1<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
2    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3
4<html xmlns="http://www.w3.org/1999/xhtml">
5  <head>
6    <meta name="generator" content="HTML Tidy, see www.w3.org" />
7
8    <title>Apache module mod_proxy</title>
9  </head>
10  <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
11
12  <body bgcolor="#FFFFFF" text="#000000" link="#0000FF"
13  vlink="#000080" alink="#FF0000">
14        <div align="CENTER">
15      <img src="../images/sub.gif" alt="[APACHE DOCUMENTATION]" />
16
17      <h3>Apache HTTP Server Version 1.3</h3>
18    </div>
19
20
21    <h1 align="CENTER">Apache module mod_proxy</h1>
22
23    <p>This module provides for an <strong>HTTP 1.1</strong>
24    caching proxy server.</p>
25
26    <p><a href="module-dict.html#Status"
27    rel="Help"><strong>Status:</strong></a> Extension<br />
28     <a href="module-dict.html#SourceFile"
29    rel="Help"><strong>Source File:</strong></a> mod_proxy.c<br />
30     <a href="module-dict.html#ModuleIdentifier"
31    rel="Help"><strong>Module Identifier:</strong></a>
32    proxy_module<br />
33     <a href="module-dict.html#Compatibility"
34    rel="Help"><strong>Compatibility:</strong></a> Available in
35    Apache 1.1 and later.</p>
36
37    <h2>Summary</h2>
38    This module implements a proxy/cache for Apache. It implements
39    proxying capability for <code>FTP</code>, <code>CONNECT</code>
40    (for SSL), <code>HTTP/0.9</code>, <code>HTTP/1.0</code>, and
41    (as of Apache 1.3.23) <code>HTTP/1.1</code>.
42    The module can be configured to connect to other proxy modules
43    for these and other protocols.
44
45    <p>This module was experimental in Apache 1.1.x. As of Apache
46    1.2, mod_proxy stability is <em>greatly</em> improved.</p>
47
48    <p><strong>Warning:</strong> Do not enable proxying with <a
49    href="#proxyrequests">ProxyRequests</a> until you have <a
50    href="#access">secured your server</a>.  Open proxy servers are
51    dangerous both to your network and to the Internet at large.</p>
52
53    <h2>Directives</h2>
54
55    <ul>
56      <li><a href="#proxyrequests">ProxyRequests</a></li>
57
58      <li><a href="#proxyremote">ProxyRemote</a></li>
59
60      <li><a href="#proxypass">ProxyPass</a></li>
61
62      <li><a href="#proxypassreverse">ProxyPassReverse</a></li>
63
64      <li><a href="#proxypreservehost">ProxyPreserveHost</a></li>
65
66      <li><a href="#proxyblock">ProxyBlock</a></li>
67
68      <li><a href="#allowconnect">AllowCONNECT</a></li>
69
70      <li><a href="#proxyreceivebuffersize">ProxyReceiveBufferSize</a></li>
71
72      <li><a href="#proxyiobuffersize">ProxyIOBufferSize</a></li>
73
74      <li><a href="#noproxy">NoProxy</a></li>
75
76      <li><a href="#proxydomain">ProxyDomain</a></li>
77
78      <li><a href="#proxyvia">ProxyVia</a></li>
79
80      <li><a href="#cacheroot">CacheRoot</a></li>
81
82      <li><a href="#cachesize">CacheSize</a></li>
83
84      <li><a href="#cachemaxexpire">CacheMaxExpire</a></li>
85
86      <li><a href="#cachedefaultexpire">CacheDefaultExpire</a></li>
87
88      <li><a
89      href="#cachelastmodifiedfactor">CacheLastModifiedFactor</a></li>
90
91      <li><a href="#cachegcinterval">CacheGcInterval</a></li>
92
93      <li><a href="#cachedirlevels">CacheDirLevels</a></li>
94
95      <li><a href="#cachedirlength">CacheDirLength</a></li>
96
97      <li><a
98      href="#cacheforcecompletion">CacheForceCompletion</a></li>
99
100      <li><a href="#nocache">NoCache</a></li>
101    </ul>
102
103    <h2><a id="configs" name="configs">Common configuration
104    topics</a></h2>
105
106    <ul>
107      <li><a href="#forwardreverse">Forward and Reverse Proxies</a></li>
108
109      <li><a href="#examples">Basic Examples</a></li>
110
111      <li><a href="#access">Controlling access to your
112      proxy</a></li>
113
114      <li><a href="#shortname">Using Netscape hostname
115      shortcuts</a></li>
116
117      <li><a href="#mimetypes">Why doesn't file type <em>xxx</em>
118      download via FTP?</a></li>
119
120      <li><a href="#type">How can I force an FTP ASCII
121      download of File <em>xxx</em>?</a></li>
122
123      <li><a href="#percent2fhack">How can I access
124      FTP files outside of my home directory?</a></li>
125
126      <li><a href="#ftppass">How can I hide the
127      FTP cleartext password in my browser's URL line?</a></li>
128
129      <li><a href="#startup">Why does Apache start more slowly when
130      using the proxy module?</a></li>
131
132      <li><a href="#socks">Can I use the Apache proxy module with
133      my SOCKS proxy?</a></li>
134
135      <li><a href="#intranet">What other functions are useful for
136      an intranet proxy server?</a></li>
137    </ul>
138
139<h2><a name="forwardreverse" id="forwardreverse">Forward and Reverse Proxies</a></h2>
140      <p>Apache can be configured in both a <dfn>forward</dfn> and
141      <dfn>reverse</dfn> proxy mode.</p>
142
143      <p>An ordinary <dfn>forward proxy</dfn> is an intermediate
144      server that sits between the client and the <em>origin
145      server</em>.  In order to get content from the origin server,
146      the client sends a request to the proxy naming the origin server
147      as the target and the proxy then requests the content from the
148      origin server and returns it to the client.  The client must be
149      specially configured to use the forward proxy to access other
150      sites.</p>
151
152      <p>A typical usage of a forward proxy is to provide Internet
153      access to internal clients that are otherwise restricted by a
154      firewall.  The forward proxy can also use caching to reduce
155      network usage.</p>
156
157      <p>The forward proxy is activated using the <code><a
158      href="#proxyrequests">ProxyRequests</a></code> directive.
159      Because forward proxys allow clients to access arbitrary sites
160      through your server and to hide their true origin, it is
161      essential that you <a href="#access">secure your server</a> so
162      that only authorized clients can access the proxy before
163      activating a forward proxy.</p>
164
165      <p>A <dfn>reverse proxy</dfn>, by contrast, appears to the
166      client just like an ordinary web server.  No special
167      configuration on the client is necessary.  The client makes
168      ordinary requests for content in the name-space of the reverse
169      proxy.  The reverse proxy then decides where to send those
170      requests, and returns the content as if it was itself the
171      origin.</p>
172
173      <p>A typical usage of a reverse proxy is to provide Internet
174      users access to a server that is behind a firewall.  Reverse
175      proxies can also be used to balance load among several back-end
176      servers, or to provide caching for a slower back-end server.
177      In addition, reverse proxies can be used simply to bring
178      several servers into the same URL space.</p>
179
180      <p>A reverse proxy is activated using the <code><a
181      href="#proxypass">ProxyPass</a></code> directive or the
182      <code>[P]</code> flag to the <code><a
183      href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code>
184      directive.  It is <strong>not</strong> necessary to turn
185      <code><a href="#proxyrequests">ProxyRequests</a></code> on in
186      order to configure a reverse proxy.</p>
187
188<h2><a name="examples" id="examples">Basic Examples</a></h2>
189
190    <p>The examples below are only a very basic idea to help you
191    get started.  Please read the documentation on the individual
192    directives.</p>
193
194    <h3>Forward Proxy</h3><p><code>
195    ProxyRequests On<br />
196    ProxyVia On<br />
197    <br />
198    &lt;Directory proxy:*&gt;<br />
199
200      Order deny,allow<br />
201      Deny from all<br />
202      Allow from internal.example.com<br />
203
204    &lt;/Directory&gt;<br />
205    <br />
206    CacheRoot "/usr/local/apache/proxy"<br />
207    CacheSize 5<br />
208    CacheGcInterval 4<br />
209    CacheMaxExpire 24<br />
210    CacheLastModifiedFactor 0.1<br />
211    CacheDefaultExpire 1<br />
212    NoCache a-domain.com another-domain.edu joes.garage-sale.com
213    </code></p>
214
215    <h3>Reverse Proxy</h3><p><code>
216    ProxyRequests Off<br />
217    <br />
218    ProxyPass /foo http://foo.example.com/bar<br />
219    ProxyPassReverse /foo http://foo.example.com/bar
220    </code></p>
221
222    <h2><a id="access" name="access">Controlling access to your
223    proxy</a></h2>
224    You can control who can access your proxy via the normal
225    &lt;Directory&gt; control block using the following example:
226<pre>
227&lt;Directory proxy:*&gt;
228Order Deny,Allow
229Deny from all
230Allow from yournetwork.example.com
231&lt;/Directory&gt;
232</pre>
233
234    <p>A &lt;Files&gt; block will also work, and is the only method
235    known to work for all possible URLs in Apache versions earlier
236    than 1.2b10.</p>
237
238    <p>For more information, see <a
239    href="mod_access.html">mod_access</a>.</p>
240
241      <p>Strictly limiting access is essential if you are using a
242      forward proxy (using the <code><a
243      href="#proxyrequests">ProxyRequests</a></code> directive).
244      Otherwise, your server can be used by any client to access
245      arbitrary hosts while hiding his or her true identity.  This is
246      dangerous both for your network and for the Internet at large.
247      When using a reverse proxy (using the <code><a
248      href="#proxypass">ProxyPass</a></code> directive with
249      <code>ProxyRequests Off</code>), access control is less critical
250      because clients can only contact the hosts that you have
251      specifically configured.</p>
252
253    <h2><a id="shortname" name="shortname">Using Netscape hostname
254    shortcuts</a></h2>
255    There is an optional patch to the proxy module to allow
256    Netscape-like hostname shortcuts to be used. It's available
257    from the <a
258    href="http://www.apache.org/dist/httpd/contrib/patches/1.2/netscapehost.patch">
259    <samp>contrib/patches/1.2</samp></a> directory on the Apache
260    Web site.
261
262    <h2><a id="mimetypes" name="mimetypes">Why doesn't file type
263    <em>xxx</em> download via FTP?</a></h2>
264    You probably don't have that particular file type defined as
265    <em>application/octet-stream</em> in your proxy's mime.types
266    configuration file. A useful line can be
267<pre>
268application/octet-stream        bin dms lha lzh exe class tgz taz
269</pre>
270
271    <h2><a id="type" name="type">How can I force an FTP ASCII
272    download of File <em>xxx</em>?</a></h2>
273    In the rare situation where you must download a specific file
274    using the FTP <strong>ASCII</strong> transfer method (while the
275    default transfer is in <strong>binary</strong> mode), you can
276    override mod_proxy's default by suffixing the request with
277    <samp>;type=a</samp> to force an ASCII transfer.
278    (FTP Directory listings are always executed in ASCII mode, however.)
279
280    <h2><a id="percent2fhack" name="percent2fhack">How can I access
281    FTP files outside of my home directory?</a></h2>
282    <p>
283     A FTP URI is interpreted relative to the home directory of
284     the user who is logging in. Alas, to reach higher directory
285     levels you cannot use  /../, as the dots are interpreted by the
286     browser and not actually sent to the FTP server. To address
287     this problem, the so called "Squid %2f hack" was implemented in
288     the Apache FTP proxy; it is a solution which is also used by
289     other popular proxy servers like the
290     <a href="http://www.squid-cache.org/">Squid Proxy Cache</a>.
291     By prepending /%2f to the path of your request, you can make
292     such a proxy change the FTP starting directory to / (instead
293     of the home directory). <br />
294     <b>Example:</b> To retrieve the file <code>/etc/motd</code>,
295     you would use the URL <blockquote>
296     <code>ftp://<em>user@host</em>/%2f/etc/motd</code></blockquote>
297    </p>
298
299    <h2><a id="ftppass" name="ftppass">How can I hide the FTP
300    cleartext password in my browser's URL line?</a></h2>
301    <p>
302     To log in to an FTP server by username and password, Apache
303     uses different strategies.
304     In absense of a user name and password in the URL altogether,
305     Apache sends an anonymous login to the FTP server, i.e.,
306     <blockquote><code>
307       user: anonymous<br />
308       password: apache_proxy@
309     </code></blockquote>
310     This works for all popular FTP servers which are configured for
311     anonymous access.<br>
312     For a personal login with a specific username, you can embed
313     the user name into the URL, like in:
314     <code>ftp://<em>username@host</em>/myfile</code>. If the FTP server
315     asks for a password when given this username (which it should),
316     then Apache will reply with a [401 Authorization required] response,
317     which causes the Browser to pop up the username/password dialog.
318     Upon entering the password, the connection attempt is retried,
319     and if successful, the requested resource is presented.
320     The advantage of this procedure is that your browser does not
321     display the password in cleartext (which it would if you had used
322     <code>ftp://<em>username:password@host</em>/myfile</code> in
323     the first place).
324     <br />
325     <b>Note</b> that the password which is transmitted in such a way
326     is not encrypted on its way. It travels between your browser and
327     the Apache proxy server in a base64-encoded cleartext string, and
328     between the Apache proxy and the FTP server as plaintext. You should
329     therefore think twice before accessing your FTP server via HTTP
330     (or before accessing your personal files via FTP at all!) When
331     using unsecure channels, an eavesdropper might intercept your
332     password on its way.
333    </p>
334
335
336    <h2><a id="startup" name="startup">Why does Apache start more
337    slowly when using the proxy module?</a></h2>
338    If you're using the <code>ProxyBlock</code> or
339    <code>NoCache</code> directives, hostnames' IP addresses are
340    looked up and cached during startup for later match test. This
341    may take a few seconds (or more) depending on the speed with
342    which the hostname lookups occur.
343
344    <h2><a id="socks" name="socks">Can I use the Apache proxy
345    module with my SOCKS proxy?</a></h2>
346    Yes. Just build Apache with the rule <code>SOCKS4=yes</code> in
347    your <em>Configuration</em> file, and follow the instructions
348    there. SOCKS5 capability can be added in a similar way (there's
349    no <code>SOCKS5</code> rule yet), so use the
350    <code>EXTRA_LDFLAGS</code> definition, or build Apache normally
351    and run it with the <em>runsocks</em> wrapper provided with
352    SOCKS5, if your OS supports dynamically linked libraries.
353
354    <p>Some users have reported problems when using SOCKS version
355    4.2 on Solaris. The problem was solved by upgrading to SOCKS
356    4.3.</p>
357
358    <p>Remember that you'll also have to grant access to your
359    Apache proxy machine by permitting connections on the
360    appropriate ports in your SOCKS daemon's configuration.</p>
361
362    <h2><a id="intranet" name="intranet">What other functions are
363    useful for an intranet proxy server?</a></h2>
364
365    <p>An Apache proxy server situated in an intranet needs to
366    forward external requests through the company's firewall
367    (for this, configure the <a href="#proxyremote">ProxyRemote</a>
368    directive to forward the respective <em>scheme</em> to
369    the firewall proxy).
370    However, when it has to access resources within the intranet,
371    it can bypass the firewall when accessing hosts. The <a
372    href="#noproxy">NoProxy</a> directive is useful for specifying
373    which hosts belong to the intranet and should be accessed
374    directly.</p>
375
376    <p>Users within an intranet tend to omit the local domain name
377    from their WWW requests, thus requesting "http://somehost/"
378    instead of "http://somehost.my.dom.ain/". Some commercial proxy
379    servers let them get away with this and simply serve the
380    request, implying a configured local domain. When the <a
381    href="#proxydomain">ProxyDomain</a> directive is used and the
382    server is <a href="#proxyrequests">configured for proxy
383    service</a>, Apache can return a redirect response and send the
384    client to the correct, fully qualified, server address. This is
385    the preferred method since the user's bookmark files will then
386    contain fully qualified hosts.</p>
387    <hr />
388
389    <h2><a id="proxyrequests"
390    name="proxyrequests">ProxyRequests</a> directive</h2>
391    <a href="directive-dict.html#Syntax"
392    rel="Help"><strong>Syntax:</strong></a> ProxyRequests
393    on|off<br />
394     <a href="directive-dict.html#Default"
395    rel="Help"><strong>Default:</strong></a> <code>ProxyRequests
396    Off</code><br />
397     <a href="directive-dict.html#Context"
398    rel="Help"><strong>Context:</strong></a> server config, virtual
399    host<br />
400     <a href="directive-dict.html#Override"
401    rel="Help"><strong>Override:</strong></a> <em>Not
402    applicable</em><br />
403     <a href="directive-dict.html#Status"
404    rel="Help"><strong>Status:</strong></a> Base<br />
405     <a href="directive-dict.html#Module"
406    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
407     <a href="directive-dict.html#Compatibility"
408    rel="Help"><strong>Compatibility:</strong></a> ProxyRequests is
409    only available in Apache 1.1 and later.
410
411    <p>This allows or prevents Apache from functioning as a forward proxy
412    server. Setting ProxyRequests to 'off' does not disable use of
413    the <a href="#proxypass">ProxyPass</a> directive.</p>
414
415    <p><strong>Warning:</strong> Do not enable proxying until you have
416    <a href="#access">secured your server</a>.  Open proxy servers are
417    dangerous both to your network and to the Internet at large.</p>
418
419    <hr />
420
421    <h2><a id="proxyremote" name="proxyremote">ProxyRemote</a>
422    directive</h2>
423    <a href="directive-dict.html#Syntax"
424    rel="Help"><strong>Syntax:</strong></a> ProxyRemote <em>match
425    remote-server</em><br />
426     <a href="directive-dict.html#Default"
427    rel="Help"><strong>Default:</strong></a> <em>None</em><br />
428     <a href="directive-dict.html#Context"
429    rel="Help"><strong>Context:</strong></a> server config, virtual
430    host<br />
431     <a href="directive-dict.html#Override"
432    rel="Help"><strong>Override:</strong></a> <em>Not
433    applicable</em><br />
434     <a href="directive-dict.html#Status"
435    rel="Help"><strong>Status:</strong></a> Base<br />
436     <a href="directive-dict.html#Module"
437    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
438     <a href="directive-dict.html#Compatibility"
439    rel="Help"><strong>Compatibility:</strong></a> ProxyRemote is
440    only available in Apache 1.1 and later.
441
442    <p>This defines remote proxies to this proxy. <em>match</em> is
443    either the name of a URL-scheme that the remote server
444    supports, or a partial URL for which the remote server should
445    be used, or '*' to indicate the server should be contacted for
446    all requests. <em>remote-server</em> is a partial URL for the
447    remote server. Syntax:</p>
448<pre>
449  remote-server = protocol://hostname[:port]
450</pre>
451    <em>protocol</em> is the protocol that should be used to
452    communicate with the remote server; only "http" is supported by
453    this module.
454
455    <p>Example:</p>
456<pre>
457  ProxyRemote http://goodguys.com/ http://mirrorguys.com:8000
458  ProxyRemote * http://cleversite.com
459  ProxyRemote ftp http://ftpproxy.mydomain.com:8080
460</pre>
461    In the last example, the proxy will forward FTP requests,
462    encapsulated as yet another HTTP proxy request, to another
463    proxy which can handle them.
464    <hr />
465
466    <h2><a id="proxypass" name="proxypass">ProxyPass</a>
467    directive</h2>
468    <a href="directive-dict.html#Syntax"
469    rel="Help"><strong>Syntax:</strong></a> ProxyPass <em>path
470    url</em><br />
471     <a href="directive-dict.html#Default"
472    rel="Help"><strong>Default:</strong></a> <em>None</em><br />
473     <a href="directive-dict.html#Context"
474    rel="Help"><strong>Context:</strong></a> server config, virtual
475    host<br />
476     <a href="directive-dict.html#Override"
477    rel="Help"><strong>Override:</strong></a> <em>Not
478    applicable</em><br />
479     <a href="directive-dict.html#Status"
480    rel="Help"><strong>Status:</strong></a> Base<br />
481     <a href="directive-dict.html#Module"
482    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
483     <a href="directive-dict.html#Compatibility"
484    rel="Help"><strong>Compatibility:</strong></a> ProxyPass is
485    only available in Apache 1.1 and later.
486
487    <p>This directive allows remote servers to be mapped into the
488    space of the local server; the local server does not act as a
489    proxy in the conventional sense, but appears to be a mirror of
490    the remote server. <em>path</em> is the name of a local virtual
491    path; <em>url</em> is a partial URL for the remote server.</p>
492
493    <p>Suppose the local server has address
494    <samp>http://wibble.org/</samp>; then</p>
495<pre>
496   ProxyPass /mirror/foo/ http://foo.com/
497</pre>
498    <p>will cause a local request for the
499    &lt;<samp>http://wibble.org/mirror/foo/bar</samp>&gt; to be
500    internally converted into a proxy request to
501    &lt;<samp>http://foo.com/bar</samp>&gt;.</p>
502
503    <p><strong>Warning:</strong> The <code><a
504    href="#proxyrequests">ProxyRequests</a></code> directive should
505    usually be set <strong>off</strong> when using <code
506    class="directive">ProxyPass</code>.
507
508    <hr />
509
510    <h2><a id="proxypassreverse"
511    name="proxypassreverse">ProxyPassReverse</a> directive</h2>
512    <a href="directive-dict.html#Syntax"
513    rel="Help"><strong>Syntax:</strong></a> ProxyPassReverse
514    <em>path url</em><br />
515     <a href="directive-dict.html#Default"
516    rel="Help"><strong>Default:</strong></a> <em>None</em><br />
517     <a href="directive-dict.html#Context"
518    rel="Help"><strong>Context:</strong></a> server config, virtual
519    host<br />
520     <a href="directive-dict.html#Override"
521    rel="Help"><strong>Override:</strong></a> <em>Not
522    applicable</em><br />
523     <a href="directive-dict.html#Status"
524    rel="Help"><strong>Status:</strong></a> Base<br />
525     <a href="directive-dict.html#Module"
526    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
527     <a href="directive-dict.html#Compatibility"
528    rel="Help"><strong>Compatibility:</strong></a> ProxyPassReverse
529    is only available in Apache 1.3b6 and later.
530
531    <p>This directive lets Apache adjust the URL in the
532    <tt>Location</tt> header on HTTP redirect responses. For
533    instance this is essential when Apache is used as a reverse
534    proxy to avoid by-passing the reverse proxy because of HTTP
535    redirects on the backend servers which stay behind the reverse
536    proxy.</p>
537
538    <p><em>path</em> is the name of a local virtual path.<br />
539     <em>url</em> is a partial URL for the remote server - the same
540    way they are used for the <tt>ProxyPass</tt> directive.</p>
541
542    <p>Example:<br />
543     Suppose the local server has address
544    <samp>http://wibble.org/</samp>; then</p>
545<pre>
546   ProxyPass         /mirror/foo/ http://foo.com/
547   ProxyPassReverse  /mirror/foo/ http://foo.com/
548</pre>
549    will not only cause a local request for the
550    &lt;<samp>http://wibble.org/mirror/foo/bar</samp>&gt; to be
551    internally converted into a proxy request to
552    &lt;<samp>http://foo.com/bar</samp>&gt; (the functionality
553    <samp>ProxyPass</samp> provides here). It also takes care of
554    redirects the server foo.com sends: when
555    <samp>http://foo.com/bar</samp> is redirected by him to
556    <samp>http://foo.com/quux</samp> Apache adjusts this to
557    <samp>http://wibble.org/mirror/foo/quux</samp> before
558    forwarding the HTTP redirect response to the client.
559
560    <p>Note that this <samp>ProxyPassReverse</samp> directive can
561    also be used in conjunction with the proxy pass-through feature
562    ("<samp>RewriteRule ... [P]</samp>") from <a
563    href="mod_rewrite.html#RewriteRule"><tt>mod_rewrite</tt></a>
564    because its doesn't depend on a corresponding
565    <samp>ProxyPass</samp> directive.</p>
566    <hr />
567
568    <h2><a id="proxypreservehost"
569    name="proxypreservehost">ProxyPreserveHost</a> directive</h2>
570    <a href="directive-dict.html#Syntax"
571    rel="Help"><strong>Syntax:</strong></a> ProxyPreserveHost
572    <em>on|off</em><br />
573     <a href="directive-dict.html#Default"
574    rel="Help"><strong>Default:</strong></a>
575    <em><samp>ProxyPreserveHost</samp> off</em><br />
576     <a href="directive-dict.html#Context"
577    rel="Help"><strong>Context:</strong></a> server config, virtual
578    host<br />
579     <a href="directive-dict.html#Override"
580    rel="Help"><strong>Override:</strong></a> <em>Not
581    applicable</em><br />
582     <a href="directive-dict.html#Status"
583    rel="Help"><strong>Status:</strong></a> Base<br />
584     <a href="directive-dict.html#Module"
585    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
586
587    <p>When enabled, this option will pass the Host: line from the
588    incoming request to the proxied host, instead of the hostname
589    specified in the proxypass line.<br />
590     This option should normally be turned Off. It is mostly useful
591    in special configurations like proxied mass name-based virtual
592    hosting, where the original Host header needs to be evaluated by
593    the backend server.</p>
594
595    <h2><a id="allowconnect" name="allowconnect">AllowCONNECT</a>
596    directive</h2>
597    <a href="directive-dict.html#Syntax"
598    rel="Help"><strong>Syntax:</strong></a> AllowCONNECT
599    <em>port</em> [<em>port</em>] ...<br />
600     <a href="directive-dict.html#Default"
601    rel="Help"><strong>Default:</strong></a>
602    <em><samp>AllowCONNECT</samp> 443 563</em><br />
603     <a href="directive-dict.html#Context"
604    rel="Help"><strong>Context:</strong></a> server config, virtual
605    host<br />
606     <a href="directive-dict.html#Override"
607    rel="Help"><strong>Override:</strong></a> <em>Not
608    applicable</em><br />
609     <a href="directive-dict.html#Status"
610    rel="Help"><strong>Status:</strong></a> Base<br />
611     <a href="directive-dict.html#Module"
612    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
613     <a href="directive-dict.html#Compatibility"
614    rel="Help"><strong>Compatibility:</strong></a>
615    <samp>AllowCONNECT</samp> is only available in Apache 1.3.2 and
616    later.
617
618    <p>The <samp>AllowCONNECT</samp> directive specifies a list of
619    port numbers to which the proxy <samp>CONNECT</samp> method may
620    connect. Today's browsers use this method when a <em>https</em>
621    connection is requested and proxy tunneling over <em>http</em>
622    is in effect.<br />
623     By default, only the default https port (443) and the default
624    snews port (563) are enabled. Use the <samp>AllowCONNECT</samp>
625    directive to override this default and allow connections to
626    the listed ports only.</p>
627    <hr />
628
629    <h2><a id="proxyblock" name="proxyblock">ProxyBlock</a>
630    directive</h2>
631    <a href="directive-dict.html#Syntax"
632    rel="Help"><strong>Syntax:</strong></a> ProxyBlock
633    *|<em>word|host|domain</em> [<em>word|host|domain</em>]
634    ...<br />
635     <a href="directive-dict.html#Default"
636    rel="Help"><strong>Default:</strong></a> <em>None</em><br />
637     <a href="directive-dict.html#Context"
638    rel="Help"><strong>Context:</strong></a> server config, virtual
639    host<br />
640     <a href="directive-dict.html#Override"
641    rel="Help"><strong>Override:</strong></a> <em>Not
642    applicable</em><br />
643     <a href="directive-dict.html#Status"
644    rel="Help"><strong>Status:</strong></a> Base<br />
645     <a href="directive-dict.html#Module"
646    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
647     <a href="directive-dict.html#Compatibility"
648    rel="Help"><strong>Compatibility:</strong></a> ProxyBlock is
649    only available in Apache 1.2 and later.
650
651    <p>The ProxyBlock directive specifies a list of words, hosts
652    and/or domains, separated by spaces. HTTP, HTTPS, and FTP
653    document requests to sites whose names contain matched words,
654    hosts or domains are <em>blocked</em> by the proxy server. The
655    proxy module will also attempt to determine IP addresses of
656    list items which may be hostnames during startup, and cache
657    them for match test as well. Example:</p>
658<pre>
659  ProxyBlock joes-garage.com some-host.co.uk rocky.wotsamattau.edu
660</pre>
661    'rocky.wotsamattau.edu' would also be matched if referenced by
662    IP address.
663
664    <p>Note that 'wotsamattau' would also be sufficient to match
665    'wotsamattau.edu'.</p>
666
667    <p>Note also that</p>
668<pre>
669ProxyBlock *
670</pre>
671    blocks connections to all sites.
672    <hr />
673
674    <h2><a id="proxyreceivebuffersize"
675    name="proxyreceivebuffersize">ProxyReceiveBufferSize</a>
676    directive</h2>
677    <a href="directive-dict.html#Syntax"
678    rel="Help"><strong>Syntax:</strong></a> ProxyReceiveBufferSize
679    <em>bytes</em><br />
680     <a href="directive-dict.html#Default"
681    rel="Help"><strong>Default:</strong></a> <em>None</em><br />
682     <a href="directive-dict.html#Context"
683    rel="Help"><strong>Context:</strong></a> server config, virtual
684    host<br />
685     <a href="directive-dict.html#Override"
686    rel="Help"><strong>Override:</strong></a> <em>Not
687    applicable</em><br />
688     <a href="directive-dict.html#Status"
689    rel="Help"><strong>Status:</strong></a> Base<br />
690     <a href="directive-dict.html#Module"
691    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
692     <a href="directive-dict.html#Compatibility"
693    rel="Help"><strong>Compatibility:</strong></a>
694    ProxyReceiveBufferSize is only available in Apache 1.3 and
695    later.
696
697    <p>The ProxyReceiveBufferSize directive specifies an explicit
698    network buffer size for outgoing HTTP and FTP connections, for
699    increased throughput. It has to be greater than 512 or set to 0
700    to indicate that the system's default buffer size should be
701    used.</p>
702
703    <p>Example:</p>
704<pre>
705  ProxyReceiveBufferSize 2048
706</pre>
707    <hr />
708
709    <h2><a id="proxyiobuffersize"
710    name="proxyiobuffersize">ProxyIOBufferSize</a>
711    directive</h2>
712    <a href="directive-dict.html#Syntax"
713    rel="Help"><strong>Syntax:</strong></a> ProxyIOBufferSize
714    <em>bytes</em><br />
715     <a href="directive-dict.html#Default"
716    rel="Help"><strong>Default:</strong></a> <em>8192</em><br />
717     <a href="directive-dict.html#Context"
718    rel="Help"><strong>Context:</strong></a> server config, virtual
719    host<br />
720     <a href="directive-dict.html#Override"
721    rel="Help"><strong>Override:</strong></a> <em>Not
722    applicable</em><br />
723     <a href="directive-dict.html#Status"
724    rel="Help"><strong>Status:</strong></a> Base<br />
725     <a href="directive-dict.html#Module"
726    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
727     <a href="directive-dict.html#Compatibility"
728    rel="Help"><strong>Compatibility:</strong></a>
729    ProxyIOBufferSize is only available in Apache 1.3.24 and
730    later.
731
732    <p>The ProxyIOBufferSize directive specifies the number of bytes
733    that will be read from a remote HTTP or FTP server at one time.
734    This directive is different from the ProxyReceiveBufferSize
735    directive, which specifies the low level socket buffer size.
736    </p>
737
738    <p>
739    When a response is received which fits entirely within the IO
740    buffer size, the remote HTTP or FTP server socket will be closed
741    before an attempt is made to write the response to the client.
742    This ensures that the remote server does not remain connected
743    unnecessarily while the response is delivered to a slow client.
744    A high value for the IO buffer decreases the load on remote HTTP
745    and FTP servers, at the expense of greater RAM footprint on the
746    proxy.
747    </p>
748
749    <p>Example:</p>
750<pre>
751  ProxyIOBufferSize 131072
752</pre>
753    <hr />
754
755    <h2><a id="noproxy" name="noproxy">NoProxy</a> directive</h2>
756    <a href="directive-dict.html#Syntax"
757    rel="Help"><strong>Syntax:</strong></a> NoProxy <a
758    href="#domain"><em>Domain</em></a>|<a
759    href="#subnet"><em>SubNet</em></a>|<a
760    href="#ipaddr"><em>IpAddr</em></a>|<a
761    href="#hostname"><em>Hostname</em></a> [<a
762    href="#domain"><em>Domain</em></a>|<a
763    href="#subnet"><em>SubNet</em></a>|<a
764    href="#ipaddr"><em>IpAddr</em></a>|<a
765    href="#hostname"><em>Hostname</em></a>] ...<br />
766     <a href="directive-dict.html#Default"
767    rel="Help"><strong>Default:</strong></a> <em>None</em><br />
768     <a href="directive-dict.html#Context"
769    rel="Help"><strong>Context:</strong></a> server config, virtual
770    host<br />
771     <a href="directive-dict.html#Override"
772    rel="Help"><strong>Override:</strong></a> <em>Not
773    applicable</em><br />
774     <a href="directive-dict.html#Status"
775    rel="Help"><strong>Status:</strong></a> Base<br />
776     <a href="directive-dict.html#Module"
777    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
778     <a href="directive-dict.html#Compatibility"
779    rel="Help"><strong>Compatibility:</strong></a> NoProxy is only
780    available in Apache 1.3 and later.
781
782    <p>This directive is only useful for Apache proxy servers
783    within intranets. The NoProxy directive specifies a list of
784    subnets, IP addresses, hosts and/or domains, separated by
785    spaces. A request to a host which matches one or more of these
786    is always served directly, without forwarding to the configured
787    ProxyRemote proxy server(s).</p>
788
789    <p>Example:</p>
790<pre>
791  ProxyRemote  *  http://firewall.mycompany.com:81
792  NoProxy         .mycompany.com 192.168.112.0/21
793</pre>
794    The arguments to the NoProxy directive are one of the following
795    type list:
796
797    <dl>
798      <!-- ===================== Domain ======================= -->
799
800      <dt><a id="domain" name="domain"><em>Domain</em></a></dt>
801
802      <dd>A <em>Domain</em> is a partially qualified DNS domain
803      name, preceded by a period. It represents a list of hosts
804      which logically belong to the same DNS domain or zone
805      (<em>i.e.</em>, the suffixes of the hostnames are all ending
806      in <em>Domain</em>).<br />
807       Examples: <samp>.com</samp> <samp>.apache.org.</samp><br />
808       To distinguish <em>Domain</em>s from <a
809      href="#hostname"><em>Hostname</em></a>s (both syntactically
810      and semantically; a DNS domain can have a DNS A record,
811      too!), <em>Domain</em>s are always written with a leading
812      period.<br />
813       Note: Domain name comparisons are done without regard to the
814      case, and <em>Domain</em>s are always assumed to be anchored
815      in the root of the DNS tree, therefore two domains
816      <samp>.MyDomain.com</samp> and <samp>.mydomain.com.</samp>
817      (note the trailing period) are considered equal. Since a
818      domain comparison does not involve a DNS lookup, it is much
819      more efficient than subnet comparison.
820      <!-- ===================== SubNet ======================= -->
821      </dd>
822
823      <dt><a id="subnet" name="subnet"><em>SubNet</em></a></dt>
824
825      <dd>
826        A <em>SubNet</em> is a partially qualified internet address
827        in numeric (dotted quad) form, optionally followed by a
828        slash and the netmask, specified as the number of
829        significant bits in the <em>SubNet</em>. It is used to
830        represent a subnet of hosts which can be reached over a
831        common network interface. In the absence of the explicit
832        net mask it is assumed that omitted (or zero valued)
833        trailing digits specify the mask. (In this case, the
834        netmask can only be multiples of 8 bits wide.)<br />
835         Examples:
836
837        <dl>
838          <dt><samp>192.168</samp> or <samp>192.168.0.0</samp></dt>
839
840          <dd>the subnet 192.168.0.0 with an implied netmask of 16
841          valid bits (sometimes used in the netmask form
842          <samp>255.255.0.0</samp>)</dd>
843
844          <dt><samp>192.168.112.0/21</samp></dt>
845
846          <dd>the subnet <samp>192.168.112.0/21</samp> with a
847          netmask of 21 valid bits (also used in the form
848          255.255.248.0)</dd>
849        </dl>
850        As a degenerate case, a <em>SubNet</em> with 32 valid bits
851        is the equivalent to an <em>IPAddr</em>, while a
852        <em>SubNet</em> with zero valid bits (<em>e.g.</em>,
853        0.0.0.0/0) is the same as the constant <em>_Default_</em>,
854        matching any IP address.
855        <!-- ===================== IPAddr ======================= -->
856      </dd>
857
858      <dt><a id="ipaddr" name="ipaddr"><em>IPAddr</em></a></dt>
859
860      <dd>
861        A <em>IPAddr</em> represents a fully qualified internet
862        address in numeric (dotted quad) form. Usually, this
863        address represents a host, but there need not necessarily
864        be a DNS domain name connected with the address.<br />
865         Example: 192.168.123.7<br />
866         Note: An <em>IPAddr</em> does not need to be resolved by
867        the DNS system, so it can result in more effective apache
868        performance.
869
870        <p><strong>See Also:</strong> <a
871        href="../dns-caveats.html">DNS Issues</a></p>
872        <!-- ===================== Hostname ======================= -->
873      </dd>
874
875      <dt><a id="hostname"
876      name="hostname"><em>Hostname</em></a></dt>
877
878      <dd>
879        A <em>Hostname</em> is a fully qualified DNS domain name
880        which can be resolved to one or more <a
881        href="#ipaddr"><em>IPAddrs</em></a> via the DNS domain name
882        service. It represents a logical host (in contrast to <a
883        href="#domain"><em>Domain</em></a>s, see above) and must be
884        resolvable to at least one <a
885        href="#ipaddr"><em>IPAddr</em></a> (or often to a list of
886        hosts with different <a
887        href="#ipaddr"><em>IPAddr</em></a>'s).<br />
888         Examples: <samp>prep.ai.mit.edu</samp>
889        <samp>www.apache.org.</samp><br />
890         Note: In many situations, it is more effective to specify
891        an <a href="#ipaddr"><em>IPAddr</em></a> in place of a
892        <em>Hostname</em> since a DNS lookup can be avoided. Name
893        resolution in Apache can take a remarkable deal of time
894        when the connection to the name server uses a slow PPP
895        link.<br />
896         Note: <em>Hostname</em> comparisons are done without
897        regard to the case, and <em>Hostname</em>s are always
898        assumed to be anchored in the root of the DNS tree,
899        therefore two hosts <samp>WWW.MyDomain.com</samp> and
900        <samp>www.mydomain.com.</samp> (note the trailing period)
901        are considered equal.<br />
902
903
904        <p><strong>See Also:</strong> <a
905        href="../dns-caveats.html">DNS Issues</a></p>
906      </dd>
907    </dl>
908    <hr />
909
910    <h2><a id="proxydomain" name="proxydomain">ProxyDomain</a>
911    directive</h2>
912    <a href="directive-dict.html#Syntax"
913    rel="Help"><strong>Syntax:</strong></a> ProxyDomain
914    <em>Domain</em><br />
915     <a href="directive-dict.html#Default"
916    rel="Help"><strong>Default:</strong></a> <em>None</em><br />
917     <a href="directive-dict.html#Context"
918    rel="Help"><strong>Context:</strong></a> server config, virtual
919    host<br />
920     <a href="directive-dict.html#Override"
921    rel="Help"><strong>Override:</strong></a> <em>Not
922    applicable</em><br />
923     <a href="directive-dict.html#Status"
924    rel="Help"><strong>Status:</strong></a> Base<br />
925     <a href="directive-dict.html#Module"
926    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
927     <a href="directive-dict.html#Compatibility"
928    rel="Help"><strong>Compatibility:</strong></a> ProxyDomain is
929    only available in Apache 1.3 and later.
930
931    <p>This directive is only useful for Apache proxy servers
932    within intranets. The ProxyDomain directive specifies the
933    default domain which the apache proxy server will belong to. If
934    a request to a host without a domain name is encountered, a
935    redirection response to the same host with the configured
936    <em>Domain</em> appended will be generated.</p>
937
938    <p>Example:</p>
939<pre>
940  ProxyRemote  *  http://firewall.mycompany.com:81
941  NoProxy         .mycompany.com 192.168.112.0/21
942  ProxyDomain     .mycompany.com
943</pre>
944    <hr />
945
946    <h2><a id="proxyvia" name="proxyvia">ProxyVia</a>
947    directive</h2>
948    <a href="directive-dict.html#Syntax"
949    rel="Help"><strong>Syntax:</strong></a> ProxyVia
950    on|off|full|block<br />
951     <a href="directive-dict.html#Default"
952    rel="Help"><strong>Default:</strong></a> <em>ProxyVia
953    off</em><br />
954     <a href="directive-dict.html#Context"
955    rel="Help"><strong>Context:</strong></a> server config, virtual
956    host<br />
957     <a href="directive-dict.html#Override"
958    rel="Help"><strong>Override:</strong></a> <em>Not
959    applicable</em><br />
960     <a href="directive-dict.html#Status"
961    rel="Help"><strong>Status:</strong></a> Base<br />
962     <a href="directive-dict.html#Module"
963    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
964     <a href="directive-dict.html#Compatibility"
965    rel="Help"><strong>Compatibility:</strong></a> ProxyVia is only
966    available in Apache 1.3.2 and later.
967
968    <p>This directive controls the use of the <samp>Via:</samp>
969    HTTP header by the proxy. Its intended use is to control the
970    flow of of proxy requests along a chain of proxy servers. See
971    RFC2068 (HTTP/1.1) for an explanation of <samp>Via:</samp>
972    header lines.</p>
973
974    <ul>
975      <li>If set to <em>off</em>, which is the default, no special
976      processing is performed. If a request or reply contains a
977      <samp>Via:</samp> header, it is passed through
978      unchanged.</li>
979
980      <li>If set to <em>on</em>, each request and reply will get a
981      <samp>Via:</samp> header line added for the current
982      host.</li>
983
984      <li>If set to <em>full</em>, each generated <samp>Via:</samp>
985      header line will additionally have the Apache server version
986      shown as a <samp>Via:</samp> comment field.</li>
987
988      <li>If set to <em>block</em>, every proxy request will have
989      all its <samp>Via:</samp> header lines removed. No new
990      <samp>Via:</samp> header will be generated.</li>
991    </ul>
992    <hr />
993
994    <h2><a id="cacheforcecompletion"
995    name="cacheforcecompletion">CacheForceCompletion</a>
996    directive</h2>
997    <a href="directive-dict.html#Syntax"
998    rel="Help"><strong>Syntax:</strong></a> CacheForceCompletion
999    <em>percentage</em><br />
1000     <a href="directive-dict.html#Default"
1001    rel="Help"><strong>Default:</strong></a> <em>90</em><br />
1002     <a href="directive-dict.html#Context"
1003    rel="Help"><strong>Context:</strong></a> server config, virtual
1004    host<br />
1005     <a href="directive-dict.html#Override"
1006    rel="Help"><strong>Override:</strong></a> <em>Not
1007    applicable</em><br />
1008     <a href="directive-dict.html#Status"
1009    rel="Help"><strong>Status:</strong></a> Base<br />
1010     <a href="directive-dict.html#Module"
1011    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
1012     <a href="directive-dict.html#Compatibility"
1013    rel="Help"><strong>Compatibility:</strong></a>
1014    CacheForceCompletion is only available in Apache 1.3.1 and
1015    later.
1016
1017    <p>If an http transfer that is being cached is cancelled, the
1018    proxy module will complete the transfer to cache if more than
1019    the percentage specified has already been transferred.</p>
1020
1021    <p>This is a percentage, and must be a number between 1 and
1022    100, or 0 to use the default. 100 will cause a document to be
1023    cached only if the transfer was allowed to complete. A number
1024    between 60 and 90 is recommended.</p>
1025    <hr />
1026
1027    <h2><a id="cacheroot" name="cacheroot">CacheRoot</a>
1028    directive</h2>
1029    <a href="directive-dict.html#Syntax"
1030    rel="Help"><strong>Syntax:</strong></a> CacheRoot
1031    <em>directory</em><br />
1032     <a href="directive-dict.html#Default"
1033    rel="Help"><strong>Default:</strong></a> <em>None</em><br />
1034     <a href="directive-dict.html#Context"
1035    rel="Help"><strong>Context:</strong></a> server config, virtual
1036    host<br />
1037     <a href="directive-dict.html#Override"
1038    rel="Help"><strong>Override:</strong></a> <em>Not
1039    applicable</em><br />
1040     <a href="directive-dict.html#Status"
1041    rel="Help"><strong>Status:</strong></a> Base<br />
1042     <a href="directive-dict.html#Module"
1043    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
1044     <a href="directive-dict.html#Compatibility"
1045    rel="Help"><strong>Compatibility:</strong></a> CacheRoot is
1046    only available in Apache 1.1 and later.
1047
1048    <p>Sets the name of the directory to contain cache files; this
1049    must be writable by the httpd server. (see the <a
1050    href="core.html#user"><code>User</code></a> directive).<br />
1051     Setting <code>CacheRoot</code> enables proxy cacheing; without
1052    defining a <code>CacheRoot</code>, proxy functionality will be
1053    available if <code>ProxyRequests</code> are set to
1054    <code>On</code>, but no cacheing will be available.</p>
1055    <hr />
1056
1057    <h2><a id="cachesize" name="cachesize">CacheSize</a>
1058    directive</h2>
1059    <a href="directive-dict.html#Syntax"
1060    rel="Help"><strong>Syntax:</strong></a> CacheSize
1061    <em>kilobytes</em><br />
1062     <a href="directive-dict.html#Default"
1063    rel="Help"><strong>Default:</strong></a> <code>CacheSize
1064    5</code><br />
1065     <a href="directive-dict.html#Context"
1066    rel="Help"><strong>Context:</strong></a> server config, virtual
1067    host<br />
1068     <a href="directive-dict.html#Override"
1069    rel="Help"><strong>Override:</strong></a> <em>Not
1070    applicable</em><br />
1071     <a href="directive-dict.html#Status"
1072    rel="Help"><strong>Status:</strong></a> Base<br />
1073     <a href="directive-dict.html#Module"
1074    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
1075     <a href="directive-dict.html#Compatibility"
1076    rel="Help"><strong>Compatibility:</strong></a> CacheSize is
1077    only available in Apache 1.1 and later.
1078
1079    <p>Sets the desired space usage of the cache, in KB (1024-byte
1080    units). Although usage may grow above this setting, the garbage
1081    collection will delete files until the usage is at or below
1082    this setting.<br />
1083     Depending on the expected proxy traffic volume and
1084    <code>CacheGcInterval</code>, use a value which is at least 20
1085    to 40 % lower than the available space.</p>
1086    <hr />
1087
1088    <h2><a id="cachegcinterval"
1089    name="cachegcinterval">CacheGcInterval</a> directive</h2>
1090    <a href="directive-dict.html#Syntax"
1091    rel="Help"><strong>Syntax:</strong></a> CacheGcInterval
1092    <em>hours</em><br />
1093     <a href="directive-dict.html#Default"
1094    rel="Help"><strong>Default:</strong></a> <em>None</em><br />
1095     <a href="directive-dict.html#Context"
1096    rel="Help"><strong>Context:</strong></a> server config, virtual
1097    host<br />
1098     <a href="directive-dict.html#Override"
1099    rel="Help"><strong>Override:</strong></a> <em>Not
1100    applicable</em><br />
1101     <a href="directive-dict.html#Status"
1102    rel="Help"><strong>Status:</strong></a> Base<br />
1103     <a href="directive-dict.html#Module"
1104    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
1105     <a href="directive-dict.html#Compatibility"
1106    rel="Help"><strong>Compatibility:</strong></a> CacheGcinterval
1107    is only available in Apache 1.1 and later.
1108
1109    <p>Check the cache after the specified number of
1110    <em>hours</em>, and delete files if the space usage is greater
1111    than that set by CacheSize. Note that <em>hours</em> accepts a
1112    float value, you could for example use <code>CacheGcInterval
1113    1.5</code> to check the cache every 90 minutes. (If unset, no
1114    garbage collection will be performed, and the cache will grow
1115    indefinitely.) Note also that the larger the
1116    <code>CacheGcInterval</code>, the more extra space beyond the
1117    configured <code>CacheSize</code> will be needed for the cache
1118    between garbage collections.<br />
1119     <!-- Note that due to a design flaw, Apache
1120            does not automatically force a garbage collection when the available
1121            space on the file system where the cache resides is exhausted. -->
1122    </p>
1123    <hr />
1124
1125    <h2><a id="cachemaxexpire"
1126    name="cachemaxexpire">CacheMaxExpire</a> directive</h2>
1127    <a href="directive-dict.html#Syntax"
1128    rel="Help"><strong>Syntax:</strong></a> CacheMaxExpire
1129    <em>hours</em><br />
1130     <a href="directive-dict.html#Default"
1131    rel="Help"><strong>Default:</strong></a> <code>CacheMaxExpire
1132    24</code><br />
1133     <a href="directive-dict.html#Context"
1134    rel="Help"><strong>Context:</strong></a> server config, virtual
1135    host<br />
1136     <a href="directive-dict.html#Override"
1137    rel="Help"><strong>Override:</strong></a> <em>Not
1138    applicable</em><br />
1139     <a href="directive-dict.html#Status"
1140    rel="Help"><strong>Status:</strong></a> Base<br />
1141     <a href="directive-dict.html#Module"
1142    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
1143     <a href="directive-dict.html#Compatibility"
1144    rel="Help"><strong>Compatibility:</strong></a> CacheMaxExpire
1145    is only available in Apache 1.1 and later.
1146
1147    <p>Specifies the maximum number of <em>hours</em> for which
1148    cachable HTTP documents will be retained without checking the
1149    origin server. Thus, documents will be out of date at most this
1150    number of <em>hours</em> This restriction is enforced even if
1151    an expiry date was supplied with the document.</p>
1152    <hr />
1153
1154    <h2><a id="cachelastmodifiedfactor"
1155    name="cachelastmodifiedfactor">CacheLastModifiedFactor</a>
1156    directive</h2>
1157    <a href="directive-dict.html#Syntax"
1158    rel="Help"><strong>Syntax:</strong></a> CacheLastModifiedFactor
1159    <em>factor</em><br />
1160     <a href="directive-dict.html#Default"
1161    rel="Help"><strong>Default:</strong></a>
1162    <code>CacheLastModifiedFactor 0.1</code><br />
1163     <a href="directive-dict.html#Context"
1164    rel="Help"><strong>Context:</strong></a> server config, virtual
1165    host<br />
1166     <a href="directive-dict.html#Override"
1167    rel="Help"><strong>Override:</strong></a> <em>Not
1168    applicable</em><br />
1169     <a href="directive-dict.html#Status"
1170    rel="Help"><strong>Status:</strong></a> Base<br />
1171     <a href="directive-dict.html#Module"
1172    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
1173     <a href="directive-dict.html#Compatibility"
1174    rel="Help"><strong>Compatibility:</strong></a>
1175    CacheLastModifiedFactor is only available in Apache 1.1 and
1176    later.
1177
1178    <p>If the origin HTTP server did not supply an expiry date for
1179    the document, then estimate one using the formula</p>
1180<pre>
1181  expiry-period = time-since-last-modification * <em>factor</em>
1182</pre>
1183    For example, if the document was last modified 10 hours ago,
1184    and <em>factor</em> is 0.1, then the expiry period will be set
1185    to 10*0.1 = 1 hour.
1186
1187    <p>If the expiry-period would be longer than that set by
1188    CacheMaxExpire, then the latter takes precedence.</p>
1189    <hr />
1190
1191    <h2><a id="cachedirlevels"
1192    name="cachedirlevels">CacheDirLevels</a> directive</h2>
1193    <a href="directive-dict.html#Syntax"
1194    rel="Help"><strong>Syntax:</strong></a> CacheDirLevels
1195    <em>levels</em><br />
1196     <a href="directive-dict.html#Default"
1197    rel="Help"><strong>Default:</strong></a> <code>CacheDirLevels
1198    3</code><br />
1199     <a href="directive-dict.html#Context"
1200    rel="Help"><strong>Context:</strong></a> server config, virtual
1201    host<br />
1202     <a href="directive-dict.html#Override"
1203    rel="Help"><strong>Override:</strong></a> <em>Not
1204    applicable</em><br />
1205     <a href="directive-dict.html#Status"
1206    rel="Help"><strong>Status:</strong></a> Base<br />
1207     <a href="directive-dict.html#Module"
1208    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
1209     <a href="directive-dict.html#Compatibility"
1210    rel="Help"><strong>Compatibility:</strong></a> CacheDirLevels
1211    is only available in Apache 1.1 and later.
1212
1213    <p>CacheDirLevels sets the number of <em>levels</em> of
1214    subdirectories in the cache. Cached data will be saved this
1215    many directory levels below CacheRoot.</p>
1216    <hr />
1217
1218    <h2><a id="cachedirlength"
1219    name="cachedirlength">CacheDirLength</a> directive</h2>
1220    <a href="directive-dict.html#Syntax"
1221    rel="Help"><strong>Syntax:</strong></a> CacheDirLength
1222    <em>length</em><br />
1223     <a href="directive-dict.html#Default"
1224    rel="Help"><strong>Default:</strong></a> <code>CacheDirLength
1225    1</code><br />
1226     <a href="directive-dict.html#Context"
1227    rel="Help"><strong>Context:</strong></a> server config, virtual
1228    host<br />
1229     <a href="directive-dict.html#Override"
1230    rel="Help"><strong>Override:</strong></a> <em>Not
1231    applicable</em><br />
1232     <a href="directive-dict.html#Status"
1233    rel="Help"><strong>Status:</strong></a> Base<br />
1234     <a href="directive-dict.html#Module"
1235    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
1236     <a href="directive-dict.html#Compatibility"
1237    rel="Help"><strong>Compatibility:</strong></a> CacheDirLength
1238    is only available in Apache 1.1 and later.
1239
1240    <p>CacheDirLength sets the number of characters in proxy cache
1241    subdirectory names.</p>
1242    <hr />
1243
1244    <h2><a id="cachedefaultexpire"
1245    name="cachedefaultexpire">CacheDefaultExpire</a> directive</h2>
1246    <a href="directive-dict.html#Syntax"
1247    rel="Help"><strong>Syntax:</strong></a> CacheDefaultExpire
1248    <em>hours</em><br />
1249     <a href="directive-dict.html#Default"
1250    rel="Help"><strong>Default:</strong></a>
1251    <code>CacheDefaultExpire 1</code><br />
1252     <a href="directive-dict.html#Context"
1253    rel="Help"><strong>Context:</strong></a> server config, virtual
1254    host<br />
1255     <a href="directive-dict.html#Override"
1256    rel="Help"><strong>Override:</strong></a> <em>Not
1257    applicable</em><br />
1258     <a href="directive-dict.html#Status"
1259    rel="Help"><strong>Status:</strong></a> Base<br />
1260     <a href="directive-dict.html#Module"
1261    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
1262     <a href="directive-dict.html#Compatibility"
1263    rel="Help"><strong>Compatibility:</strong></a>
1264    CacheDefaultExpire is only available in Apache 1.1 and later.
1265
1266    <p>If the document is fetched via a protocol that does not
1267    support expiry times, then use the specified number of
1268    <em>hours</em> as the expiry time. <a
1269    href="#cachemaxexpire">CacheMaxExpire</a> does
1270    <strong>not</strong> override this setting.</p>
1271    <hr />
1272
1273    <h2><a id="nocache" name="nocache">NoCache</a> directive</h2>
1274    <a href="directive-dict.html#Syntax"
1275    rel="Help"><strong>Syntax:</strong></a> NoCache
1276    *|<em>word|host|domain</em> [<em>word|host|domain</em>]
1277    ...<br />
1278     <a href="directive-dict.html#Default"
1279    rel="Help"><strong>Default:</strong></a> <em>None</em><br />
1280     <a href="directive-dict.html#Context"
1281    rel="Help"><strong>Context:</strong></a> server config, virtual
1282    host<br />
1283     <a href="directive-dict.html#Override"
1284    rel="Help"><strong>Override:</strong></a> <em>Not
1285    applicable</em><br />
1286     <a href="directive-dict.html#Status"
1287    rel="Help"><strong>Status:</strong></a> Base<br />
1288     <a href="directive-dict.html#Module"
1289    rel="Help"><strong>Module:</strong></a> mod_proxy<br />
1290     <a href="directive-dict.html#Compatibility"
1291    rel="Help"><strong>Compatibility:</strong></a> NoCache is only
1292    available in Apache 1.1 and later.
1293
1294    <p>The NoCache directive specifies a list of words, hosts
1295    and/or domains, separated by spaces. HTTP and non-passworded
1296    FTP documents from matched words, hosts or domains are
1297    <em>not</em> cached by the proxy server. The proxy module will
1298    also attempt to determine IP addresses of list items which may
1299    be hostnames during startup, and cache them for match test as
1300    well. Example:</p>
1301<pre>
1302  NoCache joes-garage.com some-host.co.uk bullwinkle.wotsamattau.edu
1303</pre>
1304    'bullwinkle.wotsamattau.edu' would also be matched if
1305    referenced by IP address.
1306
1307    <p>Note that 'wotsamattau' would also be sufficient to match
1308    'wotsamattau.edu'.</p>
1309
1310    <p>Note also that</p>
1311<pre>
1312NoCache *
1313</pre>
1314    disables caching completely.
1315
1316    <p>    <hr />
1317
1318    <h3 align="CENTER">Apache HTTP Server Version 1.3</h3>
1319    <a href="./"><img src="../images/index.gif" alt="Index" /></a>
1320    <a href="../"><img src="../images/home.gif" alt="Home" /></a>
1321
1322    </p>
1323  </body>
1324</html>
1325
1326