Quick Links: Overview | Configuring SSI in Apache | SSI Directives Cheatsheet

SSI Directives: Overview

  1. The SSI statement must be within the text of a web page.
  2. An SSI looks a bit like an HTML comment:

     

    <!--#element attribute=value attribute=value ... -->

     

  3. The web server must support SSI (Apache and IIS both do, to one extent or another)
  4. Enabling server side includes increases the potential for security breaches on the server.
  5. The web server must be configured to allow server side directives to run
  6. The web server must be configured to recoginze a specific document type or extension (*.shtm, or *.shtml)

Enabling Server Side Includes (SSI) in Apache:

  1. Open the httpd.conf file, or create/edit the .htaccess in the directory where want want to enable Server Side Includes (SSI).
  2. Add the following server configuration directive:

     

    Options +Includes

    Options IncludesNOEXEC


  3. Define a file type that will contain directives to reduce server workload:

     

    AddType text/html .shtm

    AddOutputFilter INCLUDES .shtm


  4. Rename existing files to have a .shtm file extension (or whatever extension you used).
  5. If you used a .htaccess file, be sure to reset the file permissions after editing it so that it is non-writeable again. A world-writeable .htaccess file is a security risk.

SSI Directives Cheatsheet

CONFIG DIRECTIVE
<!--#config  errmsg="Message Text"--> 
<!--#config  sizefmt="bytes"-->
<!--#fsize file="cheatsheet.shtml"-->18,934 bytes
<!--#flastmod file="cheatsheet.shtml"-->
<!--#flastmod virtual="cheatsheet.shtml"-->
Saturday, 19-May-2018 15:41:17 MDT bytes
Saturday, 19-May-2018 15:41:17 MDT bytes

 

ECHO DIRECTIVE  <!--#echo var="[SSI KEYWORD]"-->
The Echo directive can print into the page any of the server environment variables, or the CGI environment variables into the page.
SERVER-RELATED VARIABLES
KeywordValue Returned by Server
DATE_GMT Tuesday, 19-Nov-2024 17:53:45 GMT
DATE_LOCAL Tuesday, 19-Nov-2024 10:53:45 MST
SERVER_NAME inetdaemon.net
SERVER_SOFTWARE Apache
SERVER_PROTOCOL HTTP/2.0
SERVER_PORT 443
GATEWAY_INTERFACE CGI/1.1
REQUEST_METHOD GET

 

CLIENT-RELATED VARIABLES
KeywordValue Returned by Server
REMOTE_HOST (none)
REMOTE_USER (none)
REMOTE_ADDR 18.223.125.42
REMOTE_IDENT (none)
HTTP_ACCEPT */*
HTTP_REFERRER (none)
HTTP_USER_AGENT Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)

 

DOCUMENT-RELATED VARIABLES
KeywordValue Returned by Server
CONTENT_TYPE (none)
CONTENT_LENGTH (none)
DOCUMENT_NAME cheatsheet.shtml
DOCUMENT_ROOT /home4/inetdaem/public_html
DOCUMENT_URI /tutorials/www/web_server/cgi/ssi/cheatsheet.shtml
PATH_INFO (none)
PATH_TRANSLATED(none)
QUERY_STRING
SCRIPT_NAME /tutorials/www/web_server/cgi/ssi/cheatsheet.shtml

Bookmark this page and SHARE:  

Search

Donations

Free Training