I have a completely https site and would like to make it more efficient for non-private static pages. This document by Ivan Ristic: https://www.ssllabs.com/downloads/SSL_TLS_Deployment_Best_Practices_1.0.pdf recommends (in para 3.4) "enabling caching of public resources...by attaching the Cache-Control: public response header to them." I believe there are several directives that may be used, but if the solution I eventually use does work, would that cause trouble for a mixed content page (e.g., images embedded in a page with private information)? My guess is no if the regex chosen prevents pages with, say, "private" in the URL from getting the cache header. As an Apache novice, a solution I believe should work is this (assumes [1] my private data is in directories with "private" in the path and [2] dynamic pages are generated by ".cgi" programs): # for all directories without "private" in the URL <DirectoryMatch "*(?!private)*"> # all resources get the "Cache-Control: public" header and value (except cgi) Header onsuccess set Cache-Control public env=!"%{QUERY_STRING} =~ /\.cgi$/" </DirectoryMatch> I will appreciate any critiques. Thanks. Best regards, -Tom --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx