Provides tracking of a user through your website via browser cookies.
This directive controls the setting of the domain to which the tracking cookie applies. If not present, no domain is included in the cookie header field.
The domain string must begin with a dot, and
must include at least one embedded dot. That is,
.example.com
is legal, but www.example.com
and
.com
are not.
.co.uk
,
although such a domain ostensibly fulfills the requirements
above..com
, and allowing such cookies may be a security
risk. Thus, if you are under a two-part top level domain, you
should still use your actual domain, as you would with any other top
level domain (for example .example.co.uk
).
When used, this directive sets an expiry time on the cookie generated by the usertrack module. The expiry-period can be given either as a number of seconds, or in the format such as "2 weeks 3 days 7 hours". Valid denominations are: years, months, weeks, days, hours, minutes and seconds. If the expiry time is in any format other than one number indicating the number of seconds, it must be enclosed by double quotes.
If this directive is not used, cookies last only for the current browser session.
This directive allows you to change the name of the cookie
this module uses for its tracking purposes. By default the
cookie is named "Apache
".
You must specify a valid cookie name; results are unpredictable if you use a name containing unusual characters. Valid characters include A-Z, a-z, 0-9, "_", and "-".
This directive controls the format of the cookie header field. The three formats allowed are:
Not all clients can understand all of these formats, but you
should use the newest one that is generally acceptable to your
users' browsers. At the time of writing, most browsers support all
three of these formats, with Cookie2
being the
preferred format.
When CookieTracking on
is set, Apache will send a
user-tracking cookie for all new requests. This directive can
be used to turn this behavior on or off on a per-server or
per-directory basis. By default, enabling
When set to 'ON', the 'Secure' cookie attribute is added to this modules tracking cookie. This attribute instructs browsers to only transmit the cookie over HTTPS.
When set to 'ON', the 'HTTPOnly' cookie attribute is added to this modules tracking cookie. This attribute instructs browsers to block javascript from reading the value of the cookie.
When set to 'None', 'Lax', or 'Strict', the 'SameSite' cookie attribute is added to this modules tracking cookie with the corresponding value. This attribute instructs browser on how to treat the cookie when it is requested in a cross-site context.
A value of 'None' sets 'SameSite=None', which is the most liberal setting. To omit this attribute, omit the directive entirely.