Apache HTTP Server Version 2.5
Description: | Clickstream logging of user activity on a site |
---|---|
Status: | Extension |
Module Identifier: | usertrack_module |
Source File: | mod_usertrack.c |
Provides tracking of a user through your website via browser cookies.
mod_usertrack
sets a cookie which can be logged
via mod_log_config
configurable logging formats:
LogFormat "%{Apache}n %r %t" usertrack CustomLog "logs/clickstream.log" usertrack
Description: | The domain to which the tracking cookie applies |
---|---|
Syntax: | CookieDomain domain |
Context: | server config, virtual host, directory, .htaccess |
Override: | FileInfo |
Status: | Extension |
Module: | mod_usertrack |
This directive controls the setting of the domain to which the tracking cookie applies. If not present, no domain is included in the cookie header field.
The domain string must begin with a dot, and
must include at least one embedded dot. That is,
.example.com
is legal, but www.example.com
and
.com
are not.
.co.uk
,
although such a domain ostensibly fulfills the requirements
above..com
, and allowing such cookies may be a security
risk. Thus, if you are under a two-part top level domain, you
should still use your actual domain, as you would with any other top
level domain (for example .example.co.uk
).
CookieDomain .example.com
Description: | Expiry time for the tracking cookie |
---|---|
Syntax: | CookieExpires expiry-period |
Context: | server config, virtual host, directory, .htaccess |
Override: | FileInfo |
Status: | Extension |
Module: | mod_usertrack |
When used, this directive sets an expiry time on the cookie generated by the usertrack module. The expiry-period can be given either as a number of seconds, or in the format such as "2 weeks 3 days 7 hours". Valid denominations are: years, months, weeks, days, hours, minutes and seconds. If the expiry time is in any format other than one number indicating the number of seconds, it must be enclosed by double quotes.
If this directive is not used, cookies last only for the current browser session.
CookieExpires "3 weeks"
Description: | Adds the 'HTTPOnly' attribute to the cookie |
---|---|
Syntax: | CookieHTTPOnly on|off |
Default: | CookieHTTPOnly off |
Context: | server config, virtual host, directory, .htaccess |
Override: | FileInfo |
Status: | Extension |
Module: | mod_usertrack |
Compatibility: | 2.5.1 and later |
When set to 'ON', the 'HTTPOnly' cookie attribute is added to this modules tracking cookie. This attribute instructs browsers to block javascript from reading the value of the cookie.
Description: | Name of the tracking cookie |
---|---|
Syntax: | CookieName token |
Default: | CookieName Apache |
Context: | server config, virtual host, directory, .htaccess |
Override: | FileInfo |
Status: | Extension |
Module: | mod_usertrack |
This directive allows you to change the name of the cookie
this module uses for its tracking purposes. By default the
cookie is named "Apache
".
You must specify a valid cookie name; results are unpredictable if you use a name containing unusual characters. Valid characters include A-Z, a-z, 0-9, "_", and "-".
CookieName clicktrack
Description: | Adds the 'SameSite' attribute to the cookie |
---|---|
Syntax: | CookieSameSite None|Lax|Strict |
Default: | unset |
Context: | server config, virtual host, directory, .htaccess |
Override: | FileInfo |
Status: | Extension |
Module: | mod_usertrack |
Compatibility: | 2.5.1 and later |
When set to 'None', 'Lax', or 'Strict', the 'SameSite' cookie attribute is added to this modules tracking cookie with the corresponding value. This attribute instructs browser on how to treat the cookie when it is requested in a cross-site context.
A value of 'None' sets 'SameSite=None', which is the most liberal setting. To omit this attribute, omit the directive entirely.
Description: | Adds the 'Secure' attribute to the cookie |
---|---|
Syntax: | CookieSecure on|off |
Default: | CookieSecure off |
Context: | server config, virtual host, directory, .htaccess |
Override: | FileInfo |
Status: | Extension |
Module: | mod_usertrack |
Compatibility: | 2.5.1 and later |
When set to 'ON', the 'Secure' cookie attribute is added to this modules tracking cookie. This attribute instructs browsers to only transmit the cookie over HTTPS.
Description: | Format of the cookie header field |
---|---|
Syntax: | CookieStyle
Netscape|Cookie|Cookie2|RFC2109|RFC2965 |
Default: | CookieStyle Netscape |
Context: | server config, virtual host, directory, .htaccess |
Override: | FileInfo |
Status: | Extension |
Module: | mod_usertrack |
This directive controls the format of the cookie header field. The three formats allowed are:
Not all clients can understand all of these formats, but you
should use the newest one that is generally acceptable to your
users' browsers. At the time of writing, most browsers support all
three of these formats, with Cookie2
being the
preferred format.
CookieStyle Cookie2
Description: | Enables tracking cookie |
---|---|
Syntax: | CookieTracking on|off |
Default: | CookieTracking off |
Context: | server config, virtual host, directory, .htaccess |
Override: | FileInfo |
Status: | Extension |
Module: | mod_usertrack |
When mod_usertrack
is loaded, and
CookieTracking on
is set, Apache will send a
user-tracking cookie for all new requests. This directive can
be used to turn this behavior on or off on a per-server or
per-directory basis. By default, enabling
mod_usertrack
will not
activate cookies.
CookieTracking on