OBSOLETE DOCUMENT It is not functional for Foswiki 2.x / Apache 2.4
- Objectives
- Support
.htaccess
files
- Eliminate
Alias
and ScriptAlias
directives
- Support more aggressive short URLs (eliminate /bin)
- Fix mod_perl config which nearly works but is broken for redirects (subrequest issue)
- Does not work in non-VHOST environments
Apache Config Generator
This page creates an Apache configuration file foswiki.conf
for your installation. Fill out the form, and then press the [Update Config File] button. Copy and paste the generated configuration into your Apache configuration file.
For setting up Foswiki on Linux or Unix, see also
SettingFileAccessRightsLinuxUnix.
Caution: If you used the Debian packages to install Foswiki, do not use the
ApacheConfigGenerator. Use the configuration files included in the .deb packages..
default foswiki.conf
Press the "Update config file" button to generate your custom config
By pressing the button below you select all the text in the textarea. Then you just need to copy the text to the clipboard and paste it into the
foswiki.conf
file.
History
- Originally crafted and regularly maintained by KennethLavrsen
- removed the handy W3C tools from the blocked list. -- WillNorris - 18 Feb 2009
- ending % was missing for a %PATHURL in a ScriptAlias declaration -- ColasNahaboo - 23 Feb 2009
- Noted can't use a configure user as an editing wiki user -- MartinCleaver - 23 Mar 2009
- Remove /bin/view from the ErrorDocument strings if shorturls enabled - otherwise Apache fails to prompt for password - 5 Apr 2009
- Disabled TinyMCE plugin as it messes up with the layout -- OlivierRaginel - 06 Apr 2009
- Reorganized, added support for protecting attachments, FollowSymLinks -- GeorgeClark - 11 Apr 2009
- Simplified viewfile regex - should fix compile failure on Apache startup.
- Allow any wiki topic to be specified as the not-authorized page
- Allow location of .htpasswd to be overridden
- Add an optional port # for the Virtual host. So you can specify :80, :443, or whatever on the statement.
- Fixed htpasswd to default to data directory if left blank, otherwise overrides path - 3 Sept 2009
- Added (commented out) rules for serving pre-compressed .js and .css -- MichaelTempest - 22 Sep 2009
- Moved LocationMatch for fcgi outside of the directory.
- Add an Alias statement for robots.txt when short URLs are enabled
- Add or/and configuration of access control to
bin/configure
command -- TobiasVonDerKrone - 11 Dec 2009
- Fixed the urlpath element so that it roundtrips without adding a bogus leading space -- MartinCleaver - 11 Feb 2010
- Added
ErrorDocument 401 default
for bin/configure, so it doesn't rewrite to the bin/view and cause other errors - 9 July 2010
- Added NO_FOSWIKI_SESSION for protection against hungry spiders - AndrewJones - 14 July 2010
- Block either all of mod_php3, mod_php4, mod_php5 or none - don't ask the user to pick (and use ifmodule so that apache won't die when mod_php* isn't enabled) -- PaulHarvey - 11 Oct 2010
- Working with GeorgeClark, improve support for when wiki installation is not at root of domain (ie. hosted in subdirectory). Also, adjusted RewriteRules so they don't 'fall-through' to any URI based on
%REQUEST_URI
- because that isn't how we build a path to a file on the filesystem, when the URL path doesn't match up with FS path... -- PaulHarvey - 11 Oct 2010
- Folded unnecessary RewriteCond's into regex RewriteRules, these were causing everything to go to viewfile on a particular setup combination; change to PerlModule as noted in Tasks.Item9139 (!) -- PaulHarvey - 15 Oct 2010
- Moved file passthru check to after the bin/configure rewrite rule, otherwise bin/configure is detectes as a file, and is not handled as a cgi script.
- Also separated internal request passthru from file passthru. File passthru needs explicit path for systems where Foswiki is not installed in the document root. -- GeorgeClark - 23 Sep 2011
- added some disables for unimplemented stuff, and changed a few defaults to better reflect what I've learned wrt defaults. - SvenDowideit 22 Feb 2012
- configure url rewrite was not passing along the path.
Wanted improvements.
- For ShortURLs, I had to (at least for what I'm doing at SSLForNonViewScriptsOnly), add
Alias /error/ "/usr/share/apache2/error/"
above Alias / "/srv/www/vhosts/wiki.trin.org.au/foswiki/bin/view/"
- Handle modules needed for LDAP library inclusions -- MartinCleaver - 11 Feb 2010
- Template Login should be enable by default on "Choose your Login Manager".
- There should be a really basic configuration file ready to download and explained for newbies - there is the httpd.conf.txt at the root of the release
- don't serve foswiki root files
Configuration parts
Virtual Host
%STARTSECTION{"vhost"}%
<VirtualHost *%CALC{$GET(port)}% >
ServerAdmin webmaster@%HOSTNAME%
DocumentRoot %PATHVAR%
ServerName %HOSTNAME% %IF{ "$ ALTHOST !=''" then='$n ServerAlias %ALTHOST%'}%
%ENDSECTION{"vhost"}%
Server root
%STARTSECTION{"configRoot"}%
%IF{ "$ HTACCESS ='htaccess'" then='# ========= CUT HERE - save the below text into: %PATHVAR%/.htaccess ========='}%
%INCLUDE{"%TOPIC%" section="mod_rewrite"}%
%CALC{$SET(binview, $IF($EXACT(%SHORTURLS%,disabled),/bin/view,))}%
%CALC{$SET(symlink, $IF($EXACT(%SYMLINK%,on),+FollowSymLinks,-FollowSymLinks))}%
%IF{ "$ LOGINMANAGER='Apache' AND $ENGINE = 'FastCGI'" then='
# When using Apache type login the following defines the Foswiki scripts
# that makes Apache ask the browser to authenticate. It is correct that
# scripts such as view are not authenticated. This has to be LocationMatch because
# the scripts are not accessed as files.
<LocationMatch "^%URLREGEX%%IF{" $ SHORTURLS ='maximum'" then='' else='/+bin'}%/+(attach|edit|manage|rename|save|upload|mail|logon|rest|.*auth).*">
Require valid-user
</LocationMatch>
'}%
%IF{"defined blockpubhtml" then='
# Block access to typical spam related attachments
# Except the Foswiki directory which is read only and does have attached html files.
SetEnvIf Request_URI "%PATHURL%/+pub/+.*\.[hH][tT][mM][lL]?$" blockAccess
SetEnvIf Request_URI "%PATHURL%/+pub/+System/+.*\.[hH][tT][mM][lL]?$" !blockAccess
'}%
%INCLUDE{"%TOPIC%" section="blockAccess"}%
%IF{"$ ENGINE = 'mod_perl'" then='$percntINCLUDE{"%TOPIC%" section="modPerl"}$percnt'}%
%IF{"$ ENGINE = 'FastCGI'" then='%IF{"$ FASTCGI = 'fastcgi'" then='$percntINCLUDE{"%TOPIC%" section="modFastcgi"}$percnt' else='$percntINCLUDE{"%TOPIC%" section="modFcgid"}$percnt '}%'}%
%INCLUDE{"%TOPIC%" section="rootDirectory"}%
%IF{ "$ HTACCESS ='htaccess'" then='# ========= CUT HERE ========='}%
%ENDSECTION{"configRoot"}%
subDirectory
%STARTSECTION{"subDirectory"}%
%IF{ "$ HTACCESS ='htaccess'" then='# ========= CUT HERE - save the below text into: into %PATHVAR%/%dir%/.htaccess =========
# Deny all access
Deny from all
# ========= END FILE' else='<Directory "%PATHVAR%/%dir%">
deny from all
</Directory>'}% %ENDSECTION{"subDirectory"}%
pubDirectory
%STARTSECTION{"pubDirectory"}%
%IF{ "$ HTACCESS ='htaccess'" then='# ========= CUT HERE - save the below text into: %PATHVAR%/pub/.htaccess ========='}%
# This sets the options on the pub directory, which contains attachments and
# other files like CSS stylesheets and icons. AllowOverride None stops a
# user installing a .htaccess file that overrides these options.
# Note that files in pub are *not* protected by Foswiki Access Controls,
# so if you want to control access to files attached to topics you need to
# block access to the specific directories same way as the ApacheConfigGenerator
# blocks access to the pub directory of the Trash web
%IF{ "$ HTACCESS ='apache'" then='<Directory "%PATHVAR%/pub">'}%
Options None
Options %CALC{$GET(symlink)}%
AllowOverride None
Order Allow,Deny
Allow from all
Deny from env=blockAccess
ErrorDocument 404 %PATHURL%%IF{ "$ SHORTURLS ='maximum'" then='' else='/bin'}%/viewfile
%IF{ "$ BLOCKPHP" then="
# Disable execution of PHP scripts
<ifmodule mod_php3.c>
php3_engine off
</ifmodule>
<ifmodule mod_php4.c>
php_admin_flag engine off
</ifmodule>
<ifmodule mod_php5.c>
php_admin_flag engine off
</ifmodule>
"}%
%IF{"$ BLOCKSCRIPTS = 'on'" then='
# This line will redefine the mime type for the most common types of scripts
AddType text/plain .shtml .php .php3 .phtml .phtm .pl .py .cgi'}%
%IF{"$ EXPIRESHDR = 'on'" then='
#add an Expires header that is sufficiently in the future that the browser does not even ask if its uptodate
# reducing the load on the server significantly
#IF you can, you should enable this - it _will_ improve your Foswiki experience, even if you set it to under one day.
# you may need to enable expires_module in your main apache config
#LoadModule expires_module libexec/httpd/mod_expires.so
#AddModule mod_expires.c
<ifmodule mod_expires.c>
<filesmatch "\.(jpe?g|gif|png|css(\.gz)?|js(\.gz)?|ico)$">
ExpiresActive on
ExpiresDefault "access plus 11 days"
</filesmatch>
</ifmodule>'}%
%IF{"$ ETAGS = 'on'" then='
# Disabling ETags (Entity Tags) reduces the size of HTTP Headers
FileETag none'}%
%IF{"$ COMPRESSJSCSS = 'on'" then='
# Serve pre-compressed versions of .js and .css files, if they exist
# Some browsers do not handle this correctly, which is why it is disabled by default
<FilesMatch "\.(js|css)$">
RewriteEngine on
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}.gz -f
RewriteRule ^(.*)$ %{REQUEST_URI}.gz [L,QSA]
</FilesMatch>
<FilesMatch "\.(js|css)\?.*$">
RewriteEngine on
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}.gz -f
RewriteRule ^([^?]*)\?(.*)$ $1.gz?$2 [L]
</FilesMatch>
<FilesMatch "\.js\.gz(\?.*)?$">
AddEncoding x-gzip .gz
AddType application/x-javascript .gz
</FilesMatch>
<FilesMatch "\.css\.gz(\?.*)?$">
AddEncoding x-gzip .gz
AddType text/css .gz
</FilesMatch>'}%
%IF{ "$ HTACCESS ='apache'" then='</Directory>' else='# ========= CUT HERE ========='}%
%ENDSECTION{"pubDirectory"}%
binDirectory
%STARTSECTION{"binDirectory"}%
%IF{ "$ HTACCESS ='htaccess'" then='# ========= CUT HERE - save the below text into: %PATHVAR%/bin/.htaccess ========='}%
# This specifies the options on the Foswiki scripts directory. The ExecCGI
# and SetHandler tell apache that it contains scripts. "Allow from all"
# lets any IP address access this URL.
# Note: If you use SELinux, you also have to "Allow httpd cgi support" in your SELinux policies
%IF{ "$ HTACCESS ='apache'" then='<Directory "%PATHVAR%/bin">'}%
AllowOverride None
Order Allow,Deny
Allow from all
Deny from env=blockAccess
%IF{"$ ENGINE = 'mod_perl'" then='
Options +ExecCGI %CALC{$GET(symlink)}%
<IfModule mod_perl.c>
SetHandler perl-script
Perl%IF{"$ APVER = '2'" then="Response"}%Handler Foswiki::Engine::Apache
</IfModule>
' else='
Options +ExecCGI %CALC{$GET(symlink)}%
SetHandler cgi-script'}%%IF{"$ ENGINE = 'FastCGI'" then='
<Files "foswiki.fcgi">
SetHandler %FASTCGI%-script
</Files>
'}%
# Password file for Foswiki users
%IF{"$ HTPATH = ''" then=' AuthUserFile %PATHVAR%/data/.htpasswd' else=' AuthUserFile %HTPATH%/.htpasswd'}%
AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.'
AuthType Basic
%IF{ "$ ERRORDOCUMENT ='UserRegistration'" then='
# File to return on access control error (e.g. wrong password)
ErrorDocument 401 %PATHURL%%CALC{$GET(binview)}%/System/UserRegistration
'}%%IF{ "$ ERRORDOCUMENT='ResetPassword'" then='
# File to return on access control error (e.g. wrong password)
ErrorDocument 401 %PATHURL%%CALC{$GET(binview)}%/System/ResetPassword
'}%%IF{ "$ ERRORDOCUMENT='Custom'" then='
# File to return on access control error (e.g. wrong password)
ErrorDocument 401 %PATHURL%%CALC{$GET(binview)}%/%ERRORCUSTOM%
'}%
# Limit access to configure to specific IP address(es) %IF{ "$REQANDOR='and'" then="and" else="or" }% user(s).
# Make sure configure is not open to the general public.
# It exposes system details that can help attackers.
# cf. http://foswiki.org/Support/ProtectingYourConfiguration for details.
<FilesMatch "^(configure.*)$">
SetHandler cgi-script%IF{ "$ALLOWCONF != ''" then="
Order Deny,Allow
Deny from all
Allow from %URLPARAM{allowconf}%"}%
%IF{ "$REQUIRECONF != ''" then="Require user %URLPARAM{requireconf}%"}%
Satisfy %IF{ "$REQANDOR='and'" then="All" else="Any" }%
ErrorDocument 401 default
</FilesMatch>
%IF{ "$ LOGINMANAGER='Apache' AND $ENGINE != 'FastCGI'" then="
# When using Apache type login the following defines the Foswiki scripts
# that makes Apache ask the browser to authenticate. It is correct that
# scripts such as view are not authenticated.
<FilesMatch \"(attach|edit|manage|rename|save|upload|mail|logon|rest|.*auth).*\">
Require valid-user
</FilesMatch>"}%
%IF{ "$ HTACCESS ='apache'" then='</Directory>' else='# ========= CUT HERE ========='}%
%ENDSECTION{"binDirectory"}%
rootDirectory
%STARTSECTION{"rootDirectory"}%
# This enables access to the documents in the Foswiki root directory
%IF{ "$ HTACCESS ='apache'" then='<Directory "%PATHVAR%">'}%
Order Allow,Deny
Allow from all
Deny from env=blockAccess
%IF{ "$ HTACCESS ='apache'" then='</Directory>'}%
%ENDSECTION{"rootDirectory"}%
pubTrash
%STARTSECTION{"pubTrash"}%
%IF{ "$ HTACCESS ='htaccess'" then='# ========== Cut here and paste into "%PATHVAR%/pub/Trash/.htaccess"'}%
# Spammers are known to attach their stuff and then move it to trash where it remains unnoticed.
# We prevent viewing any attachments directly from pub
%IF{ "$ HTACCESS ='apache'" then='<Directory "%PATHVAR%/pub/Trash">'}%
deny from all
%IF{ "$ HTACCESS ='apache'" then='</Directory>' else='# ========= CUT HERE ========='}%
%ENDSECTION{"pubTrash"}%
Modules
mod_rewrite
%STARTSECTION{"mod_rewrite"}%
RewriteEngine on
# Rewrite logging is costly, recommend to use sparingly and enably only when
# required. CAUTION: If the path to the log file is not present, or the log
# file is not writable by Apache, the server will not start.
#RewriteLog "%PATHVAR%/working/logs/rewrite.log"
#RewriteLogLevel 0
# Don't rewrite the default apache error documents.
# NOTE: The location of the standard apache error directory may need to be
# adjusted for your server.
RewriteRule ^/error/(.*) /usr/share/apache2/error/$1 [L,NS]
%IF{ "$ CONTROLATTACH='on'" then='
#
# Protect attachments by rewriting to the "viewfile" script
#
# Permit some safe exceptions to avoid viewfile overhead
# Any gif/jpg/ico in /pub, and any files in /pub/System or any WebPreferences:
# pass through unmodified
# - uncomment first line to allow access to ImageGalleryPlugin cache.
#RewriteCond %{REQUEST_URI} ^%URLREGEX%/+pub/+images/+.*$ [OR]
RewriteCond %{REQUEST_URI} ^%URLREGEX%/+pub/+[^/]+\.(gif|png|jpe?g|ico)$ [NC,OR]
RewriteCond %{REQUEST_URI} ^%URLREGEX%/+pub/+System/+(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^%URLREGEX%/+pub/+([^/]+/+)+WebPreferences/+([^/]+)$
RewriteRule ^%URLREGEX%/+pub/+(.*)$ %PATHVAR%/pub/$1 [L]'}%
%IF{ "$ CONTROLATTACH='on' and $ SHORTURLS='disabled'" then='
# These exceptions can help performance but are risky. Permit some user content to bypass viewfile
# Any gif, ico, png or jpg in any sub-directory of pub
# that has the view script as the referrer (Can be spoofed!)
# pass through unmodified. (If desired, uncomment all 3 lines)
# Note that this does not work for short URLs because the referrer cannot be determined.
#RewriteCond %{HTTP_REFERER} ^http://%VHOST%%PATHURL%/bin/view.*
#RewriteCond %{REQUEST_URI} ^%URLREGEX%/+pub/+([^/]+/)+([^/]+)\.(gif|ico|png|jpe?g)$ [NC]
#RewriteRule ^%URLREGEX%/+pub/+(.*)$ %PATHVAR%/pub/$1 [L]
'}%
%IF{ "$ CONTROLATTACH='on'" then=' # If it makes it here, rewrite as viewfile
RewriteRule ^%URLREGEX%/+pub/+(.*)$ %PATHVAR%/bin%FCGI%/viewfile/$1 [L,NS,H=%HANDLER%-script]
' else=' # pub files are served directly by Apache, not by Foswiki
RewriteRule ^%URLREGEX%/+pub/+(.*)$ %PATHVAR%/pub/$1 [L]
'}%
# These rewrite rules redirect the user to the shorter URL
%IF{" $ SHORTURLS ='enabled' or $ SHORTURLS ='maximum'" then='# Shorten the URL if the user forgot
RewriteRule ^%URLREGEX%/+bin/+view/+(.*) %PATHURL%/$1 [L,NE,R]
RewriteRule ^%URLREGEX%/+view/+(.*) %PATHURL%/$1 [L,NE,R]
RewriteRule ^%URLREGEX%/+bin/+view$ %PATHURL%/ [L,NE,R]
RewriteRule ^%URLREGEX%/+view$ %PATHURL%/ [L,NE,R]'}%
%IF{" $ SHORTURLS ='maximum'" then='RewriteRule ^%URLREGEX%/+bin/+(.*) %PATHURL%/$1 [L,NE,R]'}%
# The below rewrite rules containing a fully qualified path in the substitution instruct the
# server which file/script to use and do not result in a redirect to the user. They serve
# the same purpose as the "Alias" and/or "ScriptAlias" statements.
# Make sure that configure is handled as a cgi script
%IF{" $ SHORTURLS ='maximum'" then='RewriteCond %{REQUEST_URI} ^%URLREGEX%/+configure(.*)' else='RewriteCond %{REQUEST_URI} ^%URLREGEX%/+bin/+configure(.*)'}%
RewriteRule . %PATHVAR%/bin/configure%1 [L,NS,H=cgi-script]
# internal request are served as usual
RewriteCond %{IS_SUBREQ} ^true$
RewriteRule . - [L]
# Default the homepage
RewriteRule ^/$ %PATHVAR%/bin%FCGI%/view/ [L,NS,H=%HANDLER%-script]
# uri's of the form /script/... are passed to the right script
%IF{" $ SHORTURLS ='maximum'" then='RewriteCond %{REQUEST_URI} ^%URLREGEX%/+([^/]+)(.*)$' else='RewriteCond %{REQUEST_URI} ^%URLREGEX%/+bin/+([^/]+)(.*)$ '}%
RewriteCond %PATHVAR%/bin/%1 -f
RewriteRule . %PATHVAR%/bin%FCGI%/%1%2 [L,NS,H=%HANDLER%-script]
# existing static files are served as usual
# - lets files like robots.txt, etc pass through
RewriteCond %{REQUEST_URI} ^%URLREGEX%/+(.*)$
RewriteCond %PATHVAR%/%1 -f
RewriteRule . %PATHVAR%/%1 [L]
# Everthing else is just viewed
RewriteRule ^%URLREGEX%/+(.*)$ %PATHVAR%/bin%FCGI%/view/$1 [L,NS,H=%HANDLER%-script]
%ENDSECTION{"mod_rewrite"}%
mod_perl
%STARTSECTION{"modPerl"}%
<IfModule mod_perl.c>%IF{"$ APVER = '2'" then='
PerlSwitches -wT' else='
PerlTaintCheck On
PerlWarn On'}%
# Explicit Pre or Post is recommended over PerlRequire. Post seems to be reliable.
PerlPostConfigRequire %PATHVAR%/tools/mod_perl_startup.pl
</IfModule>
%ENDSECTION{"modPerl"}%
mod_fastcgi
%STARTSECTION{"modFastcgi"}%
<IfModule mod_fastcgi.c>
# Commenting the next setting makes foswiki to be a dynamic server, loaded on demand.
# Adjust the number of servers to your needs
FastCgiServer %PATHVAR%/bin/foswiki.fcgi -processes 3
# Running an external server on the same machine:
#FastCgiExternalServer %PATHVAR%/bin/foswiki.fcgi -socket /path/to/foswiki.sock
# Or at another machine:
#FastCgiExternalServer %PATHVAR%/bin/foswiki.fcgi -host example.com:8080
# Refer to details at http://www.fastcgi.com/mod_fastcgi/docs/mod_fastcgi.html
</IfModule>
%ENDSECTION{"modFastcgi"}%
mod_fcgid
%STARTSECTION{"modFcgid"}%
<IfModule mod_fcgid.c>
# Maximum fcgi handlers allowed
FcgidMaxProcessesPerClass 50
# Timeout for FCGI script - may need to be increased for long-running searches.
FcgidIOTimeout 30
# Refer to details at http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
</IfModule>
%ENDSECTION{"modFcgid"}%
blockAccess
%STARTSECTION{"blockAccess"}%
# We set an environment variable called blockAccess.
#
# Setting a BrowserMatchNoCase to ^$ is important. It prevents Foswiki from
# including its own topics as URLs and also prevents other Foswikis from
# doing the same. This is important to prevent the most obvious
# Denial of Service attacks.
#
# You can expand this by adding more BrowserMatchNoCase statements to
# block evil browser agents trying to crawl your Foswiki
#
# Example:
# BrowserMatchNoCase ^SiteSucker blockAccess
# BrowserMatchNoCase ^$ blockAccess
%IF{ "$ BLOCKSPIDERS ='on'" then='$percntINCLUDE{"%TOPIC%" section="blockSpiders"}$percnt'}%
%IF{"$FOSWIKIVERSION>1.0 and $BLOCKGSASESS='on'" then='$percntINCLUDE{"%TOPIC%" section="NO_FOSWIKI_SESSION"}$percnt'}%
BrowserMatchNoCase ^$ blockAccess
%ENDSECTION{"blockAccess"}%
blockSpiders
%STARTSECTION{"blockSpiders"}%
BrowserMatchNoCase ^Accoona blockAccess
BrowserMatchNoCase ^ActiveAgent blockAccess
BrowserMatchNoCase ^Attache blockAccess
BrowserMatchNoCase BecomeBot blockAccess
BrowserMatchNoCase ^bot blockAccess
BrowserMatchNoCase Charlotte/ blockAccess
BrowserMatchNoCase ^ConveraCrawler blockAccess
BrowserMatchNoCase ^CrownPeak-HttpAgent blockAccess
BrowserMatchNoCase ^EmailCollector blockAccess
BrowserMatchNoCase ^EmailSiphon blockAccess
BrowserMatchNoCase ^e-SocietyRobot blockAccess
BrowserMatchNoCase ^Exabot blockAccess
BrowserMatchNoCase ^FAST blockAccess
BrowserMatchNoCase ^FDM blockAccess
BrowserMatchNoCase ^GetRight/6.0a blockAccess
BrowserMatchNoCase ^GetWebPics blockAccess
BrowserMatchNoCase ^Gigabot blockAccess
BrowserMatchNoCase ^gonzo1 blockAccess
BrowserMatchNoCase ^Google\sSpider blockAccess
BrowserMatchNoCase ^ichiro blockAccess
BrowserMatchNoCase ^ie_crawler blockAccess
BrowserMatchNoCase ^iGetter blockAccess
BrowserMatchNoCase ^IRLbot blockAccess
BrowserMatchNoCase Jakarta blockAccess
BrowserMatchNoCase ^Java blockAccess
BrowserMatchNoCase ^KrakSpider blockAccess
BrowserMatchNoCase ^larbin blockAccess
BrowserMatchNoCase ^LeechGet blockAccess
BrowserMatchNoCase ^LinkWalker blockAccess
BrowserMatchNoCase ^Lsearch blockAccess
BrowserMatchNoCase ^Microsoft blockAccess
BrowserMatchNoCase MJ12bot blockAccess
BrowserMatchNoCase MSIECrawler blockAccess
BrowserMatchNoCase ^MSRBOT blockAccess
BrowserMatchNoCase ^noxtrumbot blockAccess
BrowserMatchNoCase ^NutchCVS blockAccess
BrowserMatchNoCase ^RealDownload blockAccess
BrowserMatchNoCase ^Rome blockAccess
BrowserMatchNoCase ^Roverbot blockAccess
BrowserMatchNoCase ^schibstedsokbot blockAccess
BrowserMatchNoCase ^Seekbot blockAccess
BrowserMatchNoCase ^SiteSnagger blockAccess
BrowserMatchNoCase ^SiteSucker blockAccess
BrowserMatchNoCase ^Snapbot blockAccess
BrowserMatchNoCase ^sogou blockAccess
BrowserMatchNoCase ^SpiderKU blockAccess
BrowserMatchNoCase ^SpiderMan blockAccess
BrowserMatchNoCase ^Squid blockAccess
BrowserMatchNoCase ^Teleport blockAccess
BrowserMatchNoCase ^User-Agent\: blockAccess
BrowserMatchNoCase VoilaBot blockAccess
BrowserMatchNoCase ^voyager blockAccess
BrowserMatchNoCase ^w3search blockAccess
BrowserMatchNoCase ^Web\sDownloader blockAccess
BrowserMatchNoCase ^WebCopier blockAccess
BrowserMatchNoCase ^WebDevil blockAccess
BrowserMatchNoCase ^WebSec blockAccess
BrowserMatchNoCase ^WebVac blockAccess
BrowserMatchNoCase ^Webwhacker blockAccess
BrowserMatchNoCase ^Webzip blockAccess
BrowserMatchNoCase ^Wells blockAccess
BrowserMatchNoCase ^WhoWhere blockAccess
BrowserMatchNoCase www\.netforex\.org blockAccess
BrowserMatchNoCase ^WX_mail blockAccess
BrowserMatchNoCase ^yacybot blockAccess
BrowserMatchNoCase ^ZIBB blockAccess
%ENDSECTION{"blockSpiders"}%
NO_FOSWIKI_SESSION
%STARTSECTION{"NO_FOSWIKI_SESSION"}%
# Setting the NO_FOSWIKI_SESSION environment variable prevents a
# session being created for the Google Search Appliance bot. This
# is useful if you have the Google Search Appliance installed on
# your intranet, as they can be very aggressive when indexing, creating
# a lot of session files and slowing Foswiki down.
# You can also set this environment variable for public sites, to
# prevent Google and other search engines' bots. However, these tend
# to index your site a lot less often than the Google Search Appliance.
# *Works on Foswiki 1.1 and later only*
BrowserMatch "^gsa-crawler" NO_FOSWIKI_SESSION
%ENDSECTION{"NO_FOSWIKI_SESSION"}%