_deflate.html#deflateinflatelimitrequestbody">DeflateInflateLimitRequestBody<var>value</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum size of inflated request bodies</td></tr>
+<tr><td><a href="mod_deflate.html#deflateinflateratioburst">DeflateInflateRatioBurst <var>value</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum number of times the inflation ratio for request bodies 
              can be crossed</td></tr>
-<tr><td><a href="mod_deflate.html#deflateinflateratiolimit">DeflateInflateRatioLimit <var>value</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum inflation ratio for request bodies</td></tr>
-<tr class="odd"><td><a href="mod_deflate.html#deflatememlevel">DeflateMemLevel <var>value</var></a></td><td> 9 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">How much memory should be used by zlib for compression</td></tr>
-<tr><td><a href="mod_deflate.html#deflatewindowsize">DeflateWindowSize <var>value</var></a></td><td> 15 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Zlib compression window size</td></tr>
-<tr class="odd"><td><a href="mod_access_compat.html#deny"> Deny from all|<var>host</var>|env=[!]<var>env-variable</var>
-[<var>host</var>|env=[!]<var>env-variable</var>] ...</a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Controls which hosts are denied access to the
+<tr class="odd"><td><a href="mod_deflate.html#deflateinflateratiolimit">DeflateInflateRatioLimit <var>value</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum inflation ratio for request bodies</td></tr>
+<tr><td><a href="mod_deflate.html#deflatememlevel">DeflateMemLevel <var>value</var></a></td><td> 9 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">How much memory should be used by zlib for compression</td></tr>
+<tr class="odd"><td><a href="mod_deflate.html#deflatewindowsize">DeflateWindowSize <var>value</var></a></td><td> 15 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Zlib compression window size</td></tr>
+<tr><td><a href="mod_access_compat.html#deny"> Deny from all|<var>host</var>|env=[!]<var>env-variable</var>
+[<var>host</var>|env=[!]<var>env-variable</var>] ...</a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Controls which hosts are denied access to the
 server</td></tr>
-<tr><td><a href="core.html#directory">&lt;Directory "<var>directory-path</var>"&gt;
-... &lt;/Directory&gt;</a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Enclose a group of directives that apply only to the
+<tr class="odd"><td><a href="core.html#directory">&lt;Directory "<var>directory-path</var>"&gt;
+... &lt;/Directory&gt;</a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of directives that apply only to the
 named file-system directory, sub-directories, and their contents.</td></tr>
-<tr class="odd"><td><a href="mod_dir.html#directorycheckhandler">DirectoryCheckHandler On|Off</a></td><td> Off </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Toggle how this module responds when another handler is configured</td></tr>
-<tr><td><a href="mod_dir.html#directoryindex">DirectoryIndex
-    disabled | <var>local-url</var> [<var>local-url</var>] ...</a></td><td> index.html </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">List of resources to look for when the client requests
+<tr><td><a href="mod_dir.html#directorycheckhandler">DirectoryCheckHandler On|Off</a></td><td> Off </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Toggle how this module responds when another handler is configured</td></tr>
+<tr class="odd"><td><a href="mod_dir.html#directoryindex">DirectoryIndex
+    disabled | <var>local-url</var> [<var>local-url</var>] ...</a></td><td> index.html </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">List of resources to look for when the client requests
 a directory</td></tr>
-<tr class="odd"><td><a href="mod_dir.html#directoryindexredirect">DirectoryIndexRedirect on | off | permanent | temp | seeother |
+<tr><td><a href="mod_dir.html#directoryindexredirect">DirectoryIndexRedirect on | off | permanent | temp | seeother |
 <var>3xx-code</var>
-</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Configures an external redirect for directory indexes.
+</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Configures an external redirect for directory indexes.
 </td></tr>
-<tr><td><a href="core.html#directorymatch">&lt;DirectoryMatch <var>regex</var>&gt;
-... &lt;/DirectoryMatch&gt;</a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Enclose directives that apply to
+<tr class="odd"><td><a href="core.html#directorymatch">&lt;DirectoryMatch <var>regex</var>&gt;
+... &lt;/DirectoryMatch&gt;</a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose directives that apply to
 the contents of file-system directories matching a regular expression.</td></tr>
-<tr class="odd"><td><a href="mod_dir.html#directoryslash">DirectorySlash On|Off</a></td><td> On </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Toggle trailing slash redirects on or off</td></tr>
-<tr><td><a href="core.html#documentroot">DocumentRoot <var>directory-path</var></a></td><td> "/usr/local/apache/ +</td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Directory that forms the main document tree visible
+<tr><td><a href="mod_dir.html#directoryslash">DirectorySlash On|Off</a></td><td> On </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Toggle trailing slash redirects on or off</td></tr>
+<tr class="odd"><td><a href="core.html#documentroot">DocumentRoot <var>directory-path</var></a></td><td> "/usr/local/apache/ +</td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Directory that forms the main document tree visible
 from the web</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#dtraceprivileges">DTracePrivileges On|Off</a></td><td> Off </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the privileges required by dtrace are enabled.</td></tr>
-<tr><td><a href="mod_dumpio.html#dumpioinput">DumpIOInput On|Off</a></td><td> Off </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Dump all input data to the error log</td></tr>
-<tr class="odd"><td><a href="mod_dumpio.html#dumpiooutput">DumpIOOutput On|Off</a></td><td> Off </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dump all output data to the error log</td></tr>
-<tr><td><a href="core.html#else" id="E" name="E">&lt;Else&gt; ... &lt;/Else&gt;</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Contains directives that apply only if the condition of a
+<tr><td><a href="mod_privileges.html#dtraceprivileges">DTracePrivileges On|Off</a></td><td> Off </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines whether the privileges required by dtrace are enabled.</td></tr>
+<tr class="odd"><td><a href="mod_dumpio.html#dumpioinput">DumpIOInput On|Off</a></td><td> Off </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dump all input data to the error log</td></tr>
+<tr><td><a href="mod_dumpio.html#dumpiooutput">DumpIOOutput On|Off</a></td><td> Off </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Dump all output data to the error log</td></tr>
+<tr class="odd"><td><a href="core.html#else" id="E" name="E">&lt;Else&gt; ... &lt;/Else&gt;</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Contains directives that apply only if the condition of a
 previous <code class="directive"><a href="../mod/core.html#if">&lt;If&gt;</a></code> or
 <code class="directive"><a href="../mod/core.html#elseif">&lt;ElseIf&gt;</a></code> section is not
 satisfied by a request at runtime</td></tr>
-<tr class="odd"><td><a href="core.html#elseif">&lt;ElseIf <var>expression</var>&gt; ... &lt;/ElseIf&gt;</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Contains directives that apply only if a condition is satisfied
+<tr><td><a href="core.html#elseif">&lt;ElseIf <var>expression</var>&gt; ... &lt;/ElseIf&gt;</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Contains directives that apply only if a condition is satisfied
 by a request at runtime while the condition of a previous
 <code class="directive"><a href="../mod/core.html#if">&lt;If&gt;</a></code> or
 <code class="directive">&lt;ElseIf&gt;</code> section is not
 satisfied</td></tr>
-<tr><td><a href="mpm_common.html#enableexceptionhook">EnableExceptionHook On|Off</a></td><td> Off </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Enables a hook that runs exception handlers
+<tr class="odd"><td><a href="mpm_common.html#enableexceptionhook">EnableExceptionHook On|Off</a></td><td> Off </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Enables a hook that runs exception handlers
 after a crash</td></tr>
-<tr class="odd"><td><a href="core.html#enablemmap">EnableMMAP On|Off</a></td><td> On </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Use memory-mapping to read files during delivery</td></tr>
-<tr><td><a href="core.html#enablesendfile">EnableSendfile On|Off</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Use the kernel sendfile support to deliver files to the client</td></tr>
-<tr class="odd"><td><a href="core.html#error">Error <var>message</var></a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Abort configuration parsing with a custom error message</td></tr>
-<tr><td><a href="core.html#errordocument">ErrorDocument <var>error-code</var> <var>document</var></a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">What the server will return to the client
+<tr><td><a href="core.html#enablemmap">EnableMMAP On|Off</a></td><td> On </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Use memory-mapping to read files during delivery</td></tr>
+<tr class="odd"><td><a href="core.html#enablesendfile">EnableSendfile On|Off</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Use the kernel sendfile support to deliver files to the client</td></tr>
+<tr><td><a href="core.html#error">Error <var>message</var></a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Abort configuration parsing with a custom error message</td></tr>
+<tr class="odd"><td><a href="core.html#errordocument">ErrorDocument <var>error-code</var> <var>document</var></a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">What the server will return to the client
 in case of an error</td></tr>
-<tr class="odd"><td><a href="core.html#errorlog"> ErrorLog <var>file-path</var>|syslog[:<var>facility</var>]</a></td><td> logs/error_log (Uni +</td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Location where the server will log errors</td></tr>
-<tr><td><a href="core.html#errorlogformat"> ErrorLogFormat [connection|request] <var>format</var></a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Format specification for error log entries</td></tr>
-<tr class="odd"><td><a href="mod_example_hooks.html#example">Example</a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Demonstration directive to illustrate the Apache module
+<tr><td><a href="core.html#errorlog"> ErrorLog <var>file-path</var>|syslog[:<var>facility</var>]</a></td><td> logs/error_log (Uni +</td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Location where the server will log errors</td></tr>
+<tr class="odd"><td><a href="core.html#errorlogformat"> ErrorLogFormat [connection|request] <var>format</var></a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Format specification for error log entries</td></tr>
+<tr><td><a href="mod_example_hooks.html#example">Example</a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">Demonstration directive to illustrate the Apache module
 API</td></tr>
-<tr><td><a href="mod_expires.html#expiresactive">ExpiresActive On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables generation of <code>Expires</code>
+<tr class="odd"><td><a href="mod_expires.html#expiresactive">ExpiresActive On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables generation of <code>Expires</code>
 headers</td></tr>
-<tr class="odd"><td><a href="mod_expires.html#expiresbytype">ExpiresByType <var>MIME-type</var>
-<var>&lt;code&gt;seconds</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Value of the <code>Expires</code> header configured
+<tr><td><a href="mod_expires.html#expiresbytype">ExpiresByType <var>MIME-type</var>
+<var>&lt;code&gt;seconds</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Value of the <code>Expires</code> header configured
 by MIME type</td></tr>
-<tr><td><a href="mod_expires.html#expiresdefault">ExpiresDefault <var>&lt;code&gt;seconds</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Default algorithm for calculating expiration time</td></tr>
-<tr class="odd"><td><a href="core.html#extendedstatus">ExtendedStatus On|Off</a></td><td> Off[*] </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Keep track of extended status information for each
+<tr class="odd"><td><a href="mod_expires.html#expiresdefault">ExpiresDefault <var>&lt;code&gt;seconds</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Default algorithm for calculating expiration time</td></tr>
+<tr><td><a href="core.html#extendedstatus">ExtendedStatus On|Off</a></td><td> Off[*] </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Keep track of extended status information for each
 request</td></tr>
-<tr><td><a href="mod_ext_filter.html#extfilterdefine">ExtFilterDefine <var>filtername</var> <var>parameters</var></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Define an external filter</td></tr>
-<tr class="odd"><td><a href="mod_ext_filter.html#extfilteroptions">ExtFilterOptions <var>option</var> [<var>option</var>] ...</a></td><td> NoLogStderr </td><td>d</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure <code class="module"><a href="../mod/mod_ext_filter.html">mod_ext_filter</a></code> options</td></tr>
-<tr><td><a href="mod_dir.html#fallbackresource" id="F" name="F">FallbackResource disabled | <var>local-url</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Define a default URL for requests that don't map to a file</td></tr>
-<tr class="odd"><td><a href="core.html#fileetag">FileETag <var>component</var> ...</a></td><td> MTime Size </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">File attributes used to create the ETag
+<tr class="odd"><td><a href="mod_ext_filter.html#extfilterdefine">ExtFilterDefine <var>filtername</var> <var>parameters</var></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define an external filter</td></tr>
+<tr><td><a href="mod_ext_filter.html#extfilteroptions">ExtFilterOptions <var>option</var> [<var>option</var>] ...</a></td><td> NoLogStderr </td><td>d</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure <code class="module"><a href="../mod/mod_ext_filter.html">mod_ext_filter</a></code> options</td></tr>
+<tr class="odd"><td><a href="mod_dir.html#fallbackresource" id="F" name="F">FallbackResource disabled | <var>local-url</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Define a default URL for requests that don't map to a file</td></tr>
+<tr><td><a href="core.html#fileetag">FileETag <var>component</var> ...</a></td><td> MTime Size </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">File attributes used to create the ETag
 HTTP response header for static files</td></tr>
-<tr><td><a href="core.html#files">&lt;Files "<var>filename</var>"&gt; ... &lt;/Files&gt;</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Contains directives that apply to matched
+<tr class="odd"><td><a href="core.html#files">&lt;Files "<var>filename</var>"&gt; ... &lt;/Files&gt;</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Contains directives that apply to matched
 filenames</td></tr>
-<tr class="odd"><td><a href="core.html#filesmatch">&lt;FilesMatch <var>regex</var>&gt; ... &lt;/FilesMatch&gt;</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Contains directives that apply to regular-expression matched
+<tr><td><a href="core.html#filesmatch">&lt;FilesMatch <var>regex</var>&gt; ... &lt;/FilesMatch&gt;</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Contains directives that apply to regular-expression matched
 filenames</td></tr>
-<tr><td><a href="mod_filter.html#filterchain">FilterChain [+=-@!]<var>filter-name</var> <var>...</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Configure the filter chain</td></tr>
-<tr class="odd"><td><a href="mod_filter.html#filterdeclare">FilterDeclare <var>filter-name</var> <var>[type]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare a smart filter</td></tr>
-<tr><td><a href="mod_filter.html#filterprotocol">FilterProtocol <var>filter-name</var> [<var>provider-name</var>]
-    <var>proto-flags</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Deal with correct HTTP protocol handling</td></tr>
-<tr class="odd"><td><a href="mod_filter.html#filterprovider">FilterProvider <var>filter-name</var> <var>provider-name</var>
- <var>expression</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Register a content filter</td></tr>
-<tr><td><a href="mod_filter.html#filtertrace">FilterTrace <var>filter-name</var> <var>level</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Get debug/diagnostic information from
+<tr class="odd"><td><a href="mod_filter.html#filterchain">FilterChain [+=-@!]<var>filter-name</var> <var>...</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Configure the filter chain</td></tr>
+<tr><td><a href="mod_filter.html#filterdeclare">FilterDeclare <var>filter-name</var> <var>[type]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare a smart filter</td></tr>
+<tr class="odd"><td><a href="mod_filter.html#filterprotocol">FilterProtocol <var>filter-name</var> [<var>provider-name</var>]
+    <var>proto-flags</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Deal with correct HTTP protocol handling</td></tr>
+<tr><td><a href="mod_filter.html#filterprovider">FilterProvider <var>filter-name</var> <var>provider-name</var>
+ <var>expression</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Register a content filter</td></tr>
+<tr class="odd"><td><a href="mod_filter.html#filtertrace">FilterTrace <var>filter-name</var> <var>level</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Get debug/diagnostic information from
     <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code></td></tr>
-<tr class="odd"><td><a href="mod_negotiation.html#forcelanguagepriority">ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback]</a></td><td> Prefer </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Action to take if a single acceptable document is not
+<tr><td><a href="mod_negotiation.html#forcelanguagepriority">ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback]</a></td><td> Prefer </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Action to take if a single acceptable document is not
 found</td></tr>
-<tr><td><a href="core.html#forcetype">ForceType <var>media-type</var>|None</a></td><td></td><td>dh</td><td>C</td></tr><tr><td class="descr" colspan="4">Forces all matching files to be served with the specified
+<tr class="odd"><td><a href="core.html#forcetype">ForceType <var>media-type</var>|None</a></td><td></td><td>dh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Forces all matching files to be served with the specified
 media type in the HTTP Content-Type header field</td></tr>
-<tr class="odd"><td><a href="mod_log_forensic.html#forensiclog">ForensicLog <var>filename</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets filename of the forensic log</td></tr>
-<tr><td><a href="core.html#gprofdir" id="G" name="G">GprofDir <var>/tmp/gprof/</var>|<var>/tmp/gprof/</var>%</a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Directory to write gmon.out profiling data to.  </td></tr>
-<tr class="odd"><td><a href="mpm_common.html#gracefulshutdowntimeout">GracefulShutdownTimeout <var>seconds</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Specify a timeout after which a gracefully shutdown server
+<tr><td><a href="mod_log_forensic.html#forensiclog">ForensicLog <var>filename</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets filename of the forensic log</td></tr>
+<tr class="odd"><td><a href="core.html#gprofdir" id="G" name="G">GprofDir <var>/tmp/gprof/</var>|<var>/tmp/gprof/</var>%</a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Directory to write gmon.out profiling data to.  </td></tr>
+<tr><td><a href="mpm_common.html#gracefulshutdowntimeout">GracefulShutdownTimeout <var>seconds</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Specify a timeout after which a gracefully shutdown server
 will exit.</td></tr>
-<tr><td><a href="mod_unixd.html#group">Group <var>unix-group</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Group under which the server will answer
+<tr class="odd"><td><a href="mod_unixd.html#group">Group <var>unix-group</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Group under which the server will answer
 requests</td></tr>
-<tr class="odd"><td><a href="mod_headers.html#header" id="H" name="H">Header [<var>condition</var>] add|append|echo|edit|edit*|merge|set|setifempty|unset|note
+<tr><td><a href="mod_headers.html#header" id="H" name="H">Header [<var>condition</var>] add|append|echo|edit|edit*|merge|set|setifempty|unset|note
 <var>header</var> [[expr=]<var>value</var> [<var>replacement</var>]
 [early|env=[!]<var>varname</var>|expr=<var>expression</var>]]
-</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure HTTP response headers</td></tr>
-<tr><td><a href="mod_autoindex.html#headername">HeaderName <var>filename</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Name of the file that will be inserted at the top
+</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure HTTP response headers</td></tr>
+<tr class="odd"><td><a href="mod_autoindex.html#headername">HeaderName <var>filename</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Name of the file that will be inserted at the top
 of the index listing</td></tr>
-<tr class="odd"><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Multicast address for heartbeat packets</td></tr>
-<tr><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">multicast address to listen for incoming heartbeat requests </td></tr>
-<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>number-of-servers</var></a></td><td> 10 </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Specifies the maximum number of servers that will be sending 
+<tr><td><a href="mod_heartbeat.html#heartbeataddress">HeartbeatAddress <var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Multicast address for heartbeat packets</td></tr>
+<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatlisten">HeartbeatListen<var>addr:port</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">multicast address to listen for incoming heartbeat requests </td></tr>
+<tr><td><a href="mod_heartmonitor.html#heartbeatmaxservers">HeartbeatMaxServers <var>number-of-servers</var></a></td><td> 10 </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Specifies the maximum number of servers that will be sending 
 heartbeat requests to this server</td></tr>
-<tr><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Path to store heartbeat data</td></tr>
-<tr class="odd"><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Path to read heartbeat data</td></tr>
-<tr><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Enables DNS lookups on client IP addresses</td></tr>
-<tr class="odd"><td><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck On|Off</a></td><td> Off </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables logging of the RFC 1413 identity of the remote
+<tr class="odd"><td><a href="mod_heartmonitor.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Path to store heartbeat data</td></tr>
+<tr><td><a href="mod_lbmethod_heartbeat.html#heartbeatstorage">HeartbeatStorage <var>file-path</var></a></td><td> logs/hb.dat </td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Path to read heartbeat data</td></tr>
+<tr class="odd"><td><a href="core.html#hostnamelookups">HostnameLookups On|Off|Double</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Enables DNS lookups on client IP addresses</td></tr>
+<tr><td><a href="mod_ident.html#identitycheck" id="I" name="I">IdentityCheck On|Off</a></td><td> Off </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables logging of the RFC 1413 identity of the remote
 user</td></tr>
-<tr><td><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout <var>seconds</var></a></td><td> 30 </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Determines the timeout duration for ident requests</td></tr>
-<tr class="odd"><td><a href="core.html#if">&lt;If <var>expression</var>&gt; ... &lt;/If&gt;</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Contains directives that apply only if a condition is
+<tr class="odd"><td><a href="mod_ident.html#identitychecktimeout">IdentityCheckTimeout <var>seconds</var></a></td><td> 30 </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Determines the timeout duration for ident requests</td></tr>
+<tr><td><a href="core.html#if">&lt;If <var>expression</var>&gt; ... &lt;/If&gt;</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Contains directives that apply only if a condition is
 satisfied by a request at runtime</td></tr>
-<tr><td><a href="core.html#ifdefine">&lt;IfDefine [!]<var>parameter-name</var>&gt; ...
-    &lt;/IfDefine&gt;</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Encloses directives that will be processed only
+<tr class="odd"><td><a href="core.html#ifdefine">&lt;IfDefine [!]<var>parameter-name</var>&gt; ...
+    &lt;/IfDefine&gt;</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Encloses directives that will be processed only
 if a test is true at startup</td></tr>
-<tr class="odd"><td><a href="core.html#ifmodule">&lt;IfModule [!]<var>module-file</var>|<var>module-identifier</var>&gt; ...
-    &lt;/IfModule&gt;</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Encloses directives that are processed conditional on the
+<tr><td><a href="core.html#ifmodule">&lt;IfModule [!]<var>module-file</var>|<var>module-identifier</var>&gt; ...
+    &lt;/IfModule&gt;</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Encloses directives that are processed conditional on the
 presence or absence of a specific module</td></tr>
-<tr><td><a href="mod_version.html#ifversion">&lt;IfVersion [[!]<var>operator</var>] <var>version</var>&gt; ...
-&lt;/IfVersion&gt;</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">contains version dependent configuration</td></tr>
-<tr class="odd"><td><a href="mod_imagemap.html#imapbase">ImapBase map|referer|<var>URL</var></a></td><td> http://servername/ </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Default <code>base</code> for imagemap files</td></tr>
-<tr><td><a href="mod_imagemap.html#imapdefault">ImapDefault error|nocontent|map|referer|<var>URL</var></a></td><td> nocontent </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Default action when an imagemap is called with coordinates
+<tr class="odd"><td><a href="mod_version.html#ifversion">&lt;IfVersion [[!]<var>operator</var>] <var>version</var>&gt; ...
+&lt;/IfVersion&gt;</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">contains version dependent configuration</td></tr>
+<tr><td><a href="mod_imagemap.html#imapbase">ImapBase map|referer|<var>URL</var></a></td><td> http://servername/ </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Default <code>base</code> for imagemap files</td></tr>
+<tr class="odd"><td><a href="mod_imagemap.html#imapdefault">ImapDefault error|nocontent|map|referer|<var>URL</var></a></td><td> nocontent </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Default action when an imagemap is called with coordinates
 that are not explicitly mapped</td></tr>
-<tr class="odd"><td><a href="mod_imagemap.html#imapmenu">ImapMenu none|formatted|semiformatted|unformatted</a></td><td> formatted </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Action if no coordinates are given when calling
+<tr><td><a href="mod_imagemap.html#imapmenu">ImapMenu none|formatted|semiformatted|unformatted</a></td><td> formatted </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Action if no coordinates are given when calling
 an imagemap</td></tr>
-<tr><td><a href="core.html#include">Include <var>file-path</var>|<var>directory-path</var>|<var>wildcard</var></a></td><td></td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Includes other configuration files from within
+<tr class="odd"><td><a href="core.html#include">Include <var>file-path</var>|<var>directory-path</var>|<var>wildcard</var></a></td><td></td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Includes other configuration files from within
 the server configuration files</td></tr>
-<tr class="odd"><td><a href="core.html#includeoptional">IncludeOptional <var>file-path</var>|<var>directory-path</var>|<var>wildcard</var></a></td><td></td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Includes other configuration files from within
+<tr><td><a href="core.html#includeoptional">IncludeOptional <var>file-path</var>|<var>directory-path</var>|<var>wildcard</var></a></td><td></td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Includes other configuration files from within
 the server configuration files</td></tr>
-<tr><td><a href="mod_autoindex.html#indexheadinsert">IndexHeadInsert <var>"markup ..."</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Inserts text in the HEAD section of an index page.</td></tr>
-<tr class="odd"><td><a href="mod_autoindex.html#indexignore">IndexIgnore <var>file</var> [<var>file</var>] ...</a></td><td> "." </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Adds to the list of files to hide when listing
+<tr class="odd"><td><a href="mod_autoindex.html#indexheadinsert">IndexHeadInsert <var>"markup ..."</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Inserts text in the HEAD section of an index page.</td></tr>
+<tr><td><a href="mod_autoindex.html#indexignore">IndexIgnore <var>file</var> [<var>file</var>] ...</a></td><td> "." </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Adds to the list of files to hide when listing
 a directory</td></tr>
-<tr><td><a href="mod_autoindex.html#indexignorereset">IndexIgnoreReset ON|OFF</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Empties the list of files to hide when listing
+<tr class="odd"><td><a href="mod_autoindex.html#indexignorereset">IndexIgnoreReset ON|OFF</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Empties the list of files to hide when listing
 a directory</td></tr>
-<tr class="odd"><td><a href="mod_autoindex.html#indexoptions">IndexOptions  [+|-]<var>option</var> [[+|-]<var>option</var>]
-...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Various configuration settings for directory
+<tr><td><a href="mod_autoindex.html#indexoptions">IndexOptions  [+|-]<var>option</var> [[+|-]<var>option</var>]
+...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Various configuration settings for directory
 indexing</td></tr>
-<tr><td><a href="mod_autoindex.html#indexorderdefault">IndexOrderDefault Ascending|Descending
-Name|Date|Size|Description</a></td><td> Ascending Name </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets the default ordering of the directory index</td></tr>
-<tr class="odd"><td><a href="mod_autoindex.html#indexstylesheet">IndexStyleSheet <var>url-path</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Adds a CSS stylesheet to the directory index</td></tr>
-<tr><td><a href="mod_sed.html#inputsed">InputSed <var>sed-command</var></a></td><td></td><td>dh</td><td>X</td></tr><tr><td class="descr" colspan="4">Sed command to filter request data (typically <code>POST</code> data)</td></tr>
-<tr class="odd"><td><a href="mod_isapi.html#isapiappendlogtoerrors">ISAPIAppendLogToErrors on|off</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Record <code>HSE_APPEND_LOG_PARAMETER</code> requests from
+<tr class="odd"><td><a href="mod_autoindex.html#indexorderdefault">IndexOrderDefault Ascending|Descending
+Name|Date|Size|Description</a></td><td> Ascending Name </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the default ordering of the directory index</td></tr>
+<tr><td><a href="mod_autoindex.html#indexstylesheet">IndexStyleSheet <var>url-path</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Adds a CSS stylesheet to the directory index</td></tr>
+<tr class="odd"><td><a href="mod_sed.html#inputsed">InputSed <var>sed-command</var></a></td><td></td><td>dh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sed command to filter request data (typically <code>POST</code> data)</td></tr>
+<tr><td><a href="mod_isapi.html#isapiappendlogtoerrors">ISAPIAppendLogToErrors on|off</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Record <code>HSE_APPEND_LOG_PARAMETER</code> requests from
 ISAPI extensions to the error log</td></tr>
-<tr><td><a href="mod_isapi.html#isapiappendlogtoquery">ISAPIAppendLogToQuery on|off</a></td><td> on </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Record <code>HSE_APPEND_LOG_PARAMETER</code> requests from
+<tr class="odd"><td><a href="mod_isapi.html#isapiappendlogtoquery">ISAPIAppendLogToQuery on|off</a></td><td> on </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Record <code>HSE_APPEND_LOG_PARAMETER</code> requests from
 ISAPI extensions to the query field</td></tr>
-<tr class="odd"><td><a href="mod_isapi.html#isapicachefile">ISAPICacheFile <var>file-path</var> [<var>file-path</var>]
-...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">ISAPI .dll files to be loaded at startup</td></tr>
-<tr><td><a href="mod_isapi.html#isapifakeasync">ISAPIFakeAsync on|off</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Fake asynchronous support for ISAPI callbacks</td></tr>
-<tr class="odd"><td><a href="mod_isapi.html#isapilognotsupported">ISAPILogNotSupported on|off</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Log unsupported feature requests from ISAPI
+<tr><td><a href="mod_isapi.html#isapicachefile">ISAPICacheFile <var>file-path</var> [<var>file-path</var>]
+...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">ISAPI .dll files to be loaded at startup</td></tr>
+<tr class="odd"><td><a href="mod_isapi.html#isapifakeasync">ISAPIFakeAsync on|off</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Fake asynchronous support for ISAPI callbacks</td></tr>
+<tr><td><a href="mod_isapi.html#isapilognotsupported">ISAPILogNotSupported on|off</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Log unsupported feature requests from ISAPI
 extensions</td></tr>
-<tr><td><a href="mod_isapi.html#isapireadaheadbuffer">ISAPIReadAheadBuffer <var>size</var></a></td><td> 49152 </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Size of the Read Ahead Buffer sent to ISAPI
+<tr class="odd"><td><a href="mod_isapi.html#isapireadaheadbuffer">ISAPIReadAheadBuffer <var>size</var></a></td><td> 49152 </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Size of the Read Ahead Buffer sent to ISAPI
 extensions</td></tr>
-<tr class="odd"><td><a href="core.html#keepalive" id="K" name="K">KeepAlive On|Off</a></td><td> On </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Enables HTTP persistent connections</td></tr>
-<tr><td><a href="core.html#keepalivetimeout">KeepAliveTimeout <var>num</var>[ms]</a></td><td> 5 </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Amount of time the server will wait for subsequent
+<tr><td><a href="core.html#keepalive" id="K" name="K">KeepAlive On|Off</a></td><td> On </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Enables HTTP persistent connections</td></tr>
+<tr class="odd"><td><a href="core.html#keepalivetimeout">KeepAliveTimeout <var>num</var>[ms]</a></td><td> 5 </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Amount of time the server will wait for subsequent
 requests on a persistent connection</td></tr>
-<tr class="odd"><td><a href="mod_request.html#keptbodysize">KeptBodySize <var>maximum size in bytes</var></a></td><td> 0 </td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Keep the request body instead of discarding it up to
+<tr><td><a href="mod_request.html#keptbodysize">KeptBodySize <var>maximum size in bytes</var></a></td><td> 0 </td><td>d</td><td>B</td></tr><tr><td class="descr" colspan="4">Keep the request body instead of discarding it up to
 the specified maximum size, for potential use by filters such as
 mod_include.</td></tr>
-<tr><td><a href="mod_negotiation.html#languagepriority" id="L" name="L">LanguagePriority <var>MIME-lang</var> [<var>MIME-lang</var>]
-...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">The precendence of language variants for cases where
+<tr class="odd"><td><a href="mod_negotiation.html#languagepriority" id="L" name="L">LanguagePriority <var>MIME-lang</var> [<var>MIME-lang</var>]
+...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The precendence of language variants for cases where
 the client does not express a preference</td></tr>
-<tr class="odd"><td><a href="mod_ldap.html#ldapcacheentries">LDAPCacheEntries <var>number</var></a></td><td> 1024 </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of entries in the primary LDAP cache</td></tr>
-<tr><td><a href="mod_ldap.html#ldapcachettl">LDAPCacheTTL <var>seconds</var></a></td><td> 600 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Time that cached items remain valid</td></tr>
-<tr class="odd"><td><a href="mod_ldap.html#ldapconnectionpoolttl">LDAPConnectionPoolTTL <var>n</var></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Discard backend connections that have been sitting in the connection pool too long</td></tr>
-<tr><td><a href="mod_ldap.html#ldapconnectiontimeout">LDAPConnectionTimeout <var>seconds</var></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Specifies the socket connection timeout in seconds</td></tr>
-<tr class="odd"><td><a href="mod_ldap.html#ldaplibrarydebug">LDAPLibraryDebug <var>7</var></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable debugging in the LDAP SDK</td></tr>
-<tr><td><a href="mod_ldap.html#ldapopcacheentries">LDAPOpCacheEntries <var>number</var></a></td><td> 1024 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of entries used to cache LDAP compare
+<tr><td><a href="mod_ldap.html#ldapcacheentries">LDAPCacheEntries <var>number</var></a></td><td> 1024 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum number of entries in the primary LDAP cache</td></tr>
+<tr class="odd"><td><a href="mod_ldap.html#ldapcachettl">LDAPCacheTTL <var>seconds</var></a></td><td> 600 </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Time that cached items remain valid</td></tr>
+<tr><td><a href="mod_ldap.html#ldapconnectionpoolttl">LDAPConnectionPoolTTL <var>n</var></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Discard backend connections that have been sitting in the connection pool too long</td></tr>
+<tr class="odd"><td><a href="mod_ldap.html#ldapconnectiontimeout">LDAPConnectionTimeout <var>seconds</var></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Specifies the socket connection timeout in seconds</td></tr>
+<tr><td><a href="mod_ldap.html#ldaplibrarydebug">LDAPLibraryDebug <var>7</var></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable debugging in the LDAP SDK</td></tr>
+<tr class="odd"><td><a href="mod_ldap.html#ldapopcacheentries">LDAPOpCacheEntries <var>number</var></a></td><td> 1024 </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of entries used to cache LDAP compare
 operations</td></tr>
-<tr class="odd"><td><a href="mod_ldap.html#ldapopcachettl">LDAPOpCacheTTL <var>seconds</var></a></td><td> 600 </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Time that entries in the operation cache remain
+<tr><td><a href="mod_ldap.html#ldapopcachettl">LDAPOpCacheTTL <var>seconds</var></a></td><td> 600 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Time that entries in the operation cache remain
 valid</td></tr>
-<tr><td><a href="mod_ldap.html#ldapreferralhoplimit">LDAPReferralHopLimit <var>number</var></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">The maximum number of referral hops to chase before terminating an LDAP query.</td></tr>
-<tr class="odd"><td><a href="mod_ldap.html#ldapreferrals">LDAPReferrals <var>On|Off|default</var></a></td><td> On </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable referral chasing during queries to the LDAP server.</td></tr>
-<tr><td><a href="mod_ldap.html#ldapretries">LDAPRetries <var>number-of-retries</var></a></td><td> 3 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the number of LDAP server retries.</td></tr>
-<tr class="odd"><td><a href="mod_ldap.html#ldapretrydelay">LDAPRetryDelay <var>seconds</var></a></td><td> 0 </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the delay between LDAP server retries.</td></tr>
-<tr><td><a href="mod_ldap.html#ldapsharedcachefile">LDAPSharedCacheFile <var>directory-path/filename</var></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the shared memory cache file</td></tr>
-<tr class="odd"><td><a href="mod_ldap.html#ldapsharedcachesize">LDAPSharedCacheSize <var>bytes</var></a></td><td> 500000 </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Size in bytes of the shared-memory cache</td></tr>
-<tr><td><a href="mod_ldap.html#ldaptimeout">LDAPTimeout <var>seconds</var></a></td><td> 60 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Specifies the timeout for LDAP search and bind operations, in seconds</td></tr>
-<tr class="odd"><td><a href="mod_ldap.html#ldaptrustedclientcert">LDAPTrustedClientCert <var>type</var> <var>directory-path/filename/nickname</var> <var>[password]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the file containing or nickname referring to a per
+<tr class="odd"><td><a href="mod_ldap.html#ldapreferralhoplimit">LDAPReferralHopLimit <var>number</var></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The maximum number of referral hops to chase before terminating an LDAP query.</td></tr>
+<tr><td><a href="mod_ldap.html#ldapreferrals">LDAPReferrals <var>On|Off|default</var></a></td><td> On </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable referral chasing during queries to the LDAP server.</td></tr>
+<tr class="odd"><td><a href="mod_ldap.html#ldapretries">LDAPRetries <var>number-of-retries</var></a></td><td> 3 </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the number of LDAP server retries.</td></tr>
+<tr><td><a href="mod_ldap.html#ldapretrydelay">LDAPRetryDelay <var>seconds</var></a></td><td> 0 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the delay between LDAP server retries.</td></tr>
+<tr class="odd"><td><a href="mod_ldap.html#ldapsharedcachefile">LDAPSharedCacheFile <var>directory-path/filename</var></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the shared memory cache file</td></tr>
+<tr><td><a href="mod_ldap.html#ldapsharedcachesize">LDAPSharedCacheSize <var>bytes</var></a></td><td> 500000 </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Size in bytes of the shared-memory cache</td></tr>
+<tr class="odd"><td><a href="mod_ldap.html#ldaptimeout">LDAPTimeout <var>seconds</var></a></td><td> 60 </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Specifies the timeout for LDAP search and bind operations, in seconds</td></tr>
+<tr><td><a href="mod_ldap.html#ldaptrustedclientcert">LDAPTrustedClientCert <var>type</var> <var>directory-path/filename/nickname</var> <var>[password]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the file containing or nickname referring to a per
 connection client certificate. Not all LDAP toolkits support per
 connection client certificates.</td></tr>
-<tr><td><a href="mod_ldap.html#ldaptrustedglobalcert">LDAPTrustedGlobalCert <var>type</var> <var>directory-path/filename</var> <var>[password]</var></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the file or database containing global trusted
+<tr class="odd"><td><a href="mod_ldap.html#ldaptrustedglobalcert">LDAPTrustedGlobalCert <var>type</var> <var>directory-path/filename</var> <var>[password]</var></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the file or database containing global trusted
 Certificate Authority or global client certificates</td></tr>
-<tr class="odd"><td><a href="mod_ldap.html#ldaptrustedmode">LDAPTrustedMode <var>type</var></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Specifies the SSL/TLS mode to be used when connecting to an LDAP server.</td></tr>
-<tr><td><a href="mod_ldap.html#ldapverifyservercert">LDAPVerifyServerCert <var>On|Off</var></a></td><td> On </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Force server certificate verification</td></tr>
-<tr class="odd"><td><a href="core.html#limit">&lt;Limit <var>method</var> [<var>method</var>] ... &gt; ...
-    &lt;/Limit&gt;</a></td><td></td><td>dh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Restrict enclosed access controls to only certain HTTP
+<tr><td><a href="mod_ldap.html#ldaptrustedmode">LDAPTrustedMode <var>type</var></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Specifies the SSL/TLS mode to be used when connecting to an LDAP server.</td></tr>
+<tr class="odd"><td><a href="mod_ldap.html#ldapverifyservercert">LDAPVerifyServerCert <var>On|Off</var></a></td><td> On </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Force server certificate verification</td></tr>
+<tr><td><a href="core.html#limit">&lt;Limit <var>method</var> [<var>method</var>] ... &gt; ...
+    &lt;/Limit&gt;</a></td><td></td><td>dh</td><td>C</td></tr><tr><td class="descr" colspan="4">Restrict enclosed access controls to only certain HTTP
 methods</td></tr>
-<tr><td><a href="core.html#limitexcept">&lt;LimitExcept <var>method</var> [<var>method</var>] ... &gt; ...
-    &lt;/LimitExcept&gt;</a></td><td></td><td>dh</td><td>C</td></tr><tr><td class="descr" colspan="4">Restrict access controls to all HTTP methods
+<tr class="odd"><td><a href="core.html#limitexcept">&lt;LimitExcept <var>method</var> [<var>method</var>] ... &gt; ...
+    &lt;/LimitExcept&gt;</a></td><td></td><td>dh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Restrict access controls to all HTTP methods
 except the named ones</td></tr>
-<tr class="odd"><td><a href="core.html#limitinternalrecursion">LimitInternalRecursion <var>number</var> [<var>number</var>]</a></td><td> 10 </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Determine maximum number of internal redirects and nested
+<tr><td><a href="core.html#limitinternalrecursion">LimitInternalRecursion <var>number</var> [<var>number</var>]</a></td><td> 10 </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Determine maximum number of internal redirects and nested
 subrequests</td></tr>
-<tr><td><a href="core.html#limitrequestbody">LimitRequestBody <var>bytes</var></a></td><td> 0 </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Restricts the total size of the HTTP request body sent
+<tr class="odd"><td><a href="core.html#limitrequestbody">LimitRequestBody <var>bytes</var></a></td><td> 0 </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Restricts the total size of the HTTP request body sent
 from the client</td></tr>
-<tr class="odd"><td><a href="core.html#limitrequestfields">LimitRequestFields <var>number</var></a></td><td> 100 </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the number of HTTP request header fields that
+<tr><td><a href="core.html#limitrequestfields">LimitRequestFields <var>number</var></a></td><td> 100 </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the number of HTTP request header fields that
 will be accepted from the client</td></tr>
-<tr><td><a href="core.html#limitrequestfieldsize">LimitRequestFieldSize <var>bytes</var></a></td><td> 8190 </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the size of the HTTP request header allowed from the
+<tr class="odd"><td><a href="core.html#limitrequestfieldsize">LimitRequestFieldSize <var>bytes</var></a></td><td> 8190 </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the size of the HTTP request header allowed from the
 client</td></tr>
-<tr class="odd"><td><a href="core.html#limitrequestline">LimitRequestLine <var>bytes</var></a></td><td> 8190 </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limit the size of the HTTP request line that will be accepted
+<tr><td><a href="core.html#limitrequestline">LimitRequestLine <var>bytes</var></a></td><td> 8190 </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Limit the size of the HTTP request line that will be accepted
 from the client</td></tr>
-<tr><td><a href="core.html#limitxmlrequestbody">LimitXMLRequestBody <var>bytes</var></a></td><td> 1000000 </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the size of an XML-based request body</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#listen">Listen [<var>IP-address</var>:]<var>portnumber</var> [<var>protocol</var>]</a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">IP addresses and ports that the server
+<tr class="odd"><td><a href="core.html#limitxmlrequestbody">LimitXMLRequestBody <var>bytes</var></a></td><td> 1000000 </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the size of an XML-based request body</td></tr>
+<tr><td><a href="mpm_common.html#listen">Listen [<var>IP-address</var>:]<var>portnumber</var> [<var>protocol</var>]</a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">IP addresses and ports that the server
 listens to</td></tr>
-<tr><td><a href="mpm_common.html#listenbacklog">ListenBacklog <var>backlog</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Maximum length of the queue of pending connections</td></tr>
-<tr class="odd"><td><a href="mod_so.html#loadfile">LoadFile <em>filename</em> [<em>filename</em>] ...</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Link in the named object file or library</td></tr>
-<tr><td><a href="mod_so.html#loadmodule">LoadModule <em>module filename</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Links in the object file or library, and adds to the list
+<tr class="odd"><td><a href="mpm_common.html#listenbacklog">ListenBacklog <var>backlog</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum length of the queue of pending connections</td></tr>
+<tr><td><a href="mod_so.html#loadfile">LoadFile <em>filename</em> [<em>filename</em>] ...</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Link in the named object file or library</td></tr>
+<tr class="odd"><td><a href="mod_so.html#loadmodule">LoadModule <em>module filename</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Links in the object file or library, and adds to the list
 of active modules</td></tr>
-<tr class="odd"><td><a href="core.html#location">&lt;Location
-    "<var>URL-path</var>|<var>URL</var>"&gt; ... &lt;/Location&gt;</a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Applies the enclosed directives only to matching
+<tr><td><a href="core.html#location">&lt;Location
+    "<var>URL-path</var>|<var>URL</var>"&gt; ... &lt;/Location&gt;</a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Applies the enclosed directives only to matching
 URLs</td></tr>
-<tr><td><a href="core.html#locationmatch">&lt;LocationMatch
-    <var>regex</var>&gt; ... &lt;/LocationMatch&gt;</a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Applies the enclosed directives only to regular-expression
+<tr class="odd"><td><a href="core.html#locationmatch">&lt;LocationMatch
+    <var>regex</var>&gt; ... &lt;/LocationMatch&gt;</a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Applies the enclosed directives only to regular-expression
 matching URLs</td></tr>
-<tr class="odd"><td><a href="mod_log_config.html#logformat">LogFormat <var>format</var>|<var>nickname</var>
-[<var>nickname</var>]</a></td><td> "%h %l %u %t \"%r\" +</td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Describes a format for use in a log file</td></tr>
-<tr><td><a href="core.html#loglevel">LogLevel [<var>module</var>:]<var>level</var>
+<tr><td><a href="mod_log_config.html#logformat">LogFormat <var>format</var>|<var>nickname</var>
+[<var>nickname</var>]</a></td><td> "%h %l %u %t \"%r\" +</td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Describes a format for use in a log file</td></tr>
+<tr class="odd"><td><a href="core.html#loglevel">LogLevel [<var>module</var>:]<var>level</var>
     [<var>module</var>:<var>level</var>] ...
-</a></td><td> warn </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Controls the verbosity of the ErrorLog</td></tr>
-<tr class="odd"><td><a href="mod_log_debug.html#logmessage">LogMessage <var>message</var>
+</a></td><td> warn </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Controls the verbosity of the ErrorLog</td></tr>
+<tr><td><a href="mod_log_debug.html#logmessage">LogMessage <var>message</var>
 [hook=<var>hook</var>] [expr=<var>expression</var>]
-</a></td><td></td><td>d</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Log user-defined message to error log
+</a></td><td></td><td>d</td><td>X</td></tr><tr><td class="descr" colspan="4">Log user-defined message to error log
 </td></tr>
-<tr><td><a href="mod_lua.html#luaauthzprovider">LuaAuthzProvider provider_name /path/to/lua/script.lua function_name</a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Plug an authorization provider function into <code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code>
+<tr class="odd"><td><a href="mod_lua.html#luaauthzprovider">LuaAuthzProvider provider_name /path/to/lua/script.lua function_name</a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Plug an authorization provider function into <code class="module"><a href="../mod/mod_authz_core.html">mod_authz_core</a></code>
 </td></tr>
-<tr class="odd"><td><a href="mod_lua.html#luacodecache">LuaCodeCache stat|forever|never</a></td><td> stat </td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Configure the compiled code cache.</td></tr>
-<tr><td><a href="mod_lua.html#luahookaccesschecker">LuaHookAccessChecker  /path/to/lua/script.lua  hook_function_name [early|late]</a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">Provide a hook for the access_checker phase of request processing</td></tr>
-<tr class="odd"><td><a href="mod_lua.html#luahookauthchecker">LuaHookAuthChecker  /path/to/lua/script.lua hook_function_name [early|late]</a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Provide a hook for the auth_checker phase of request processing</td></tr>
-<tr><td><a href="mod_lua.html#luahookcheckuserid">LuaHookCheckUserID  /path/to/lua/script.lua hook_function_name [early|late]</a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">Provide a hook for the check_user_id phase of request processing</td></tr>
-<tr class="odd"><td><a href="mod_lua.html#luahookfixups">LuaHookFixups  /path/to/lua/script.lua hook_function_name</a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Provide a hook for the fixups phase of a request
+<tr><td><a href="mod_lua.html#luacodecache">LuaCodeCache stat|forever|never</a></td><td> stat </td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">Configure the compiled code cache.</td></tr>
+<tr class="odd"><td><a href="mod_lua.html#luahookaccesschecker">LuaHookAccessChecker  /path/to/lua/script.lua  hook_function_name [early|late]</a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Provide a hook for the access_checker phase of request processing</td></tr>
+<tr><td><a href="mod_lua.html#luahookauthchecker">LuaHookAuthChecker  /path/to/lua/script.lua hook_function_name [early|late]</a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">Provide a hook for the auth_checker phase of request processing</td></tr>
+<tr class="odd"><td><a href="mod_lua.html#luahookcheckuserid">LuaHookCheckUserID  /path/to/lua/script.lua hook_function_name [early|late]</a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Provide a hook for the check_user_id phase of request processing</td></tr>
+<tr><td><a href="mod_lua.html#luahookfixups">LuaHookFixups  /path/to/lua/script.lua hook_function_name</a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">Provide a hook for the fixups phase of a request
 processing</td></tr>
-<tr><td><a href="mod_lua.html#luahookinsertfilter">LuaHookInsertFilter  /path/to/lua/script.lua hook_function_name</a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">Provide a hook for the insert_filter phase of request processing</td></tr>
-<tr class="odd"><td><a href="mod_lua.html#luahooklog">LuaHookLog  /path/to/lua/script.lua log_function_name</a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Provide a hook for the access log phase of a request
+<tr class="odd"><td><a href="mod_lua.html#luahookinsertfilter">LuaHookInsertFilter  /path/to/lua/script.lua hook_function_name</a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Provide a hook for the insert_filter phase of request processing</td></tr>
+<tr><td><a href="mod_lua.html#luahooklog">LuaHookLog  /path/to/lua/script.lua log_function_name</a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">Provide a hook for the access log phase of a request
 processing</td></tr>
-<tr><td><a href="mod_lua.html#luahookmaptostorage">LuaHookMapToStorage  /path/to/lua/script.lua hook_function_name</a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">Provide a hook for the map_to_storage phase of request processing</td></tr>
-<tr class="odd"><td><a href="mod_lua.html#luahooktranslatename">LuaHookTranslateName  /path/to/lua/script.lua  hook_function_name [early|late]</a></td><td></td><td>sv</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Provide a hook for the translate name phase of request processing</td></tr>
-<tr><td><a href="mod_lua.html#luahooktypechecker">LuaHookTypeChecker  /path/to/lua/script.lua hook_function_name</a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">Provide a hook for the type_checker phase of request processing</td></tr>
-<tr class="odd"><td><a href="mod_lua.html#luainherit">LuaInherit none|parent-first|parent-last</a></td><td> parent-first </td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Controls how parent configuration sections are merged into children</td></tr>
-<tr><td><a href="mod_lua.html#luainputfilter">LuaInputFilter filter_name /path/to/lua/script.lua function_name</a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Provide a Lua function for content input filtering</td></tr>
-<tr class="odd"><td><a href="mod_lua.html#luamaphandler">LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]</a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Map a path to a lua handler</td></tr>
-<tr><td><a href="mod_lua.html#luaoutputfilter">LuaOutputFilter filter_name /path/to/lua/script.lua function_name</a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Provide a Lua function for content output filtering</td></tr>
-<tr class="odd"><td><a href="mod_lua.html#luapackagecpath">LuaPackageCPath /path/to/include/?.soa</a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Add a directory to lua's package.cpath</td></tr>
-<tr><td><a href="mod_lua.html#luapackagepath">LuaPackagePath /path/to/include/?.lua</a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">Add a directory to lua's package.path</td></tr>
-<tr class="odd"><td><a href="mod_lua.html#luaquickhandler">LuaQuickHandler /path/to/script.lua hook_function_name</a></td><td></td><td>sv</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Provide a hook for the quick handler of request processing</td></tr>
-<tr><td><a href="mod_lua.html#luaroot">LuaRoot /path/to/a/directory</a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">Specify the base path for resolving relative paths for mod_lua directives</td></tr>
-<tr class="odd"><td><a href="mod_lua.html#luascope">LuaScope once|request|conn|thread|server [min] [max]</a></td><td> once </td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">One of once, request, conn, thread -- default is once</td></tr>
-<tr><td><a href="mod_macro.html#macro" id="M" name="M">
+<tr class="odd"><td><a href="mod_lua.html#luahookmaptostorage">LuaHookMapToStorage  /path/to/lua/script.lua hook_function_name</a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Provide a hook for the map_to_storage phase of request processing</td></tr>
+<tr><td><a href="mod_lua.html#luahooktranslatename">LuaHookTranslateName  /path/to/lua/script.lua  hook_function_name [early|late]</a></td><td></td><td>sv</td><td>X</td></tr><tr><td class="descr" colspan="4">Provide a hook for the translate name phase of request processing</td></tr>
+<tr class="odd"><td><a href="mod_lua.html#luahooktypechecker">LuaHookTypeChecker  /path/to/lua/script.lua hook_function_name</a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Provide a hook for the type_checker phase of request processing</td></tr>
+<tr><td><a href="mod_lua.html#luainherit">LuaInherit none|parent-first|parent-last</a></td><td> parent-first </td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">Controls how parent configuration sections are merged into children</td></tr>
+<tr class="odd"><td><a href="mod_lua.html#luainputfilter">LuaInputFilter filter_name /path/to/lua/script.lua function_name</a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Provide a Lua function for content input filtering</td></tr>
+<tr><td><a href="mod_lua.html#luamaphandler">LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]</a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">Map a path to a lua handler</td></tr>
+<tr class="odd"><td><a href="mod_lua.html#luaoutputfilter">LuaOutputFilter filter_name /path/to/lua/script.lua function_name</a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Provide a Lua function for content output filtering</td></tr>
+<tr><td><a href="mod_lua.html#luapackagecpath">LuaPackageCPath /path/to/include/?.soa</a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">Add a directory to lua's package.cpath</td></tr>
+<tr class="odd"><td><a href="mod_lua.html#luapackagepath">LuaPackagePath /path/to/include/?.lua</a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Add a directory to lua's package.path</td></tr>
+<tr><td><a href="mod_lua.html#luaquickhandler">LuaQuickHandler /path/to/script.lua hook_function_name</a></td><td></td><td>sv</td><td>X</td></tr><tr><td class="descr" colspan="4">Provide a hook for the quick handler of request processing</td></tr>
+<tr class="odd"><td><a href="mod_lua.html#luaroot">LuaRoot /path/to/a/directory</a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Specify the base path for resolving relative paths for mod_lua directives</td></tr>
+<tr><td><a href="mod_lua.html#luascope">LuaScope once|request|conn|thread|server [min] [max]</a></td><td> once </td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">One of once, request, conn, thread -- default is once</td></tr>
+<tr class="odd"><td><a href="mod_macro.html#macro" id="M" name="M">
 &lt;Macro <var>name</var> [<var>par1</var> .. <var>parN</var>]&gt;
-... &lt;/Macro&gt;</a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Define a configuration file macro</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#maxconnectionsperchild">MaxConnectionsPerChild <var>number</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Limit on the number of connections that an individual child server
+... &lt;/Macro&gt;</a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Define a configuration file macro</td></tr>
+<tr><td><a href="mpm_common.html#maxconnectionsperchild">MaxConnectionsPerChild <var>number</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Limit on the number of connections that an individual child server
 will handle during its life</td></tr>
-<tr><td><a href="core.html#maxkeepaliverequests">MaxKeepAliveRequests <var>number</var></a></td><td> 100 </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Number of requests allowed on a persistent
+<tr class="odd"><td><a href="core.html#maxkeepaliverequests">MaxKeepAliveRequests <var>number</var></a></td><td> 100 </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Number of requests allowed on a persistent
 connection</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#maxmemfree">MaxMemFree <var>KBytes</var></a></td><td> 2048 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of memory that the main allocator is allowed
+<tr><td><a href="mpm_common.html#maxmemfree">MaxMemFree <var>KBytes</var></a></td><td> 2048 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Maximum amount of memory that the main allocator is allowed
 to hold without calling <code>free()</code></td></tr>
-<tr><td><a href="core.html#maxrangeoverlaps">MaxRangeOverlaps default | unlimited | none | <var>number-of-ranges</var></a></td><td> 20 </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Number of overlapping ranges (eg: <code>100-200,150-300</code>) allowed before returning the complete
+<tr class="odd"><td><a href="core.html#maxrangeoverlaps">MaxRangeOverlaps default | unlimited | none | <var>number-of-ranges</var></a></td><td> 20 </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Number of overlapping ranges (eg: <code>100-200,150-300</code>) allowed before returning the complete
         resource </td></tr>
-<tr class="odd"><td><a href="core.html#maxrangereversals">MaxRangeReversals default | unlimited | none | <var>number-of-ranges</var></a></td><td> 20 </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Number of range reversals (eg: <code>100-200,50-70</code>) allowed before returning the complete
+<tr><td><a href="core.html#maxrangereversals">MaxRangeReversals default | unlimited | none | <var>number-of-ranges</var></a></td><td> 20 </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Number of range reversals (eg: <code>100-200,50-70</code>) allowed before returning the complete
         resource </td></tr>
-<tr><td><a href="core.html#maxranges">MaxRanges default | unlimited | none | <var>number-of-ranges</var></a></td><td> 200 </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Number of ranges allowed before returning the complete
+<tr class="odd"><td><a href="core.html#maxranges">MaxRanges default | unlimited | none | <var>number-of-ranges</var></a></td><td> 200 </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Number of ranges allowed before returning the complete
 resource </td></tr>
-<tr class="odd"><td><a href="mpm_common.html#maxrequestworkers">MaxRequestWorkers <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of connections that will be processed
+<tr><td><a href="mpm_common.html#maxrequestworkers">MaxRequestWorkers <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Maximum number of connections that will be processed
 simultaneously</td></tr>
-<tr><td><a href="prefork.html#maxspareservers">MaxSpareServers <var>number</var></a></td><td> 10 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Maximum number of idle child server processes</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#maxsparethreads">MaxSpareThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of idle threads</td></tr>
-<tr><td><a href="mpm_netware.html#maxthreads">MaxThreads <var>number</var></a></td><td> 2048 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Set the maximum number of worker threads</td></tr>
-<tr class="odd"><td><a href="core.html#mergetrailers">MergeTrailers [on|off]</a></td><td> off </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Determins whether trailers are merged into headers</td></tr>
-<tr><td><a href="mod_cern_meta.html#metadir">MetaDir <var>directory</var></a></td><td> .web </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name of the directory to find CERN-style meta information
+<tr class="odd"><td><a href="prefork.html#maxspareservers">MaxSpareServers <var>number</var></a></td><td> 10 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum number of idle child server processes</td></tr>
+<tr><td><a href="mpm_common.html#maxsparethreads">MaxSpareThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Maximum number of idle threads</td></tr>
+<tr class="odd"><td><a href="mpm_netware.html#maxthreads">MaxThreads <var>number</var></a></td><td> 2048 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Set the maximum number of worker threads</td></tr>
+<tr><td><a href="core.html#mergetrailers">MergeTrailers [on|off]</a></td><td> off </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Determins whether trailers are merged into headers</td></tr>
+<tr class="odd"><td><a href="mod_cern_meta.html#metadir">MetaDir <var>directory</var></a></td><td> .web </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name of the directory to find CERN-style meta information
 files</td></tr>
-<tr class="odd"><td><a href="mod_cern_meta.html#metafiles">MetaFiles on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Activates CERN meta-file processing</td></tr>
-<tr><td><a href="mod_cern_meta.html#metasuffix">MetaSuffix <var>suffix</var></a></td><td> .meta </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">File name suffix for the file containing CERN-style
+<tr><td><a href="mod_cern_meta.html#metafiles">MetaFiles on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Activates CERN meta-file processing</td></tr>
+<tr class="odd"><td><a href="mod_cern_meta.html#metasuffix">MetaSuffix <var>suffix</var></a></td><td> .meta </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File name suffix for the file containing CERN-style
 meta information</td></tr>
-<tr class="odd"><td><a href="mod_mime_magic.html#mimemagicfile">MimeMagicFile <var>file-path</var></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable MIME-type determination based on file contents
+<tr><td><a href="mod_mime_magic.html#mimemagicfile">MimeMagicFile <var>file-path</var></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable MIME-type determination based on file contents
 using the specified magic file</td></tr>
-<tr><td><a href="prefork.html#minspareservers">MinSpareServers <var>number</var></a></td><td> 5 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Minimum number of idle child server processes</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#minsparethreads">MinSpareThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Minimum number of idle threads available to handle request
+<tr class="odd"><td><a href="prefork.html#minspareservers">MinSpareServers <var>number</var></a></td><td> 5 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Minimum number of idle child server processes</td></tr>
+<tr><td><a href="mpm_common.html#minsparethreads">MinSpareThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Minimum number of idle threads available to handle request
 spikes</td></tr>
-<tr><td><a href="mod_file_cache.html#mmapfile">MMapFile <var>file-path</var> [<var>file-path</var>] ...</a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">Map a list of files into memory at startup time</td></tr>
-<tr class="odd"><td><a href="mod_dialup.html#modemstandard">ModemStandard V.21|V.26bis|V.32|V.92</a></td><td></td><td>d</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Modem standard to simulate</td></tr>
-<tr><td><a href="mod_mime.html#modmimeusepathinfo">ModMimeUsePathInfo On|Off</a></td><td> Off </td><td>d</td><td>B</td></tr><tr><td class="descr" colspan="4">Tells <code class="module"><a href="../mod/mod_mime.html">mod_mime</a></code> to treat <code>path_info</code>
+<tr class="odd"><td><a href="mod_file_cache.html#mmapfile">MMapFile <var>file-path</var> [<var>file-path</var>] ...</a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Map a list of files into memory at startup time</td></tr>
+<tr><td><a href="mod_dialup.html#modemstandard">ModemStandard V.21|V.26bis|V.32|V.92</a></td><td></td><td>d</td><td>X</td></tr><tr><td class="descr" colspan="4">Modem standard to simulate</td></tr>
+<tr class="odd"><td><a href="mod_mime.html#modmimeusepathinfo">ModMimeUsePathInfo On|Off</a></td><td> Off </td><td>d</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Tells <code class="module"><a href="../mod/mod_mime.html">mod_mime</a></code> to treat <code>path_info</code>
 components as part of the filename</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#multiviewsmatch">MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers
-[Handlers|Filters]</a></td><td> NegotiatedOnly </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The types of files that will be included when searching for
+<tr><td><a href="mod_mime.html#multiviewsmatch">MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers
+[Handlers|Filters]</a></td><td> NegotiatedOnly </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">The types of files that will be included when searching for
 a matching file with MultiViews</td></tr>
-<tr><td><a href="core.html#mutex">Mutex <var>mechanism</var> [default|<var>mutex-name</var>] ... [OmitPID]</a></td><td> default </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures mutex mechanism and lock file directory for all
+<tr class="odd"><td><a href="core.html#mutex">Mutex <var>mechanism</var> [default|<var>mutex-name</var>] ... [OmitPID]</a></td><td> default </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures mutex mechanism and lock file directory for all
 or specified mutexes</td></tr>
-<tr class="odd"><td><a href="core.html#namevirtualhost" id="N" name="N">NameVirtualHost <var>addr</var>[:<var>port</var>]</a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">DEPRECATED: Designates an IP address for name-virtual
+<tr><td><a href="core.html#namevirtualhost" id="N" name="N">NameVirtualHost <var>addr</var>[:<var>port</var>]</a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">DEPRECATED: Designates an IP address for name-virtual
 hosting</td></tr>
-<tr><td><a href="mod_proxy.html#noproxy">NoProxy <var>host</var> [<var>host</var>] ...</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Hosts, domains, or networks that will be connected to
+<tr class="odd"><td><a href="mod_proxy.html#noproxy">NoProxy <var>host</var> [<var>host</var>] ...</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Hosts, domains, or networks that will be connected to
 directly</td></tr>
-<tr class="odd"><td><a href="mod_nw_ssl.html#nwssltrustedcerts">NWSSLTrustedCerts <var>filename</var> [<var>filename</var>] ...</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">List of additional client certificates</td></tr>
-<tr><td><a href="mod_nw_ssl.html#nwsslupgradeable">NWSSLUpgradeable [<var>IP-address</var>:]<var>portnumber</var></a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Allows a connection to be upgraded to an SSL connection upon request</td></tr>
-<tr class="odd"><td><a href="core.html#options" id="O" name="O">Options
-    [+|-]<var>option</var> [[+|-]<var>option</var>] ...</a></td><td> FollowSymlinks </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures what features are available in a particular
+<tr><td><a href="mod_nw_ssl.html#nwssltrustedcerts">NWSSLTrustedCerts <var>filename</var> [<var>filename</var>] ...</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">List of additional client certificates</td></tr>
+<tr class="odd"><td><a href="mod_nw_ssl.html#nwsslupgradeable">NWSSLUpgradeable [<var>IP-address</var>:]<var>portnumber</var></a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Allows a connection to be upgraded to an SSL connection upon request</td></tr>
+<tr><td><a href="core.html#options" id="O" name="O">Options
+    [+|-]<var>option</var> [[+|-]<var>option</var>] ...</a></td><td> FollowSymlinks </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures what features are available in a particular
 directory</td></tr>
-<tr><td><a href="mod_access_compat.html#order"> Order <var>ordering</var></a></td><td> Deny,Allow </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Controls the default access state and the order in which
+<tr class="odd"><td><a href="mod_access_compat.html#order"> Order <var>ordering</var></a></td><td> Deny,Allow </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Controls the default access state and the order in which
 <code class="directive">Allow</code> and <code class="directive">Deny</code> are
 evaluated.</td></tr>
-<tr class="odd"><td><a href="mod_sed.html#outputsed">OutputSed <var>sed-command</var></a></td><td></td><td>dh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sed command for filtering response content</td></tr>
-<tr><td><a href="mod_env.html#passenv" id="P" name="P">PassEnv <var>env-variable</var> [<var>env-variable</var>]
-...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Passes environment variables from the shell</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#pidfile">PidFile <var>filename</var></a></td><td> logs/httpd.pid </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">File where the server records the process ID
+<tr><td><a href="mod_sed.html#outputsed">OutputSed <var>sed-command</var></a></td><td></td><td>dh</td><td>X</td></tr><tr><td class="descr" colspan="4">Sed command for filtering response content</td></tr>
+<tr class="odd"><td><a href="mod_env.html#passenv" id="P" name="P">PassEnv <var>env-variable</var> [<var>env-variable</var>]
+...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Passes environment variables from the shell</td></tr>
+<tr><td><a href="mpm_common.html#pidfile">PidFile <var>filename</var></a></td><td> logs/httpd.pid </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">File where the server records the process ID
 of the daemon</td></tr>
-<tr><td><a href="mod_privileges.html#privilegesmode">PrivilegesMode FAST|SECURE|SELECTIVE</a></td><td> FAST </td><td>svd</td><td>X</td></tr><tr><td class="descr" colspan="4">Trade off processing speed and efficiency vs security against
+<tr class="odd"><td><a href="mod_privileges.html#privilegesmode">PrivilegesMode FAST|SECURE|SELECTIVE</a></td><td> FAST </td><td>svd</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Trade off processing speed and efficiency vs security against
 malicious privileges-aware code.</td></tr>
-<tr class="odd"><td><a href="core.html#protocol">Protocol <var>protocol</var></a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Protocol for a listening socket</td></tr>
-<tr><td><a href="mod_echo.html#protocolecho">ProtocolEcho On|Off</a></td><td> Off </td><td>sv</td><td>X</td></tr><tr><td class="descr" colspan="4">Turn the echo server on or off</td></tr>
-<tr class="odd"><td><a href="mod_proxy.html#proxy">&lt;Proxy <var>wildcard-url</var>&gt; ...&lt;/Proxy&gt;</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Container for directives applied to proxied resources</td></tr>
-<tr><td><a href="mod_proxy.html#proxyaddheaders">ProxyAddHeaders Off|On</a></td><td> On </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Add proxy information in X-Forwarded-* headers</td></tr>
-<tr class="odd"><td><a href="mod_proxy.html#proxybadheader">ProxyBadHeader IsError|Ignore|StartBody</a></td><td> IsError </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Determines how to handle bad header lines in a
+<tr><td><a href="core.html#protocol">Protocol <var>protocol</var></a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Protocol for a listening socket</td></tr>
+<tr class="odd"><td><a href="mod_echo.html#protocolecho">ProtocolEcho On|Off</a></td><td> Off </td><td>sv</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Turn the echo server on or off</td></tr>
+<tr><td><a href="mod_proxy.html#proxy">&lt;Proxy <var>wildcard-url</var>&gt; ...&lt;/Proxy&gt;</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Container for directives applied to proxied resources</td></tr>
+<tr class="odd"><td><a href="mod_proxy.html#proxyaddheaders">ProxyAddHeaders Off|On</a></td><td> On </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Add proxy information in X-Forwarded-* headers</td></tr>
+<tr><td><a href="mod_proxy.html#proxybadheader">ProxyBadHeader IsError|Ignore|StartBody</a></td><td> IsError </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Determines how to handle bad header lines in a
 response</td></tr>
-<tr><td><a href="mod_proxy.html#proxyblock">ProxyBlock *|<var>word</var>|<var>host</var>|<var>domain</var>
-[<var>word</var>|<var>host</var>|<var>domain</var>] ...</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Words, hosts, or domains that are banned from being
+<tr class="odd"><td><a href="mod_proxy.html#proxyblock">ProxyBlock *|<var>word</var>|<var>host</var>|<var>domain</var>
+[<var>word</var>|<var>host</var>|<var>domain</var>] ...</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Words, hosts, or domains that are banned from being
 proxied</td></tr>
-<tr class="odd"><td><a href="mod_proxy.html#proxydomain">ProxyDomain <var>Domain</var></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Default domain name for proxied requests</td></tr>
-<tr><td><a href="mod_proxy.html#proxyerroroverride">ProxyErrorOverride On|Off</a></td><td> Off </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Override error pages for proxied content</td></tr>
-<tr class="odd"><td><a href="mod_proxy_express.html#proxyexpressdbmfile">ProxyExpressDBMFile &lt;pathname&gt;</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pathname to DBM file.</td></tr>
-<tr><td><a href="mod_proxy_express.html#proxyexpressdbmtype">ProxyExpressDBMFile &lt;type&gt;</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">DBM type of file.</td></tr>
-<tr class="odd"><td><a href="mod_proxy_express.html#proxyexpressenable">ProxyExpressEnable [on|off]</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable the module functionality.</td></tr>
-<tr><td><a href="mod_proxy_ftp.html#proxyftpdircharset">ProxyFtpDirCharset <var>character set</var></a></td><td> ISO-8859-1 </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Define the character set for proxied FTP listings</td></tr>
-<tr class="odd"><td><a href="mod_proxy_ftp.html#proxyftpescapewildcards">ProxyFtpEscapeWildcards [on|off]</a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether wildcards in requested filenames are escaped when sent to the FTP server</td></tr>
-<tr><td><a href="mod_proxy_ftp.html#proxyftplistonwildcard">ProxyFtpListOnWildcard [on|off]</a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether wildcards in requested filenames trigger a file listing</td></tr>
-<tr class="odd"><td><a href="mod_proxy_html.html#proxyhtmlbufsize">ProxyHTMLBufSize <var>bytes</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the buffer size increment for buffering inline scripts and
+<tr><td><a href="mod_proxy.html#proxydomain">ProxyDomain <var>Domain</var></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Default domain name for proxied requests</td></tr>
+<tr class="odd"><td><a href="mod_proxy.html#proxyerroroverride">ProxyErrorOverride On|Off</a></td><td> Off </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Override error pages for proxied content</td></tr>
+<tr><td><a href="mod_proxy_express.html#proxyexpressdbmfile">ProxyExpressDBMFile &lt;pathname&gt;</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Pathname to DBM file.</td></tr>
+<tr class="odd"><td><a href="mod_proxy_express.html#proxyexpressdbmtype">ProxyExpressDBMFile &lt;type&gt;</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">DBM type of file.</td></tr>
+<tr><td><a href="mod_proxy_express.html#proxyexpressenable">ProxyExpressEnable [on|off]</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable the module functionality.</td></tr>
+<tr class="odd"><td><a href="mod_proxy_ftp.html#proxyftpdircharset">ProxyFtpDirCharset <var>character set</var></a></td><td> ISO-8859-1 </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define the character set for proxied FTP listings</td></tr>
+<tr><td><a href="mod_proxy_ftp.html#proxyftpescapewildcards">ProxyFtpEscapeWildcards [on|off]</a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether wildcards in requested filenames are escaped when sent to the FTP server</td></tr>
+<tr class="odd"><td><a href="mod_proxy_ftp.html#proxyftplistonwildcard">ProxyFtpListOnWildcard [on|off]</a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether wildcards in requested filenames trigger a file listing</td></tr>
+<tr><td><a href="mod_proxy_html.html#proxyhtmlbufsize">ProxyHTMLBufSize <var>bytes</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets the buffer size increment for buffering inline scripts and
 stylesheets.</td></tr>
-<tr><td><a href="mod_proxy_html.html#proxyhtmlcharsetout">ProxyHTMLCharsetOut <var>Charset | *</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Specify a charset for mod_proxy_html output.</td></tr>
-<tr class="odd"><td><a href="mod_proxy_html.html#proxyhtmldoctype">ProxyHTMLDocType <var>HTML|XHTML [Legacy]</var><br /><strong>OR</strong>
-<br />ProxyHTMLDocType <var>fpi [SGML|XML]</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets an HTML or XHTML document type declaration.</td></tr>
-<tr><td><a href="mod_proxy_html.html#proxyhtmlenable">ProxyHTMLEnable <var>On|Off</var></a></td><td> Off </td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Turns the proxy_html filter on or off.</td></tr>
-<tr class="odd"><td><a href="mod_proxy_html.html#proxyhtmlevents">ProxyHTMLEvents <var>attribute [attribute ...]</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Specify attributes to treat as scripting events.</td></tr>
-<tr><td><a href="mod_proxy_html.html#proxyhtmlextended">ProxyHTMLExtended <var>On|Off</var></a></td><td> Off </td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Determines whether to fix links in inline scripts, stylesheets,
+<tr class="odd"><td><a href="mod_proxy_html.html#proxyhtmlcharsetout">ProxyHTMLCharsetOut <var>Charset | *</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Specify a charset for mod_proxy_html output.</td></tr>
+<tr><td><a href="mod_proxy_html.html#proxyhtmldoctype">ProxyHTMLDocType <var>HTML|XHTML [Legacy]</var><br /><strong>OR</strong>
+<br />ProxyHTMLDocType <var>fpi [SGML|XML]</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets an HTML or XHTML document type declaration.</td></tr>
+<tr class="odd"><td><a href="mod_proxy_html.html#proxyhtmlenable">ProxyHTMLEnable <var>On|Off</var></a></td><td> Off </td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Turns the proxy_html filter on or off.</td></tr>
+<tr><td><a href="mod_proxy_html.html#proxyhtmlevents">ProxyHTMLEvents <var>attribute [attribute ...]</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Specify attributes to treat as scripting events.</td></tr>
+<tr class="odd"><td><a href="mod_proxy_html.html#proxyhtmlextended">ProxyHTMLExtended <var>On|Off</var></a></td><td> Off </td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether to fix links in inline scripts, stylesheets,
 and scripting events.</td></tr>
-<tr class="odd"><td><a href="mod_proxy_html.html#proxyhtmlfixups">ProxyHTMLFixups <var>[lowercase] [dospath] [reset]</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Fixes for simple HTML errors.</td></tr>
-<tr><td><a href="mod_proxy_html.html#proxyhtmlinterp">ProxyHTMLInterp <var>On|Off</var></a></td><td> Off </td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Enables per-request interpolation of
+<tr><td><a href="mod_proxy_html.html#proxyhtmlfixups">ProxyHTMLFixups <var>[lowercase] [dospath] [reset]</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Fixes for simple HTML errors.</td></tr>
+<tr class="odd"><td><a href="mod_proxy_html.html#proxyhtmlinterp">ProxyHTMLInterp <var>On|Off</var></a></td><td> Off </td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enables per-request interpolation of
 <code class="directive">ProxyHTMLURLMap</code> rules.</td></tr>
-<tr class="odd"><td><a href="mod_proxy_html.html#proxyhtmllinks">ProxyHTMLLinks <var>element attribute [attribute2 ...]</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Specify HTML elements that have URL attributes to be rewritten.</td></tr>
-<tr><td><a href="mod_proxy_html.html#proxyhtmlmeta">ProxyHTMLMeta <var>On|Off</var></a></td><td> Off </td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Turns on or off extra pre-parsing of metadata in HTML
+<tr><td><a href="mod_proxy_html.html#proxyhtmllinks">ProxyHTMLLinks <var>element attribute [attribute2 ...]</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Specify HTML elements that have URL attributes to be rewritten.</td></tr>
+<tr class="odd"><td><a href="mod_proxy_html.html#proxyhtmlmeta">ProxyHTMLMeta <var>On|Off</var></a></td><td> Off </td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Turns on or off extra pre-parsing of metadata in HTML
 <code>&lt;head&gt;</code> sections.</td></tr>
-<tr class="odd"><td><a href="mod_proxy_html.html#proxyhtmlstripcomments">ProxyHTMLStripComments <var>On|Off</var></a></td><td> Off </td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether to strip HTML comments.</td></tr>
-<tr><td><a href="mod_proxy_html.html#proxyhtmlurlmap">ProxyHTMLURLMap <var>from-pattern to-pattern [flags] [cond]</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Defines a rule to rewrite HTML links</td></tr>
-<tr class="odd"><td><a href="mod_proxy.html#proxyiobuffersize">ProxyIOBufferSize <var>bytes</var></a></td><td> 8192 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Determine size of internal data throughput buffer</td></tr>
-<tr><td><a href="mod_proxy.html#proxymatch">&lt;ProxyMatch <var>regex</var>&gt; ...&lt;/ProxyMatch&gt;</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Container for directives applied to regular-expression-matched
+<tr><td><a href="mod_proxy_html.html#proxyhtmlstripcomments">ProxyHTMLStripComments <var>On|Off</var></a></td><td> Off </td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Determines whether to strip HTML comments.</td></tr>
+<tr class="odd"><td><a href="mod_proxy_html.html#proxyhtmlurlmap">ProxyHTMLURLMap <var>from-pattern to-pattern [flags] [cond]</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a rule to rewrite HTML links</td></tr>
+<tr><td><a href="mod_proxy.html#proxyiobuffersize">ProxyIOBufferSize <var>bytes</var></a></td><td> 8192 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Determine size of internal data throughput buffer</td></tr>
+<tr class="odd"><td><a href="mod_proxy.html#proxymatch">&lt;ProxyMatch <var>regex</var>&gt; ...&lt;/ProxyMatch&gt;</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Container for directives applied to regular-expression-matched
 proxied resources</td></tr>
-<tr class="odd"><td><a href="mod_proxy.html#proxymaxforwards">ProxyMaxForwards <var>number</var></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximium number of proxies that a request can be forwarded
+<tr><td><a href="mod_proxy.html#proxymaxforwards">ProxyMaxForwards <var>number</var></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximium number of proxies that a request can be forwarded
 through</td></tr>
-<tr><td><a href="mod_proxy.html#proxypass">ProxyPass [<var>path</var>] !|<var>url</var> [<var>key=value</var>
-  <var>[key=value</var> ...]] [nocanon] [interpolate] [noquery]</a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Maps remote servers into the local server URL-space</td></tr>
-<tr class="odd"><td><a href="mod_proxy.html#proxypassinherit">ProxyPassInherit On|Off</a></td><td> On </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Inherit ProxyPass directives defined from the main server</td></tr>
-<tr><td><a href="mod_proxy.html#proxypassinterpolateenv">ProxyPassInterpolateEnv On|Off</a></td><td> Off </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable Environment Variable interpolation in Reverse Proxy configurations</td></tr>
-<tr class="odd"><td><a href="mod_proxy.html#proxypassmatch">ProxyPassMatch [<var>regex</var>] !|<var>url</var> [<var>key=value</var>
-	<var>[key=value</var> ...]]</a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maps remote servers into the local server URL-space using regular expressions</td></tr>
-<tr><td><a href="mod_proxy.html#proxypassreverse">ProxyPassReverse [<var>path</var>] <var>url</var>
-[<var>interpolate</var>]</a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Adjusts the URL in HTTP response headers sent from a reverse
+<tr class="odd"><td><a href="mod_proxy.html#proxypass">ProxyPass [<var>path</var>] !|<var>url</var> [<var>key=value</var>
+  <var>[key=value</var> ...]] [nocanon] [interpolate] [noquery]</a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maps remote servers into the local server URL-space</td></tr>
+<tr><td><a href="mod_proxy.html#proxypassinherit">ProxyPassInherit On|Off</a></td><td> On </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Inherit ProxyPass directives defined from the main server</td></tr>
+<tr class="odd"><td><a href="mod_proxy.html#proxypassinterpolateenv">ProxyPassInterpolateEnv On|Off</a></td><td> Off </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable Environment Variable interpolation in Reverse Proxy configurations</td></tr>
+<tr><td><a href="mod_proxy.html#proxypassmatch">ProxyPassMatch [<var>regex</var>] !|<var>url</var> [<var>key=value</var>
+	<var>[key=value</var> ...]]</a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Maps remote servers into the local server URL-space using regular expressions</td></tr>
+<tr class="odd"><td><a href="mod_proxy.html#proxypassreverse">ProxyPassReverse [<var>path</var>] <var>url</var>
+[<var>interpolate</var>]</a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Adjusts the URL in HTTP response headers sent from a reverse
 proxied server</td></tr>
-<tr class="odd"><td><a href="mod_proxy.html#proxypassreversecookiedomain">ProxyPassReverseCookieDomain <var>internal-domain</var>
-<var>public-domain</var> [<var>interpolate</var>]</a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Adjusts the Domain string in Set-Cookie headers from a reverse-
+<tr><td><a href="mod_proxy.html#proxypassreversecookiedomain">ProxyPassReverseCookieDomain <var>internal-domain</var>
+<var>public-domain</var> [<var>interpolate</var>]</a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Adjusts the Domain string in Set-Cookie headers from a reverse-
 proxied server</td></tr>
-<tr><td><a href="mod_proxy.html#proxypassreversecookiepath">ProxyPassReverseCookiePath <var>internal-path</var>
-<var>public-path</var> [<var>interpolate</var>]</a></td><td></td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Adjusts the Path string in Set-Cookie headers from a reverse-
+<tr class="odd"><td><a href="mod_proxy.html#proxypassreversecookiepath">ProxyPassReverseCookiePath <var>internal-path</var>
+<var>public-path</var> [<var>interpolate</var>]</a></td><td></td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Adjusts the Path string in Set-Cookie headers from a reverse-
 proxied server</td></tr>
-<tr class="odd"><td><a href="mod_proxy.html#proxypreservehost">ProxyPreserveHost On|Off</a></td><td> Off </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Use incoming Host HTTP request header for proxy
+<tr><td><a href="mod_proxy.html#proxypreservehost">ProxyPreserveHost On|Off</a></td><td> Off </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Use incoming Host HTTP request header for proxy
 request</td></tr>
-<tr><td><a href="mod_proxy.html#proxyreceivebuffersize">ProxyReceiveBufferSize <var>bytes</var></a></td><td> 0 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Network buffer size for proxied HTTP and FTP
+<tr class="odd"><td><a href="mod_proxy.html#proxyreceivebuffersize">ProxyReceiveBufferSize <var>bytes</var></a></td><td> 0 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Network buffer size for proxied HTTP and FTP
 connections</td></tr>
-<tr class="odd"><td><a href="mod_proxy.html#proxyremote">ProxyRemote <var>match</var> <var>remote-server</var></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Remote proxy used to handle certain requests</td></tr>
-<tr><td><a href="mod_proxy.html#proxyremotematch">ProxyRemoteMatch <var>regex</var> <var>remote-server</var></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Remote proxy used to handle requests matched by regular
+<tr><td><a href="mod_proxy.html#proxyremote">ProxyRemote <var>match</var> <var>remote-server</var></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Remote proxy used to handle certain requests</td></tr>
+<tr class="odd"><td><a href="mod_proxy.html#proxyremotematch">ProxyRemoteMatch <var>regex</var> <var>remote-server</var></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Remote proxy used to handle requests matched by regular
 expressions</td></tr>
-<tr class="odd"><td><a href="mod_proxy.html#proxyrequests">ProxyRequests On|Off</a></td><td> Off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables forward (standard) proxy requests</td></tr>
-<tr><td><a href="mod_proxy_scgi.html#proxyscgiinternalredirect">ProxySCGIInternalRedirect On|Off</a></td><td> On </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable or disable internal redirect responses from the
+<tr><td><a href="mod_proxy.html#proxyrequests">ProxyRequests On|Off</a></td><td> Off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables forward (standard) proxy requests</td></tr>
+<tr class="odd"><td><a href="mod_proxy_scgi.html#proxyscgiinternalredirect">ProxySCGIInternalRedirect On|Off</a></td><td> On </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable or disable internal redirect responses from the
 backend</td></tr>
-<tr class="odd"><td><a href="mod_proxy_scgi.html#proxyscgisendfile">ProxySCGISendfile On|Off|<var>Headername</var></a></td><td> Off </td><td>svd</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable evaluation of <var>X-Sendfile</var> pseudo response
+<tr><td><a href="mod_proxy_scgi.html#proxyscgisendfile">ProxySCGISendfile On|Off|<var>Headername</var></a></td><td> Off </td><td>svd</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable evaluation of <var>X-Sendfile</var> pseudo response
 header</td></tr>
-<tr><td><a href="mod_proxy.html#proxyset">ProxySet <var>url</var> <var>key=value [key=value ...]</var></a></td><td></td><td>d</td><td>E</td></tr><tr><td class="descr" colspan="4">Set various Proxy balancer or member parameters</td></tr>
-<tr class="odd"><td><a href="mod_proxy.html#proxysourceaddress">ProxySourceAddress <var>address</var></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set local IP address for outgoing proxy connections</td></tr>
-<tr><td><a href="mod_proxy.html#proxystatus">ProxyStatus Off|On|Full</a></td><td> Off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Show Proxy LoadBalancer status in mod_status</td></tr>
-<tr class="odd"><td><a href="mod_proxy.html#proxytimeout">ProxyTimeout <var>seconds</var></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Network timeout for proxied requests</td></tr>
-<tr><td><a href="mod_proxy.html#proxyvia">ProxyVia On|Off|Full|Block</a></td><td> Off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Information provided in the <code>Via</code> HTTP response
+<tr class="odd"><td><a href="mod_proxy.html#proxyset">ProxySet <var>url</var> <var>key=value [key=value ...]</var></a></td><td></td><td>d</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set various Proxy balancer or member parameters</td></tr>
+<tr><td><a href="mod_proxy.html#proxysourceaddress">ProxySourceAddress <var>address</var></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Set local IP address for outgoing proxy connections</td></tr>
+<tr class="odd"><td><a href="mod_proxy.html#proxystatus">ProxyStatus Off|On|Full</a></td><td> Off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Show Proxy LoadBalancer status in mod_status</td></tr>
+<tr><td><a href="mod_proxy.html#proxytimeout">ProxyTimeout <var>seconds</var></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Network timeout for proxied requests</td></tr>
+<tr class="odd"><td><a href="mod_proxy.html#proxyvia">ProxyVia On|Off|Full|Block</a></td><td> Off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Information provided in the <code>Via</code> HTTP response
 header for proxied requests</td></tr>
-<tr class="odd"><td><a href="mod_autoindex.html#readmename" id="R" name="R">ReadmeName <var>filename</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Name of the file that will be inserted at the end
+<tr><td><a href="mod_autoindex.html#readmename" id="R" name="R">ReadmeName <var>filename</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Name of the file that will be inserted at the end
 of the index listing</td></tr>
-<tr><td><a href="mpm_common.html#receivebuffersize">ReceiveBufferSize <var>bytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">TCP receive buffer size</td></tr>
-<tr class="odd"><td><a href="mod_alias.html#redirect">Redirect [<var>status</var>] [<var>URL-path</var>]
-<var>URL</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sends an external redirect asking the client to fetch
+<tr class="odd"><td><a href="mpm_common.html#receivebuffersize">ReceiveBufferSize <var>bytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">TCP receive buffer size</td></tr>
+<tr><td><a href="mod_alias.html#redirect">Redirect [<var>status</var>] [<var>URL-path</var>]
+<var>URL</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sends an external redirect asking the client to fetch
 a different URL</td></tr>
-<tr><td><a href="mod_alias.html#redirectmatch">RedirectMatch [<var>status</var>] <var>regex</var>
-<var>URL</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sends an external redirect based on a regular expression match
+<tr class="odd"><td><a href="mod_alias.html#redirectmatch">RedirectMatch [<var>status</var>] <var>regex</var>
+<var>URL</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sends an external redirect based on a regular expression match
 of the current URL</td></tr>
-<tr class="odd"><td><a href="mod_alias.html#redirectpermanent">RedirectPermanent <var>URL-path</var> <var>URL</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sends an external permanent redirect asking the client to fetch
+<tr><td><a href="mod_alias.html#redirectpermanent">RedirectPermanent <var>URL-path</var> <var>URL</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sends an external permanent redirect asking the client to fetch
 a different URL</td></tr>
-<tr><td><a href="mod_alias.html#redirecttemp">RedirectTemp <var>URL-path</var> <var>URL</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sends an external temporary redirect asking the client to fetch
+<tr class="odd"><td><a href="mod_alias.html#redirecttemp">RedirectTemp <var>URL-path</var> <var>URL</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sends an external temporary redirect asking the client to fetch
 a different URL</td></tr>
-<tr class="odd"><td><a href="mod_reflector.html#reflectorheader">ReflectorHeader <var>inputheader</var> <var>[outputheader]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Reflect an input header to the output headers</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>header-field</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare the header field which should be parsed for useragent IP addresses</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>HeaderFieldName</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare the header field which will record all intermediate IP addresses</td></tr>
-<tr><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
-<tr><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any character set associations for a set of file
+<tr><td><a href="mod_reflector.html#reflectorheader">ReflectorHeader <var>inputheader</var> <var>[outputheader]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Reflect an input header to the output headers</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipheader">RemoteIPHeader <var>header-field</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare the header field which should be parsed for useragent IP addresses</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteipinternalproxy">RemoteIPInternalProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteipinternalproxylist">RemoteIPInternalProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteipproxiesheader">RemoteIPProxiesHeader <var>HeaderFieldName</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare the header field which will record all intermediate IP addresses</td></tr>
+<tr class="odd"><td><a href="mod_remoteip.html#remoteiptrustedproxy">RemoteIPTrustedProxy <var>proxy-ip</var>|<var>proxy-ip/subnet</var>|<var>hostname</var> ...</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr><td><a href="mod_remoteip.html#remoteiptrustedproxylist">RemoteIPTrustedProxyList <var>filename</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Declare client intranet IP addresses trusted to present the RemoteIPHeader value</td></tr>
+<tr class="odd"><td><a href="mod_mime.html#removecharset">RemoveCharset <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any character set associations for a set of file
 extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any content encoding associations for a set of file
+<tr><td><a href="mod_mime.html#removeencoding">RemoveEncoding <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any content encoding associations for a set of file
 extensions</td></tr>
-<tr><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any handler associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removehandler">RemoveHandler <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any handler associations for a set of file
 extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any input filter associations for a set of file
+<tr><td><a href="mod_mime.html#removeinputfilter">RemoveInputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any input filter associations for a set of file
 extensions</td></tr>
-<tr><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any language associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removelanguage">RemoveLanguage <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any language associations for a set of file
 extensions</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any output filter associations for a set of file
+<tr><td><a href="mod_mime.html#removeoutputfilter">RemoveOutputFilter <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any output filter associations for a set of file
 extensions</td></tr>
-<tr><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
-...</a></td><td></td><td>vdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes any content type associations for a set of file
+<tr class="odd"><td><a href="mod_mime.html#removetype">RemoveType <var>extension</var> [<var>extension</var>]
+...</a></td><td></td><td>vdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes any content type associations for a set of file
 extensions</td></tr>
-<tr class="odd"><td><a href="mod_headers.html#requestheader">RequestHeader add|append|edit|edit*|merge|set|setifempty|unset
+<tr><td><a href="mod_headers.html#requestheader">RequestHeader add|append|edit|edit*|merge|set|setifempty|unset
 <var>header</var> [[expr=]<var>value</var> [<var>replacement</var>]
 [early|env=[!]<var>varname</var>|expr=<var>expression</var>]]
-</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure HTTP request headers</td></tr>
-<tr><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
+</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure HTTP request headers</td></tr>
+<tr class="odd"><td><a href="mod_reqtimeout.html#requestreadtimeout">RequestReadTimeout
 [header=<var>timeout</var>[-<var>maxtimeout</var>][,MinRate=<var>rate</var>]
 [body=<var>timeout</var>[-<var>maxtimeout</var>][,MinRate=<var>rate</var>]
-</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Set timeout values for receiving request headers and body from client.
+</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set timeout values for receiving request headers and body from client.
 </td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#require">Require [not] <var>entity-name</var>
-    [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
+<tr><td><a href="mod_authz_core.html#require">Require [not] <var>entity-name</var>
+    [<var>entity-name</var>] ...</a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Tests whether an authenticated user is authorized by
 an authorization provider.</td></tr>
-<tr><td><a href="mod_authz_core.html#requireall">&lt;RequireAll&gt; ... &lt;/RequireAll&gt;</a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+<tr class="odd"><td><a href="mod_authz_core.html#requireall">&lt;RequireAll&gt; ... &lt;/RequireAll&gt;</a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
 must fail and at least one must succeed for the enclosing directive to
 succeed.</td></tr>
-<tr class="odd"><td><a href="mod_authz_core.html#requireany">&lt;RequireAny&gt; ... &lt;/RequireAny&gt;</a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which one
+<tr><td><a href="mod_authz_core.html#requireany">&lt;RequireAny&gt; ... &lt;/RequireAny&gt;</a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which one
 must succeed for the enclosing directive to succeed.</td></tr>
-<tr><td><a href="mod_authz_core.html#requirenone">&lt;RequireNone&gt; ... &lt;/RequireNone&gt;</a></td><td></td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enclose a group of authorization directives of which none
+<tr class="odd"><td><a href="mod_authz_core.html#requirenone">&lt;RequireNone&gt; ... &lt;/RequireNone&gt;</a></td><td></td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enclose a group of authorization directives of which none
 must succeed for the enclosing directive to not fail.</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
-      <em>TestString</em> <em>CondPattern</em></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines a condition under which rewriting will take place
+<tr><td><a href="mod_rewrite.html#rewritebase">RewriteBase <em>URL-path</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets the base URL for per-directory rewrites</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewritecond"> RewriteCond
+      <em>TestString</em> <em>CondPattern</em></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a condition under which rewriting will take place
 </td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables or disables runtime rewriting engine</td></tr>
-<tr><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
-</a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines a mapping function for key-lookup</td></tr>
-<tr class="odd"><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Sets some special options for the rewrite engine</td></tr>
-<tr><td><a href="mod_rewrite.html#rewriterule">RewriteRule
-      <em>Pattern</em> <em>Substitution</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Defines rules for the rewriting engine</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitcpu">RLimitCPU <var>seconds</var>|max [<var>seconds</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the CPU consumption of processes launched
+<tr><td><a href="mod_rewrite.html#rewriteengine">RewriteEngine on|off</a></td><td> off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables or disables runtime rewriting engine</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewritemap">RewriteMap <em>MapName</em> <em>MapType</em>:<em>MapSource</em>
+</a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines a mapping function for key-lookup</td></tr>
+<tr><td><a href="mod_rewrite.html#rewriteoptions">RewriteOptions <var>Options</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Sets some special options for the rewrite engine</td></tr>
+<tr class="odd"><td><a href="mod_rewrite.html#rewriterule">RewriteRule
+      <em>Pattern</em> <em>Substitution</em> [<em>flags</em>]</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Defines rules for the rewriting engine</td></tr>
+<tr><td><a href="core.html#rlimitcpu">RLimitCPU <var>seconds</var>|max [<var>seconds</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the CPU consumption of processes launched
 by Apache httpd children</td></tr>
-<tr><td><a href="core.html#rlimitmem">RLimitMEM <var>bytes</var>|max [<var>bytes</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the memory consumption of processes launched
+<tr class="odd"><td><a href="core.html#rlimitmem">RLimitMEM <var>bytes</var>|max [<var>bytes</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the memory consumption of processes launched
 by Apache httpd children</td></tr>
-<tr class="odd"><td><a href="core.html#rlimitnproc">RLimitNPROC <var>number</var>|max [<var>number</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Limits the number of processes that can be launched by
+<tr><td><a href="core.html#rlimitnproc">RLimitNPROC <var>number</var>|max [<var>number</var>|max]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Limits the number of processes that can be launched by
 processes launched by Apache httpd children</td></tr>
-<tr><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Interaction between host-level access control and
+<tr class="odd"><td><a href="mod_access_compat.html#satisfy" id="S" name="S">Satisfy Any|All</a></td><td> All </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Interaction between host-level access control and
 user authentication</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>file-path</var></a></td><td> logs/apache_runtime +</td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the file used to store coordination data for
+<tr><td><a href="mpm_common.html#scoreboardfile">ScoreBoardFile <var>file-path</var></a></td><td> logs/apache_runtime +</td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Location of the file used to store coordination data for
 the child processes</td></tr>
-<tr><td><a href="mod_actions.html#script">Script <var>method</var> <var>cgi-script</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Activates a CGI script for a particular request
+<tr class="odd"><td><a href="mod_actions.html#script">Script <var>method</var> <var>cgi-script</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Activates a CGI script for a particular request
 method.</td></tr>
-<tr class="odd"><td><a href="mod_alias.html#scriptalias">ScriptAlias [<var>URL-path</var>]
-<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Maps a URL to a filesystem location and designates the
+<tr><td><a href="mod_alias.html#scriptalias">ScriptAlias [<var>URL-path</var>]
+<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Maps a URL to a filesystem location and designates the
 target as a CGI script</td></tr>
-<tr><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>regex</var>
-<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Maps a URL to a filesystem location using a regular expression
+<tr class="odd"><td><a href="mod_alias.html#scriptaliasmatch">ScriptAliasMatch <var>regex</var>
+<var>file-path</var>|<var>directory-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Maps a URL to a filesystem location using a regular expression
 and designates the target as a CGI script</td></tr>
-<tr class="odd"><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Technique for locating the interpreter for CGI
+<tr><td><a href="core.html#scriptinterpretersource">ScriptInterpreterSource Registry|Registry-Strict|Script</a></td><td> Script </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Technique for locating the interpreter for CGI
 scripts</td></tr>
-<tr><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>file-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Location of the CGI script error logfile</td></tr>
-<tr class="odd"><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <var>bytes</var></a></td><td> 1024 </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum amount of PUT or POST requests that will be recorded
+<tr class="odd"><td><a href="mod_cgi.html#scriptlog">ScriptLog <var>file-path</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the CGI script error logfile</td></tr>
+<tr><td><a href="mod_cgi.html#scriptlogbuffer">ScriptLogBuffer <var>bytes</var></a></td><td> 1024 </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Maximum amount of PUT or POST requests that will be recorded
 in the scriptlog</td></tr>
-<tr><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>bytes</var></a></td><td> 10385760 </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Size limit of the CGI script logfile</td></tr>
-<tr class="odd"><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>file-path</var></a></td><td> cgisock </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The filename prefix of the socket to use for communication with
+<tr class="odd"><td><a href="mod_cgi.html#scriptloglength">ScriptLogLength <var>bytes</var></a></td><td> 10385760 </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Size limit of the CGI script logfile</td></tr>
+<tr><td><a href="mod_cgid.html#scriptsock">ScriptSock <var>file-path</var></a></td><td> cgisock </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The filename prefix of the socket to use for communication with
 the cgi daemon</td></tr>
-<tr><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>IP-address</var>:]<var>portnumber</var>
-<var>Certificate-Name</var> [MUTUAL]</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Enables SSL encryption for the specified port</td></tr>
-<tr class="odd"><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Determine if mod_status displays the first 63 characters
+<tr class="odd"><td><a href="mod_nw_ssl.html#securelisten">SecureListen [<var>IP-address</var>:]<var>portnumber</var>
+<var>Certificate-Name</var> [MUTUAL]</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enables SSL encryption for the specified port</td></tr>
+<tr><td><a href="core.html#seerequesttail">SeeRequestTail On|Off</a></td><td> Off </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Determine if mod_status displays the first 63 characters
 of a request or the last 63, assuming the request itself is greater than
 63 chars.</td></tr>
-<tr><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>bytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">TCP buffer size</td></tr>
-<tr class="odd"><td><a href="core.html#serveradmin">ServerAdmin <var>email-address</var>|<var>URL</var></a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Email address that the server includes in error
+<tr class="odd"><td><a href="mpm_common.html#sendbuffersize">SendBufferSize <var>bytes</var></a></td><td> 0 </td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">TCP buffer size</td></tr>
+<tr><td><a href="core.html#serveradmin">ServerAdmin <var>email-address</var>|<var>URL</var></a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Email address that the server includes in error
 messages sent to the client</td></tr>
-<tr><td><a href="core.html#serveralias">ServerAlias <var>hostname</var> [<var>hostname</var>] ...</a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">Alternate names for a host used when matching requests
+<tr class="odd"><td><a href="core.html#serveralias">ServerAlias <var>hostname</var> [<var>hostname</var>] ...</a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Alternate names for a host used when matching requests
 to name-virtual hosts</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#serverlimit">ServerLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Upper limit on configurable number of processes</td></tr>
-<tr><td><a href="core.html#servername">ServerName [<var>scheme</var>://]<var>fully-qualified-domain-name</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Hostname and port that the server uses to identify
+<tr><td><a href="mpm_common.html#serverlimit">ServerLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Upper limit on configurable number of processes</td></tr>
+<tr class="odd"><td><a href="core.html#servername">ServerName [<var>scheme</var>://]<var>fully-qualified-domain-name</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Hostname and port that the server uses to identify
 itself</td></tr>
-<tr class="odd"><td><a href="core.html#serverpath">ServerPath <var>URL-path</var></a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Legacy URL pathname for a name-based virtual host that
+<tr><td><a href="core.html#serverpath">ServerPath <var>URL-path</var></a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">Legacy URL pathname for a name-based virtual host that
 is accessed by an incompatible browser</td></tr>
-<tr><td><a href="core.html#serverroot">ServerRoot <var>directory-path</var></a></td><td> /usr/local/apache </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Base directory for the server installation</td></tr>
-<tr class="odd"><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the footer on server-generated documents</td></tr>
-<tr><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures the <code>Server</code> HTTP response
+<tr class="odd"><td><a href="core.html#serverroot">ServerRoot <var>directory-path</var></a></td><td> /usr/local/apache </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Base directory for the server installation</td></tr>
+<tr><td><a href="core.html#serversignature">ServerSignature On|Off|EMail</a></td><td> Off </td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures the footer on server-generated documents</td></tr>
+<tr class="odd"><td><a href="core.html#servertokens">ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</a></td><td> Full </td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the <code>Server</code> HTTP response
 header</td></tr>
-<tr class="odd"><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enables a session for the current directory or location</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session</td></tr>
-<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session</td></tr>
-<tr><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control for whether session cookies should be removed from incoming HTTP headers</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>name</var></a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The crypto cipher to be used to encrypt the session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></a></td><td></td><td>s</td><td>X</td></tr><tr><td class="descr" colspan="4">The crypto driver to be used to encrypt the session</td></tr>
-<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>svdh</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The key used to encrypt the session</td></tr>
-<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>filename</var></a></td><td></td><td>svd</td><td>X</td></tr><tr><td class="descr" colspan="4">File containing keys used to encrypt the session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session ID</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control for whether session ID cookies should be removed from incoming HTTP headers</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>label</var></a></td><td> deletesession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to remove sessions from the database</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>label</var></a></td><td> insertsession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to insert sessions into the database</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable a per user session</td></tr>
-<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>label</var></a></td><td> selectsession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to select sessions from the database</td></tr>
-<tr><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>label</var></a></td><td> updatesession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to update existing sessions in the database</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control whether the contents of the session are written to the
+<tr><td><a href="mod_session.html#session">Session On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Enables a session for the current directory or location</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookiename">SessionCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session</td></tr>
+<tr><td><a href="mod_session_cookie.html#sessioncookiename2">SessionCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session</td></tr>
+<tr class="odd"><td><a href="mod_session_cookie.html#sessioncookieremove">SessionCookieRemove On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Control for whether session cookies should be removed from incoming HTTP headers</td></tr>
+<tr><td><a href="mod_session_crypto.html#sessioncryptocipher">SessionCryptoCipher <var>name</var></a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">The crypto cipher to be used to encrypt the session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptodriver">SessionCryptoDriver <var>name</var> <var>[param[=value]]</var></a></td><td></td><td>s</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">The crypto driver to be used to encrypt the session</td></tr>
+<tr><td><a href="mod_session_crypto.html#sessioncryptopassphrase">SessionCryptoPassphrase <var>secret</var> [ <var>secret</var> ... ] </a></td><td></td><td>svdh</td><td>X</td></tr><tr><td class="descr" colspan="4">The key used to encrypt the session</td></tr>
+<tr class="odd"><td><a href="mod_session_crypto.html#sessioncryptopassphrasefile">SessionCryptoPassphraseFile <var>filename</var></a></td><td></td><td>svd</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">File containing keys used to encrypt the session</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookiename">SessionDBDCookieName <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Name and attributes for the RFC2109 cookie storing the session ID</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdcookiename2">SessionDBDCookieName2 <var>name</var> <var>attributes</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Name and attributes for the RFC2965 cookie storing the session ID</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdcookieremove">SessionDBDCookieRemove On|Off</a></td><td> On </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control for whether session ID cookies should be removed from incoming HTTP headers</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbddeletelabel">SessionDBDDeleteLabel <var>label</var></a></td><td> deletesession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to remove sessions from the database</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdinsertlabel">SessionDBDInsertLabel <var>label</var></a></td><td> insertsession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to insert sessions into the database</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdperuser">SessionDBDPerUser On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable a per user session</td></tr>
+<tr><td><a href="mod_session_dbd.html#sessiondbdselectlabel">SessionDBDSelectLabel <var>label</var></a></td><td> selectsession </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">The SQL query to use to select sessions from the database</td></tr>
+<tr class="odd"><td><a href="mod_session_dbd.html#sessiondbdupdatelabel">SessionDBDUpdateLabel <var>label</var></a></td><td> updatesession </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">The SQL query to use to update existing sessions in the database</td></tr>
+<tr><td><a href="mod_session.html#sessionenv">SessionEnv On|Off</a></td><td> Off </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Control whether the contents of the session are written to the
 <var>HTTP_SESSION</var> environment variable</td></tr>
-<tr><td><a href="mod_session.html#sessionexclude">SessionExclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define URL prefixes for which a session is ignored</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionheader">SessionHeader <var>header</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Import session updates from a given HTTP response header</td></tr>
-<tr><td><a href="mod_session.html#sessioninclude">SessionInclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define URL prefixes for which a session is valid</td></tr>
-<tr class="odd"><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>maxage</var></a></td><td> 0 </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define a maximum age in seconds for a session</td></tr>
-<tr><td><a href="mod_env.html#setenv">SetEnv <var>env-variable</var> [<var>value</var>]</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>attribute
+<tr class="odd"><td><a href="mod_session.html#sessionexclude">SessionExclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define URL prefixes for which a session is ignored</td></tr>
+<tr><td><a href="mod_session.html#sessionheader">SessionHeader <var>header</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Import session updates from a given HTTP response header</td></tr>
+<tr class="odd"><td><a href="mod_session.html#sessioninclude">SessionInclude <var>path</var></a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Define URL prefixes for which a session is valid</td></tr>
+<tr><td><a href="mod_session.html#sessionmaxage">SessionMaxAge <var>maxage</var></a></td><td> 0 </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Define a maximum age in seconds for a session</td></tr>
+<tr class="odd"><td><a href="mod_env.html#setenv">SetEnv <var>env-variable</var> [<var>value</var>]</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvif">SetEnvIf <em>attribute
     regex [!]env-variable</em>[=<em>value</em>]
-    [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on attributes of the request
+    [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on attributes of the request
 </td></tr>
-<tr><td><a href="mod_setenvif.html#setenvifexpr">SetEnvIfExpr <em>expr
+<tr class="odd"><td><a href="mod_setenvif.html#setenvifexpr">SetEnvIfExpr <em>expr
     [!]env-variable</em>[=<em>value</em>]
-    [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on an ap_expr expression</td></tr>
-<tr class="odd"><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>attribute regex
+    [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on an ap_expr expression</td></tr>
+<tr><td><a href="mod_setenvif.html#setenvifnocase">SetEnvIfNoCase <em>attribute regex
         [!]env-variable</em>[=<em>value</em>]
-    [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets environment variables based on attributes of the request
+    [[!]<em>env-variable</em>[=<em>value</em>]] ...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets environment variables based on attributes of the request
 without respect to case</td></tr>
-<tr><td><a href="core.html#sethandler">SetHandler <var>handler-name</var>|None</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Forces all matching files to be processed by a
+<tr class="odd"><td><a href="core.html#sethandler">SetHandler <var>handler-name</var>|None</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Forces all matching files to be processed by a
 handler</td></tr>
-<tr class="odd"><td><a href="core.html#setinputfilter">SetInputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the filters that will process client requests and POST
+<tr><td><a href="core.html#setinputfilter">SetInputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Sets the filters that will process client requests and POST
 input</td></tr>
-<tr><td><a href="core.html#setoutputfilter">SetOutputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr><td class="descr" colspan="4">Sets the filters that will process responses from the
+<tr class="odd"><td><a href="core.html#setoutputfilter">SetOutputFilter <var>filter</var>[;<var>filter</var>...]</a></td><td></td><td>svdh</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the filters that will process responses from the
 server</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "--&gt;" </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String that ends an include element</td></tr>
-<tr><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Error message displayed when there is an SSI
+<tr><td><a href="mod_include.html#ssiendtag">SSIEndTag <var>tag</var></a></td><td> "--&gt;" </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">String that ends an include element</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssierrormsg">SSIErrorMsg <var>message</var></a></td><td> "[an error occurred +</td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Error message displayed when there is an SSI
 error</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls whether ETags are generated by the server.</td></tr>
-<tr><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Controls whether <code>Last-Modified</code> headers are generated by the
+<tr><td><a href="mod_include.html#ssietag">SSIETag on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Controls whether ETags are generated by the server.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssilastmodified">SSILastModified on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Controls whether <code>Last-Modified</code> headers are generated by the
 server.</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enable compatibility mode for conditional expressions.</td></tr>
-<tr><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "&lt;!--#" </td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">String that starts an include element</td></tr>
-<tr class="odd"><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>formatstring</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the format in which date strings are
+<tr><td><a href="mod_include.html#ssilegacyexprparser">SSILegacyExprParser on|off</a></td><td> off </td><td>dh</td><td>B</td></tr><tr><td class="descr" colspan="4">Enable compatibility mode for conditional expressions.</td></tr>
+<tr class="odd"><td><a href="mod_include.html#ssistarttag">SSIStartTag <var>tag</var></a></td><td> "&lt;!--#" </td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String that starts an include element</td></tr>
+<tr><td><a href="mod_include.html#ssitimeformat">SSITimeFormat <var>formatstring</var></a></td><td> "%A, %d-%b-%Y %H:%M +</td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Configures the format in which date strings are
 displayed</td></tr>
-<tr><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>string</var></a></td><td> "(none)" </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">String displayed when an unset variable is echoed</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr class="odd"><td><a href="mod_include.html#ssiundefinedecho">SSIUndefinedEcho <var>string</var></a></td><td> "(none)" </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">String displayed when an unset variable is echoed</td></tr>
+<tr><td><a href="mod_ssl.html#sslcacertificatefile">SSLCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
 for Client Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslcacertificatepath">SSLCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
 Client Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr><td><a href="mod_ssl.html#sslcadnrequestfile">SSLCADNRequestFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
 for defining acceptable CA names</td></tr>
-<tr><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslcadnrequestpath">SSLCADNRequestPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
 defining acceptable CA names</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable CRL-based revocation checking</td></tr>
-<tr><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslcarevocationcheck">SSLCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable CRL-based revocation checking</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationfile">SSLCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
 Client Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslcarevocationpath">SSLCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
 Client Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of PEM-encoded Server CA Certificates</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Server PEM-encoded X.509 certificate data file</td></tr>
-<tr><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Server PEM-encoded private key file</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>cipher-spec</em></a></td><td> DEFAULT (depends on +</td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatechainfile">SSLCertificateChainFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of PEM-encoded Server CA Certificates</td></tr>
+<tr><td><a href="mod_ssl.html#sslcertificatefile">SSLCertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Server PEM-encoded X.509 certificate data file</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslcertificatekeyfile">SSLCertificateKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Server PEM-encoded private key file</td></tr>
+<tr><td><a href="mod_ssl.html#sslciphersuite">SSLCipherSuite <em>cipher-spec</em></a></td><td> DEFAULT (depends on +</td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
 handshake</td></tr>
-<tr><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable compression on the SSL level</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>engine</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable use of a cryptographic hardware accelerator</td></tr>
-<tr><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL Engine Operation Switch</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL FIPS mode Switch</td></tr>
-<tr><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Option to prefer the server's cipher preference order</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option to enable support for insecure renegotiation</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the default responder URI for OCSP validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable OCSP validation of the client certificate chain</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Force use of the default responder URI for OCSP validation</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Timeout for OCSP queries</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable age for OCSP responses</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable time skew for OCSP response validation</td></tr>
-<tr><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure OpenSSL parameters through its <em>SSL_CONF</em> API</td></tr>
-<tr><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure various SSL engine run-time options</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of pass phrase dialog for encrypted private
+<tr class="odd"><td><a href="mod_ssl.html#sslcompression">SSLCompression on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable compression on the SSL level</td></tr>
+<tr><td><a href="mod_ssl.html#sslcryptodevice">SSLCryptoDevice <em>engine</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable use of a cryptographic hardware accelerator</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslengine">SSLEngine on|off|optional</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL Engine Operation Switch</td></tr>
+<tr><td><a href="mod_ssl.html#sslfips">SSLFIPS on|off</a></td><td> off </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL FIPS mode Switch</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Option to prefer the server's cipher preference order</td></tr>
+<tr><td><a href="mod_ssl.html#sslinsecurerenegotiation">SSLInsecureRenegotiation on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Option to enable support for insecure renegotiation</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspdefaultresponder">SSLOCSDefaultResponder <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the default responder URI for OCSP validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspenable">SSLOCSPEnable on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable OCSP validation of the client certificate chain</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspoverrideresponder">SSLOCSPOverrideResponder on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Force use of the default responder URI for OCSP validation</td></tr>
+<tr><td><a href="mod_ssl.html#sslocsprespondertimeout">SSLOCSPResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Timeout for OCSP queries</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspresponsemaxage">SSLOCSPResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable age for OCSP responses</td></tr>
+<tr><td><a href="mod_ssl.html#sslocspresponsetimeskew">SSLOCSPResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable time skew for OCSP response validation</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslocspuserequestnonce">SSLOCSPUseRequestNonce on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Use a nonce within OCSP queries</td></tr>
+<tr><td><a href="mod_ssl.html#sslopensslconfcmd">SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure OpenSSL parameters through its <em>SSL_CONF</em> API</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#ssloptions">SSLOptions [+|-]<em>option</em> ...</a></td><td></td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure various SSL engine run-time options</td></tr>
+<tr><td><a href="mod_ssl.html#sslpassphrasedialog">SSLPassPhraseDialog <em>type</em></a></td><td> builtin </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of pass phrase dialog for encrypted private
 keys</td></tr>
-<tr><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocol</em> ...</a></td><td> all </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure usable SSL/TLS protocol versions</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
+<tr class="odd"><td><a href="mod_ssl.html#sslprotocol">SSLProtocol [+|-]<em>protocol</em> ...</a></td><td> all </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure usable SSL/TLS protocol versions</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxycacertificatefile">SSLProxyCACertificateFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA Certificates
 for Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycacertificatepath">SSLProxyCACertificatePath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA Certificates for
 Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable CRL-based revocation checking for Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslproxycarevocationcheck">SSLProxyCARevocationCheck chain|leaf|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable CRL-based revocation checking for Remote Server Auth</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationfile">SSLProxyCARevocationFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA CRLs for
 Remote Server Auth</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
+<tr><td><a href="mod_ssl.html#sslproxycarevocationpath">SSLProxyCARevocationPath <em>directory-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded CA CRLs for
 Remote Server Auth</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to check the remote server certificate's CN field
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeercn">SSLProxyCheckPeerCN on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to check the remote server certificate's CN field
 </td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to check if remote server certificate is expired
+<tr><td><a href="mod_ssl.html#sslproxycheckpeerexpire">SSLProxyCheckPeerExpire on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to check if remote server certificate is expired
 </td></tr>
-<tr><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure host name checking for remote server certificates
+<tr class="odd"><td><a href="mod_ssl.html#sslproxycheckpeername">SSLProxyCheckPeerName on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure host name checking for remote server certificates
 </td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
+<tr><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite <em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Cipher Suite available for negotiation in SSL
 proxy handshake</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SSL Proxy Engine Operation Switch</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocol</em> ...</a></td><td> all </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Configure usable SSL protocol flavors for proxy usage</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
-<tr><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>number</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote Server
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SSL Proxy Engine Operation Switch</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxymachinecertificatechainfile">SSLProxyMachineCertificateChainFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile <em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath <em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol [+|-]<em>protocol</em> ...</a></td><td> all </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configure usable SSL protocol flavors for proxy usage</td></tr>
+<tr><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth <em>number</em></a></td><td> 1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote Server
 Certificate verification</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>context</em> <em>source</em>
-[<em>bytes</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pseudo Random Number Generator (PRNG) seeding
+<tr><td><a href="mod_ssl.html#sslrandomseed">SSLRandomSeed <em>context</em> <em>source</em>
+[<em>bytes</em>]</a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Pseudo Random Number Generator (PRNG) seeding
 source</td></tr>
-<tr><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>bytes</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the size for the SSL renegotiation buffer</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Allow access only when an arbitrarily complex
+<tr class="odd"><td><a href="mod_ssl.html#sslrenegbuffersize">SSLRenegBufferSize <var>bytes</var></a></td><td> 131072 </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the size for the SSL renegotiation buffer</td></tr>
+<tr><td><a href="mod_ssl.html#sslrequire">SSLRequire <em>expression</em></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Allow access only when an arbitrarily complex
 boolean expression is true</td></tr>
-<tr><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Deny access when SSL is not used for the
+<tr class="odd"><td><a href="mod_ssl.html#sslrequiressl">SSLRequireSSL</a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Deny access when SSL is not used for the
 HTTP request</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of the global/inter-process SSL Session
+<tr><td><a href="mod_ssl.html#sslsessioncache">SSLSessionCache <em>type</em></a></td><td> none </td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of the global/inter-process SSL Session
 Cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before an SSL session expires
+<tr class="odd"><td><a href="mod_ssl.html#sslsessioncachetimeout">SSLSessionCacheTimeout <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before an SSL session expires
 in the Session Cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
-<tr><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">SRP unknown user seed</td></tr>
-<tr><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Override the OCSP responder URI specified in the certificate's AIA extension</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Timeout for OCSP stapling queries</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable age for OCSP stapling responses</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable time skew for OCSP stapling response validation</td></tr>
-<tr><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Pass stapling related OCSP errors on to client</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>seconds</em></a></td><td> 3600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring responses in the OCSP stapling cache</td></tr>
-<tr><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Whether to allow non-SNI clients to access a name-based virtual
+<tr><td><a href="mod_ssl.html#sslsessionticketkeyfile">SSLSessionTicketKeyFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Persistent encryption/decryption key for TLS session tickets</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsessiontickets">SSLSessionTickets on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable or disable use of TLS session tickets</td></tr>
+<tr><td><a href="mod_ssl.html#sslsrpunknownuserseed">SSLSRPUnknownUserSeed <em>secret-string</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">SRP unknown user seed</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslsrpverifierfile">SSLSRPVerifierFile <em>file-path</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Path to SRP verifier file</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingcache">SSLStaplingCache <em>type</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td class="descr" colspan="4">Configures the OCSP stapling cache</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingerrorcachetimeout">SSLStaplingErrorCacheTimeout <em>seconds</em></a></td><td> 600 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Number of seconds before expiring invalid responses in the OCSP stapling cache</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingfaketrylater">SSLStaplingFakeTryLater on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Synthesize "tryLater" responses for failed OCSP stapling queries</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingforceurl">SSLStaplingForceURL <em>uri</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Override the OCSP responder URI specified in the certificate's AIA extension</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingrespondertimeout">SSLStaplingResponderTimeout <em>seconds</em></a></td><td> 10 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Timeout for OCSP stapling queries</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingresponsemaxage">SSLStaplingResponseMaxAge <em>seconds</em></a></td><td> -1 </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum allowable age for OCSP stapling responses</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingresponsetimeskew">SSLStaplingResponseTimeSkew <em>seconds</em></a></td><td> 300 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum allowable time skew for OCSP stapling response validation</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstaplingreturnrespondererrors">SSLStaplingReturnResponderErrors on|off</a></td><td> on </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pass stapling related OCSP errors on to client</td></tr>
+<tr><td><a href="mod_ssl.html#sslstaplingstandardcachetimeout">SSLStaplingStandardCacheTimeout <em>seconds</em></a></td><td> 3600 </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Number of seconds before expiring responses in the OCSP stapling cache</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslstrictsnivhostcheck">SSLStrictSNIVHostCheck on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Whether to allow non-SNI clients to access a name-based virtual
 host.
 </td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslusername">SSLUserName <em>varname</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Variable name to determine user name</td></tr>
-<tr><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Enable stapling of OCSP responses in the TLS handshake</td></tr>
-<tr class="odd"><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>level</em></a></td><td> none </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Type of Client Certificate verification</td></tr>
-<tr><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>number</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Maximum depth of CA Certificates in Client
+<tr><td><a href="mod_ssl.html#sslusername">SSLUserName <em>varname</em></a></td><td></td><td>sdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Variable name to determine user name</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslusestapling">SSLUseStapling on|off</a></td><td> off </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Enable stapling of OCSP responses in the TLS handshake</td></tr>
+<tr><td><a href="mod_ssl.html#sslverifyclient">SSLVerifyClient <em>level</em></a></td><td> none </td><td>svdh</td><td>E</td></tr><tr><td class="descr" colspan="4">Type of Client Certificate verification</td></tr>
+<tr class="odd"><td><a href="mod_ssl.html#sslverifydepth">SSLVerifyDepth <em>number</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Client
 Certificate verification</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#startservers">StartServers <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Number of child server processes created at startup</td></tr>
-<tr><td><a href="mpm_common.html#startthreads">StartThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Number of threads created on startup</td></tr>
-<tr class="odd"><td><a href="mod_substitute.html#substitute">Substitute <var>s/pattern/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Pattern to filter the response content</td></tr>
-<tr><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>bytes</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Set the maximum line size</td></tr>
-<tr class="odd"><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Enable or disable the suEXEC feature</td></tr>
-<tr><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>User Group</em></a></td><td></td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">User and group for CGI programs to run as</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the upper limit on the configurable number of threads
+<tr><td><a href="mpm_common.html#startservers">StartServers <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Number of child server processes created at startup</td></tr>
+<tr class="odd"><td><a href="mpm_common.html#startthreads">StartThreads <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Number of threads created on startup</td></tr>
+<tr><td><a href="mod_substitute.html#substitute">Substitute <var>s/pattern/substitution/[infq]</var></a></td><td></td><td>dh</td><td>E</td></tr><tr><td class="descr" colspan="4">Pattern to filter the response content</td></tr>
+<tr class="odd"><td><a href="mod_substitute.html#substitutemaxlinelength">SubstituteMaxLineLength <var>bytes</var>(b|B|k|K|m|M|g|G)</a></td><td> 1m </td><td>dh</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Set the maximum line size</td></tr>
+<tr><td><a href="mod_unixd.html#suexec">Suexec On|Off</a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Enable or disable the suEXEC feature</td></tr>
+<tr class="odd"><td><a href="mod_suexec.html#suexecusergroup">SuexecUserGroup <em>User Group</em></a></td><td></td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">User and group for CGI programs to run as</td></tr>
+<tr><td><a href="mpm_common.html#threadlimit" id="T" name="T">ThreadLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Sets the upper limit on the configurable number of threads
 per child process</td></tr>
-<tr><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">Number of threads created by each child process</td></tr>
-<tr class="odd"><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>size</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">The size in bytes of the stack used by threads handling
+<tr class="odd"><td><a href="mpm_common.html#threadsperchild">ThreadsPerChild <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Number of threads created by each child process</td></tr>
+<tr><td><a href="mpm_common.html#threadstacksize">ThreadStackSize <var>size</var></a></td><td></td><td>s</td><td>M</td></tr><tr><td class="descr" colspan="4">The size in bytes of the stack used by threads handling
 client connections</td></tr>
-<tr><td><a href="core.html#timeout">TimeOut <var>seconds</var></a></td><td> 60 </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Amount of time the server will wait for
+<tr class="odd"><td><a href="core.html#timeout">TimeOut <var>seconds</var></a></td><td> 60 </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Amount of time the server will wait for
 certain events before failing a request</td></tr>
-<tr class="odd"><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>sv</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Determines the behavior on <code>TRACE</code> requests</td></tr>
-<tr><td><a href="mod_log_config.html#transferlog">TransferLog <var>file</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Specify location of a log file</td></tr>
-<tr class="odd"><td><a href="mod_mime.html#typesconfig">TypesConfig <var>file-path</var></a></td><td> conf/mime.types </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The location of the <code>mime.types</code> file</td></tr>
-<tr><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>parameter-name</var></a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Undefine the existence of a variable</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Undefine a macro</td></tr>
-<tr><td><a href="mod_env.html#unsetenv">UnsetEnv <var>env-variable</var> [<var>env-variable</var>]
-...</a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Removes variables from the environment</td></tr>
-<tr class="odd"><td><a href="mod_macro.html#use">Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
-</a></td><td></td><td>svd</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Use a macro</td></tr>
-<tr><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|DNS</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures how the server determines its own name and
+<tr><td><a href="core.html#traceenable">TraceEnable <var>[on|off|extended]</var></a></td><td> on </td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Determines the behavior on <code>TRACE</code> requests</td></tr>
+<tr class="odd"><td><a href="mod_log_config.html#transferlog">TransferLog <var>file</var>|<var>pipe</var></a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Specify location of a log file</td></tr>
+<tr><td><a href="mod_mime.html#typesconfig">TypesConfig <var>file-path</var></a></td><td> conf/mime.types </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The location of the <code>mime.types</code> file</td></tr>
+<tr class="odd"><td><a href="core.html#undefine" id="U" name="U">UnDefine <var>parameter-name</var></a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Undefine the existence of a variable</td></tr>
+<tr><td><a href="mod_macro.html#undefmacro">UndefMacro <var>name</var></a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Undefine a macro</td></tr>
+<tr class="odd"><td><a href="mod_env.html#unsetenv">UnsetEnv <var>env-variable</var> [<var>env-variable</var>]
+...</a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Removes variables from the environment</td></tr>
+<tr><td><a href="mod_macro.html#use">Use <var>name</var> [<var>value1</var> ... <var>valueN</var>]
+</a></td><td></td><td>svd</td><td>B</td></tr><tr><td class="descr" colspan="4">Use a macro</td></tr>
+<tr class="odd"><td><a href="core.html#usecanonicalname">UseCanonicalName On|Off|DNS</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures how the server determines its own name and
 port</td></tr>
-<tr class="odd"><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Configures how the server determines its own port</td></tr>
-<tr><td><a href="mod_unixd.html#user">User <var>unix-userid</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">The userid under which the server will answer
+<tr><td><a href="core.html#usecanonicalphysicalport">UseCanonicalPhysicalPort On|Off</a></td><td> Off </td><td>svd</td><td>C</td></tr><tr><td class="descr" colspan="4">Configures how the server determines its own port</td></tr>
+<tr class="odd"><td><a href="mod_unixd.html#user">User <var>unix-userid</var></a></td><td> #-1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">The userid under which the server will answer
 requests</td></tr>
-<tr class="odd"><td><a href="mod_userdir.html#userdir">UserDir <em>directory-filename</em> [<em>directory-filename</em>] ...
-</a></td><td></td><td>sv</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Location of the user-specific directories</td></tr>
-<tr><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines whether the virtualhost can run
+<tr><td><a href="mod_userdir.html#userdir">UserDir <em>directory-filename</em> [<em>directory-filename</em>] ...
+</a></td><td></td><td>sv</td><td>B</td></tr><tr><td class="descr" colspan="4">Location of the user-specific directories</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostcgimode" id="V" name="V">VHostCGIMode On|Off|Secure</a></td><td> On </td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the virtualhost can run
 subprocesses, and the privileges available to subprocesses.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Assign arbitrary privileges to subprocesses created
+<tr><td><a href="mod_privileges.html#vhostcgiprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Assign arbitrary privileges to subprocesses created
 by a virtual host.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>unix-groupid</var></a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Sets the Group ID under which a virtual host runs.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Assign arbitrary privileges to a virtual host.</td></tr>
-<tr><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Determines whether the server runs with enhanced security
+<tr class="odd"><td><a href="mod_privileges.html#vhostgroup">VHostGroup <var>unix-groupid</var></a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the Group ID under which a virtual host runs.</td></tr>
+<tr><td><a href="mod_privileges.html#vhostprivs">VHostPrivs [+-]?<var>privilege-name</var> [[+-]?privilege-name] ...</a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Assign arbitrary privileges to a virtual host.</td></tr>
+<tr class="odd"><td><a href="mod_privileges.html#vhostsecure">VHostSecure On|Off</a></td><td> On </td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Determines whether the server runs with enhanced security
 for the virtualhost.</td></tr>
-<tr class="odd"><td><a href="mod_privileges.html#vhostuser">VHostUser <var>unix-userid</var></a></td><td></td><td>v</td><td>X</td></tr><tr class="odd"><td class="descr" colspan="4">Sets the User ID under which a virtual host runs.</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the document root
+<tr><td><a href="mod_privileges.html#vhostuser">VHostUser <var>unix-userid</var></a></td><td></td><td>v</td><td>X</td></tr><tr><td class="descr" colspan="4">Sets the User ID under which a virtual host runs.</td></tr>
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentroot">VirtualDocumentRoot <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the document root
 for a given virtual host</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the document root
+<tr><td><a href="mod_vhost_alias.html#virtualdocumentrootip">VirtualDocumentRootIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the document root
 for a given virtual host</td></tr>
-<tr><td><a href="core.html#virtualhost">&lt;VirtualHost
+<tr class="odd"><td><a href="core.html#virtualhost">&lt;VirtualHost
     <var>addr</var>[:<var>port</var>] [<var>addr</var>[:<var>port</var>]]
-    ...&gt; ... &lt;/VirtualHost&gt;</a></td><td></td><td>s</td><td>C</td></tr><tr><td class="descr" colspan="4">Contains directives that apply only to a specific
+    ...&gt; ... &lt;/VirtualHost&gt;</a></td><td></td><td>s</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Contains directives that apply only to a specific
 hostname or IP address</td></tr>
-<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
+<tr><td><a href="mod_vhost_alias.html#virtualscriptalias">VirtualScriptAlias <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
 a given virtual host</td></tr>
-<tr><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
+<tr class="odd"><td><a href="mod_vhost_alias.html#virtualscriptaliasip">VirtualScriptAliasIP <em>interpolated-directory</em>|none</a></td><td> none </td><td>sv</td><td>E</td></tr><tr class="odd"><td class="descr" colspan="4">Dynamically configure the location of the CGI directory for
 a given virtual host</td></tr>
-<tr class="odd"><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
-<tr><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Parse SSI directives in files with the execute bit
+<tr><td><a href="mod_watchdog.html#watchdoginterval" id="W" name="W">WatchdogInterval <var>number-of-seconds</var></a></td><td> 1 </td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Watchdog interval in seconds</td></tr>
+<tr class="odd"><td><a href="mod_include.html#xbithack" id="X" name="X">XBitHack on|off|full</a></td><td> off </td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Parse SSI directives in files with the execute bit
 set</td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>charset alias [alias ...]</var></a></td><td></td><td>s</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Recognise Aliases for encoding values</td></tr>
-<tr><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>name</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Sets a default encoding to assume when absolutely no information
+<tr><td><a href="mod_xml2enc.html#xml2encalias">xml2EncAlias <var>charset alias [alias ...]</var></a></td><td></td><td>s</td><td>B</td></tr><tr><td class="descr" colspan="4">Recognise Aliases for encoding values</td></tr>
+<tr class="odd"><td><a href="mod_xml2enc.html#xml2encdefault">xml2EncDefault <var>name</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Sets a default encoding to assume when absolutely no information
 can be <a href="#sniffing">automatically detected</a></td></tr>
-<tr class="odd"><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>element [element ...]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr class="odd"><td class="descr" colspan="4">Advise the parser to skip leading junk.</td></tr>
+<tr><td><a href="mod_xml2enc.html#xml2startparse">xml2StartParse <var>element [element ...]</var></a></td><td></td><td>svdh</td><td>B</td></tr><tr><td class="descr" colspan="4">Advise the parser to skip leading junk.</td></tr>
 </table></div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../de/mod/quickreference.html" hreflang="de" rel="alternate" title="Deutsch">&nbsp;de&nbsp;</a> |
diff --git a/docs/manual/mod/worker.html.en b/docs/manual/mod/worker.html.en
index b192ca583d..09727766a1 100644
--- a/docs/manual/mod/worker.html.en
+++ b/docs/manual/mod/worker.html.en
@@ -51,7 +51,10 @@
     controls the maximum total number of threads that may be
     launched.</p>
 </div>
-<div id="quickview"><h3 class="directives">Directives</h3>
+<div id="quickview"><h3>Topics</h3>
+<ul id="topics">
+<li><img alt="" src="../images/down.gif" /> <a href="#how-it-works">How it Works</a></li>
+</ul><h3 class="directives">Directives</h3>
 <ul id="toc">
 <li><img alt="" src="../images/right.gif" /> <a href="mpm_common.html#coredumpdirectory">CoreDumpDirectory</a></li>
 <li><img alt="" src="../images/right.gif" /> <a href="mpm_common.html#enableexceptionhook">EnableExceptionHook</a></li>
@@ -74,10 +77,7 @@
 <li><img alt="" src="../images/right.gif" /> <a href="mpm_common.html#threadstacksize">ThreadStackSize</a></li>
 <li><img alt="" src="../images/right.gif" /> <a href="mod_unixd.html#user">User</a></li>
 </ul>
-<h3>Topics</h3>
-<ul id="topics">
-<li><img alt="" src="../images/down.gif" /> <a href="#how-it-works">How it Works</a></li>
-</ul><h3>See also</h3>
+<h3>See also</h3>
 <ul class="seealso">
 <li><a href="../bind.html">Setting which addresses and ports Apache HTTP Server uses</a></li>
 </ul><ul class="seealso"><li><a href="#comments_section">Comments</a></li></ul></div>