<-
Apache > HTTP Server > Documentation > Version 2.4 > Modules

Apache Module mod_usertrack

Description: Clickstream logging of user activity on a site
Status: Extension
Module Identifier: usertrack_module
Source File: mod_usertrack.c

Summary

Provides tracking of a user through your website via browser cookies.

Support Apache!

Topics

Directives

Bugfix checklist

See also

top

Logging

mod_usertrack sets a cookie which can be logged via mod_log_config configurable logging formats:

LogFormat "%{Apache}n %r %t" usertrack
CustomLog "logs/clickstream.log" usertrack
top

CookieDomain Directive

Description: The domain to which the tracking cookie applies
Syntax: CookieDomain domain
Context: server config, virtual host, directory, .htaccess
Override: FileInfo
Status: Extension
Module: mod_usertrack

This directive controls the setting of the domain to which the tracking cookie applies. If not present, no domain is included in the cookie header field.

The domain string must begin with a dot, and must include at least one embedded dot. That is, .example.com is legal, but www.example.com and .com are not.

Most browsers in use today will not allow cookies to be set for a two-part top level domain, such as .co.uk, although such a domain ostensibly fulfills the requirements above.
These domains are equivalent to top level domains such as .com, and allowing such cookies may be a security risk. Thus, if you are under a two-part top level domain, you should still use your actual domain, as you would with any other top level domain (for example .example.co.uk).
CookieDomain .example.com
top

CookieExpires Directive

Description: Expiry time for the tracking cookie
Syntax: CookieExpires expiry-period
Context: server config, virtual host, directory, .htaccess
Override: FileInfo
Status: Extension
Module: mod_usertrack

When used, this directive sets an expiry time on the cookie generated by the usertrack module. The expiry-period can be given either as a number of seconds, or in the format such as "2 weeks 3 days 7 hours". Valid denominations are: years, months, weeks, days, hours, minutes and seconds. If the expiry time is in any format other than one number indicating the number of seconds, it must be enclosed by double quotes.

If this directive is not used, cookies last only for the current browser session.

CookieExpires "3 weeks"
top

CookieHTTPOnly Directive

Description: Adds the 'HTTPOnly' attribute to the cookie
Syntax: CookieHTTPOnly on|off
Default: CookieHTTPOnly off
Context: server config, virtual host, directory, .htaccess
Override: FileInfo
Status: Extension
Module: mod_usertrack
Compatibility: 2.4.42 and later

When set to 'ON', the 'HTTPOnly' cookie attribute is added to this modules tracking cookie. This attribute instructs browsers to block javascript from reading the value of the cookie.

top

CookieName Directive

Description: Name of the tracking cookie
Syntax: CookieName token
Default: CookieName Apache
Context: server config, virtual host, directory, .htaccess
Override: FileInfo
Status: Extension
Module: mod_usertrack

This directive allows you to change the name of the cookie this module uses for its tracking purposes. By default the cookie is named "Apache".

You must specify a valid cookie name; results are unpredictable if you use a name containing unusual characters. Valid characters include A-Z, a-z, 0-9, "_", and "-".

CookieName clicktrack
top

CookieSameSite Directive

Description: Adds the 'SameSite' attribute to the cookie
Syntax: CookieSameSite None|Lax|Strict
Default: unset
Context: server config, virtual host, directory, .htaccess
Override: FileInfo
Status: Extension
Module: mod_usertrack
Compatibility: 2.4.42 and later

When set to 'None', 'Lax', or 'Strict', the 'SameSite' cookie attribute is added to this modules tracking cookie with the corresponding value. This attribute instructs browser on how to treat the cookie when it is requested in a cross-site context.

A value of 'None' sets 'SameSite=None', which is the most liberal setting. To omit this attribute, omit the directive entirely.

top

CookieSecure Directive

Description: Adds the 'Secure' attribute to the cookie
Syntax: CookieSecure on|off
Default: CookieSecure off
Context: server config, virtual host, directory, .htaccess
Override: FileInfo
Status: Extension
Module: mod_usertrack
Compatibility: 2.4.42 and later

When set to 'ON', the 'Secure' cookie attribute is added to this modules tracking cookie. This attribute instructs browsers to only transmit the cookie over HTTPS.

top

CookieStyle Directive

Description: Format of the cookie header field
Syntax: CookieStyle Netscape|Cookie|Cookie2|RFC2109|RFC2965
Default: CookieStyle Netscape
Context: server config, virtual host, directory, .htaccess
Override: FileInfo
Status: Extension
Module: mod_usertrack

This directive controls the format of the cookie header field. The three formats allowed are:

Not all clients can understand all of these formats, but you should use the newest one that is generally acceptable to your users' browsers. At the time of writing, most browsers support all three of these formats, with Cookie2 being the preferred format.

CookieStyle Cookie2
top

CookieTracking Directive

Description: Enables tracking cookie
Syntax: CookieTracking on|off
Default: CookieTracking off
Context: server config, virtual host, directory, .htaccess
Override: FileInfo
Status: Extension
Module: mod_usertrack

When mod_usertrack is loaded, and CookieTracking on is set, Apache will send a user-tracking cookie for all new requests. This directive can be used to turn this behavior on or off on a per-server or per-directory basis. By default, enabling mod_usertrack will not activate cookies.

CookieTracking on
top