| <?xml version="1.0"?> |
| <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd"> |
| <?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?> |
| <!-- $LastChangedRevision$ --> |
| |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one or more |
| contributor license agreements. See the NOTICE file distributed with |
| this work for additional information regarding copyright ownership. |
| The ASF licenses this file to You under the Apache License, Version 2.0 |
| (the "License"); you may not use this file except in compliance with |
| the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| |
| <modulesynopsis metafile="mod_policy.xml.meta"> |
| |
| <name>mod_policy</name> |
| <description>HTTP protocol compliance enforcement.</description> |
| <status>Extension</status> |
| <sourcefile>mod_policy.c</sourcefile> |
| <identifier>policy_module</identifier> |
| |
| <summary> |
| <p>The HTTP protocol recommends that clients should be "liberal in |
| what they accept", and servers "strict with what they send". In some |
| cases it can be difficult to detect when a server or an application |
| has been misconfigured, is serving uncacheable content or is behaving |
| suboptimally, as an HTTP client might be compensating for the server. |
| These problems can potentially lead to excessive bandwidth |
| consumption, or a server outage under load.</p> |
| |
| <p>The <module>mod_policy</module> module consists of a set of |
| filters that test servers for HTTP protocol compliance. These |
| tests allow the server administrator to log violations of, or |
| outright reject responses where certain defined conditions exist.</p> |
| |
| <p>This could be used as a way to set minimum HTTP protocol compliance |
| criteria for a restful application. Alternatively, a reverse proxy or |
| cache could be configured to protect itself from misconfigured origin |
| servers or unexpectedly uncacheable content, or as a mechanism to |
| detect configuration mistakes within the server itself.</p> |
| |
| </summary> |
| <seealso><a href="../filter.html">Filters</a></seealso> |
| <seealso><a href="../compliance.html">HTTP Protocol Compliance</a></seealso> |
| |
| <section id="actions"> |
| <title>Actions</title> |
| |
| <p>If a policy is violated, one of the following actions can be |
| taken:</p> |
| |
| <dl> |
| <dt><strong>ignore</strong></dt> |
| <dd>The policy check will be ignored for the given URL space, even |
| if the filter is present.</dd> |
| |
| <dt><strong>log</strong></dt> |
| <dd>The policy check will be executed, and if a violation is detected |
| a warning will be logged to the server error_log, and a |
| <code>Warning</code> header added to the response for the benefit of |
| the client.</dd> |
| |
| <dt><strong>enforce</strong></dt> |
| <dd>The policy check will be executed, and if a violation is detected |
| an error will be logged to the server error_log, a |
| <code>Warning</code> header added to the response, and a <code>502 |
| Bad Gateway</code> will be returned to the client. Optional links to |
| explanatory documentation can be added to each error message, |
| detailing the origin of each policy.</dd> |
| |
| </dl> |
| |
| <p>It is also possible to selectively disable all policies for a |
| given URL space, should the need arise, using the |
| <directive module="mod_policy">PolicyFilter</directive> directive.</p> |
| |
| <p>Alternatively, the |
| <directive module="mod_policy">PolicyEnvironment</directive> |
| directive can be used to specify an environment variable, which if |
| present, will cause the policies to be selectively downgraded or |
| bypassed.</p> |
| |
| </section> |
| |
| <section id="tests"> |
| <title>Policy Tests</title> |
| |
| <p>The following policy filters are available:</p> |
| |
| <dl> |
| <dt><strong><a href="../compliance.html#policytype">POLICY_TYPE</a> |
| </strong>: Enforce valid content types</dt> |
| <dd>Content types that are syntactically invalid or blank can be detected |
| and the request rejected. Types can be restricted to a specific list |
| containing optional wildcards ? and *.</dd> |
| |
| <dt><strong><a href="../compliance.html#policylength">POLICY_LENGTH</a> |
| </strong>: Enforce the presence of a Content-Length</dt> |
| <dd>The length of responses can be specified in one of three ways, by |
| specifying an explicit length in advance, using chunked encoding to set |
| the length, or by setting no length at all and terminating the request |
| when complete. The absence of a specific content length can affect the |
| cacheability of the response, and prevents the use of keepalive during |
| HTTP/1.0 requests. This policy enforces the presence of an explicit |
| content length on the response.</dd> |
| |
| <dt><strong><a href="../compliance.html#policykeepalive">POLICY_KEEPALIVE |
| </a></strong>: Enforce the option to keepalive</dt> |
| <dd>Less restrictive than the POLICY_LENGTH test, this policy enforces the |
| possibility that the response can be kept alive. If the response doesn't |
| have a protocol defined zero length, and the response isn't already an |
| error, and the response has neither a Content-Length or is declared |
| HTTP/1.1 and lacks Content-Encoding: chunked, then this response will be |
| rejected.</dd> |
| |
| <dt><strong><a href="../compliance.html#policyvary">POLICY_VARY</a> |
| </strong>: Enforce the absence of certain headers within Vary headers</dt> |
| <dd>If the Vary header contains any of the headers specified, this policy |
| will reject the request. The typical case is the presence of the User-Agent |
| within Vary, which is likely to cause a denial of service condition to a |
| cache.</dd> |
| |
| <dt><strong><a href="../compliance.html#policyvalidation"> |
| POLICY_VALIDATION</a></strong>: Enforce the presence of Etag and/or |
| Last-Modified</dt> |
| <dd>The ability for a cache to determine whether a cached entity can be |
| refreshed is dependent on whether a valid Etag and/or Last-Modified header |
| is present to revalidate against. The absence of both headers, or the |
| invalid syntax of a header will cause this policy to be rejected.</dd> |
| |
| <dt><strong><a href="../compliance.html#policyconditional"> |
| POLICY_CONDITIONAL</a></strong>: Enforce correct operation of conditional |
| requests</dt> |
| <dd>When conditional headers are present in the request, a server should |
| respond with a <code>304 Not Modified</code> or <code>412 Precondition |
| Failed</code> response where appropriate. A server may ignore conditional |
| headers, and this affects the efficiency of the HTTP caching mechanism. |
| This policy rejects requests where a conditional header is present, and |
| a 304 or 412 response code was expected, but a 2xx response was seen |
| instead.</dd> |
| |
| <dt><strong><a href="../compliance.html#policynocache">POLICY_NOCACHE</a> |
| </strong>: Enforce cacheable responses</dt> |
| <dd>When a response is encountered that declares itself explicitly |
| uncacheable, the request is rejected. A response is considered |
| uncacheable if it specifies any of the following: |
| <ul><li><code>Cache-Control: no-cache</code></li> |
| <li><code>Pragma: no-cache</code></li> |
| <li><code>Cache-Control: no-store</code></li> |
| <li><code>Cache-Control: private</code></li> |
| </ul></dd> |
| |
| <dt><strong><a href="../compliance.html#policymaxage">POLICY_MAXAGE</a> |
| </strong>: Enforce a minimum maxage</dt> |
| <dd>When a response is encountered where the freshness lifetime is less |
| than the given value, or the freshness lifetime is heuristic, the request |
| is rejected. A response is checked in the following order: |
| <ul><li>If <code>s-maxage</code> is present but too small; or</li> |
| <li>If <code>max-age</code> is present but too small; or</li> |
| <li>If <code>Expires</code> is present and invalid; or</li> |
| <li><code>Date</code> is present and invalid; or</li> |
| <li><code>Expires</code> minus Date is too small; or</li> |
| <li>No <code>s-maxage</code>, <code>maxage</code>, or |
| <code>Expires</code>/<code>Date</code> declared at all</li> |
| </ul></dd> |
| |
| <dt><strong><a href="../compliance.html#policyversion">POLICY_VERSION</a> |
| </strong>: Enforce a minimum HTTP version within a request</dt> |
| <dd>When a request is encountered with an HTTP version number less than |
| the required minimum version, the request is rejected. The following |
| version numbers are recognised: |
| <ul><li><code>HTTP/1.1</code></li> |
| <li><code>HTTP/1.0</code></li> |
| <li><code>HTTP/0.9</code></li> |
| </ul></dd> |
| |
| </dl> |
| |
| </section> |
| |
| <section id="example"> |
| <title>Example Configuration</title> |
| |
| <p>A typical configuration protecting a server serving static content |
| might be as follows:</p> |
| |
| <highlight language="config"> |
| <Location "/"> |
| SetOutputFilter POLICY_TYPE;POLICY_LENGTH;POLICY_KEEPALIVE;POLICY_VARY;POLICY_VALIDATION; \ |
| POLICY_CONDITIONAL;POLICY_NOCACHE;POLICY_MAXAGE;POLICY_VERSION |
| |
| # content type must be present and valid, but can be anything |
| PolicyType enforce */* |
| |
| # reject if no explicitly declared content length |
| PolicyLength enforce |
| |
| # covered by the policy length filter |
| PolicyKeepalive ignore |
| |
| # reject if User-Agent appears within Vary headers |
| PolicyVary enforce User-Agent |
| |
| # we want to enforce validation |
| PolicyValidation enforce |
| |
| # non-functional conditional responses should be rejected |
| PolicyConditional enforce |
| |
| # no-cache responses should be rejected |
| PolicyNocache enforce |
| |
| # maxage must be at least a day |
| PolicyMaxage enforce 86400 |
| |
| # request version can be anything |
| PolicyVersion ignore HTTP/1.1 |
| </Location> |
| |
| # suppress policy protection for server-status |
| <Location "/server-status"> |
| PolicyFilter off |
| </Location> |
| </highlight> |
| |
| </section> |
| |
| <directivesynopsis> |
| |
| <name>PolicyFilter</name> |
| <description>Enable or disable policies for the given URL space.</description> |
| <syntax>PolicyFilter <var>on|off</var></syntax> |
| <default>on</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyFilter is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>Master switch to enable or disable policies for a given URL space.</p> |
| |
| <example><title>Example</title> |
| <highlight language="config"> |
| # enabled by default |
| <Location "/"> |
| PolicyFilter on |
| </Location> |
| |
| # suppress policy protection for server-status |
| <Location "/server-status"> |
| PolicyFilter off |
| </Location> |
| </highlight> |
| </example> |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyEnvironment</name> |
| <description>Override policies based on an environment variable.</description> |
| <syntax>PolicyEnvironment <var>variable</var> <var>log-value</var> <var>ignore-value</var></syntax> |
| <default>none</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyEnvironment is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>Downgrade policies to logging only or ignored based on the presence |
| of an environment variable. If the given variable is present and equal |
| to the log-value, enforced policies will be logged instead. If the given |
| variable is present and equal to the ignore-value, all policies will |
| be ignored.</p> |
| |
| <example><title>Example</title> |
| <highlight language="config"> |
| # downgrade if POLICY_CONTROL was present |
| PolicyEnvironment POLICY_CONTROL log ignore |
| </highlight> |
| </example> |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyConditional</name> |
| <description>Enable the conditional request policy.</description> |
| <syntax>PolicyConditional <var>ignore|log|enforce</var></syntax> |
| <default>ignore</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyConditional is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>When logged or enforced, a response that should have been conditional |
| but wasn't will be rejected.</p> |
| |
| <example><title>Example</title> |
| <highlight language="config"> |
| # non-functional conditional responses should be rejected |
| PolicyConditional enforce |
| </highlight> |
| </example> |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyConditionalURL</name> |
| <description>URL describing the conditional request policy.</description> |
| <syntax>PolicyConditionalURL <var>url</var></syntax> |
| <default>none</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyConditionalURL is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>Specify the URL of the documentation describing the conditional |
| request policy, to appear within error messages.</p> |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyLength</name> |
| <description>Enable the content length policy.</description> |
| <syntax>PolicyLength <var>ignore|log|enforce</var></syntax> |
| <default>ignore</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyLength is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>When logged or enforced, a response that lacks an explicit |
| <code>Content-Length</code> header will be rejected.</p> |
| |
| <example><title>Example</title> |
| <highlight language="config"> |
| # missing Content-Length header should be rejected |
| PolicyLength enforce |
| </highlight> |
| </example> |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyLengthURL</name> |
| <description>URL describing the content length policy.</description> |
| <syntax>PolicyLengthURL <var>url</var></syntax> |
| <default>none</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyLengthURL is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>Specify the URL of the documentation describing the content length |
| policy, to appear within error messages.</p> |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyKeepalive</name> |
| <description>Enable the keepalive policy.</description> |
| <syntax>PolicyKeepalive <var>ignore|log|enforce</var></syntax> |
| <default>ignore</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyKeepalive is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>When logged or enforced, a response that lacks both an explicit |
| <code>Content-Length</code> header and a <code>Transfer-Encoding</code> |
| of <code>chunked</code> will be rejected.</p> |
| |
| <example><title>Example</title> |
| <highlight language="config"> |
| # missing Content-Length or Transfer-Encoding should be rejected |
| PolicyKeepalive enforce |
| </highlight> |
| </example> |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyKeepaliveURL</name> |
| <description>URL describing the keepalive policy.</description> |
| <syntax>PolicyKeepaliveURL <var>url</var></syntax> |
| <default>none</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyKeepaliveURL is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>Specify the URL of the documentation describing the keepalive |
| policy, to appear within error messages.</p> |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyType</name> |
| <description>Enable the content type policy.</description> |
| <syntax>PolicyType <var>ignore|log|enforce</var> <var>type</var> [ <var>type</var> [ ... ]]</syntax> |
| <default>ignore</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyType is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>When logged or enforced, a response that lacks a <code>Content-Type</code> |
| header, where the <code>Content-Type</code> header is malformed, or where the |
| header does not match the given pattern or patterns will be rejected.</p> |
| |
| <example><title>Example</title> |
| <highlight language="config"> |
| # enforce json or XML |
| PolicyType enforce application/json text/xml |
| </highlight> |
| </example> |
| |
| <example><title>Example</title> |
| <highlight language="config"> |
| # malformed content type should be rejected |
| PolicyType enforce */* |
| </highlight> |
| </example> |
| |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyTypeURL</name> |
| <description>URL describing the content type policy.</description> |
| <syntax>PolicyTypeURL <var>url</var></syntax> |
| <default>none</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyTypeURL is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>Specify the URL of the documentation describing the content type |
| policy, to appear within error messages.</p> |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyVary</name> |
| <description>Enable the Vary policy.</description> |
| <syntax>PolicyVary <var>ignore|log|enforce</var> <var>header</var> [ <var>header</var> [ ... ]]</syntax> |
| <default>ignore</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyVary is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>When logged or enforced, a response that contains a <code>Vary</code> |
| header which in turn contains one of the headers listed, will be |
| rejected.</p> |
| |
| <example><title>Example</title> |
| <highlight language="config"> |
| # reject responses with "User-Agent" listed in the Vary header |
| PolicyVary enforce User-Agent |
| </highlight> |
| </example> |
| |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyVaryURL</name> |
| <description>URL describing the content type policy.</description> |
| <syntax>PolicyVaryURL <var>url</var></syntax> |
| <default>none</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyVaryURL is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>Specify the URL of the documentation describing the vary policy, to |
| appear within error messages.</p> |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyValidation</name> |
| <description>Enable the validation policy.</description> |
| <syntax>PolicyValidation <var>ignore|log|enforce</var></syntax> |
| <default>ignore</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyValidation is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>When logged or enforced, a response that lacks either a valid |
| <code>ETag</code> header or a <code>Last-Modified</code> header, or where |
| either header is syntactically incorrect, will be rejected.</p> |
| |
| <example><title>Example</title> |
| <highlight language="config"> |
| # no ETag or Last-Modified will be rejected |
| PolicyValidation enforce |
| </highlight> |
| </example> |
| |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyValidationURL</name> |
| <description>URL describing the content type policy.</description> |
| <syntax>PolicyValidationURL <var>url</var></syntax> |
| <default>none</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyValidationURL is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>Specify the URL of the documentation describing the validation policy, to |
| appear within error messages.</p> |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyNocache</name> |
| <description>Enable the caching no-cache policy.</description> |
| <syntax>PolicyNocache <var>ignore|log|enforce</var></syntax> |
| <default>ignore</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyNocache is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>When logged or enforced, a response that defines itself uncacheable |
| using the <code>Cache-Control</code> or <code>Pragma</code> headers will |
| be rejected.</p> |
| |
| <example><title>Example</title> |
| <highlight language="config"> |
| # Cache-Control: no-cache will be rejected |
| PolicyNocache enforce |
| </highlight> |
| </example> |
| |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyNocacheURL</name> |
| <description>URL describing the caching no-cache policy.</description> |
| <syntax>PolicyNocacheURL <var>url</var></syntax> |
| <default>none</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyNocacheURL is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>Specify the URL of the documentation describing the caching no-cache |
| policy, to appear within error messages.</p> |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyMaxage</name> |
| <description>Enable the caching minimum max-age policy.</description> |
| <syntax>PolicyMaxage <var>ignore|log|enforce</var> <var>age</var></syntax> |
| <default>ignore</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyMaxage is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>When logged or enforced, a response that lacks an explicit freshness |
| lifetime defined with <code>max-age</code>, <code>s-maxage</code> or an |
| <code>Expires</code> header, or where the explicit freshness lifetime is |
| smaller than the given value, will be rejected.</p> |
| |
| <example><title>Example</title> |
| <highlight language="config"> |
| # reject responses with a freshness lifetime shorter than a day |
| PolicyMaxage enforce 86400 |
| </highlight> |
| </example> |
| |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyMaxageURL</name> |
| <description>URL describing the caching minimum freshness lifetime policy.</description> |
| <syntax>PolicyMaxageURL <var>url</var></syntax> |
| <default>none</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyMaxageURL is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>Specify the URL of the documentation describing the caching minimum |
| freshness lifetime policy, to appear within error messages.</p> |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyVersion</name> |
| <description>Enable the version policy.</description> |
| <syntax>PolicyVersion <var>ignore|log|enforce</var> <var>HTTP/0.9|HTTP/1.0|HTTP/1.1</var></syntax> |
| <default>ignore</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyVersion is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>When logged or enforced, a request with a version lower than specified |
| will be rejected.</p> |
| |
| <example><title>Example</title> |
| <highlight language="config"> |
| # reject requests with an HTTP version older than HTTP/1.1 |
| PolicyVersion enforce HTTP/1.1 |
| </highlight> |
| </example> |
| |
| </usage> |
| |
| </directivesynopsis> |
| |
| <directivesynopsis> |
| |
| <name>PolicyVersionURL</name> |
| <description>URL describing the minimum request HTTP version policy.</description> |
| <syntax>PolicyVersionURL <var>url</var></syntax> |
| <default>none</default> |
| <contextlist><context>server config</context><context>virtual host</context> |
| <context>directory</context></contextlist> |
| <compatibility>PolicyVersionURL is only available in Apache 2.5.0 and |
| later.</compatibility> |
| |
| <usage> |
| <p>Specify the URL of the documentation describing the minimum request |
| HTTP version policy, to appear within error messages.</p> |
| </usage> |
| |
| </directivesynopsis> |
| |
| </modulesynopsis> |