I have a completely https site and would like to make it more
efficient for non-private static pages.
This document by Ivan Ristic:
https://www.ssllabs.com/downloads/SSL_TLS_Deployment_Best_Practices_1.0.pdf
recommends (in para 3.4) "enabling caching of public resources...by
attaching the Cache-Control: public response header to them."
I believe there are several directives that may be used, but if the
solution I eventually use does work, would that cause trouble for a
mixed content page (e.g., images embedded in a page with private
information)? My guess is no if the regex chosen prevents pages with,
say, "private" in the URL from getting the cache header.
As an Apache novice, a solution I believe should work is this (assumes
[1] my private data is in directories with "private" in the path and
[2] dynamic pages are generated by ".cgi" programs):
# for all directories without "private" in the URL
<DirectoryMatch "*(?!private)*">
# all resources get the "Cache-Control: public" header and value
(except cgi)
Header onsuccess set Cache-Control public env=!"%{QUERY_STRING} =~ /\.cgi$/"
</DirectoryMatch>
I will appreciate any critiques.
Thanks.
Best regards,
-Tom
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|