Redirect Context
Table of Contents
URI | External Redirect | Status Code | Destination URI | Header Operations | Allow Override | Realm | Authentication Name | Require (Authorized Users/Groups) | Access Allowed | Access Denied | Authorizer
Redirect Context⇑
Description
A Redirect Context can be used to forward one URI or a group of URIs to another location. The destination URI can be either on the same web site (an internal redirect) or an absolute URI pointing to another web site (an external redirect).
URI⇑
Description
Specifies the URI for this context.
Syntax
The URI can be a plain URI (starting with "/") or a Perl compatible regular expression URI (starting with "exp:"). If a plain URI ends with a "/", then this context will include all sub-URIs under this URI. If the context maps to a directory on the file system, a trailing "/" must be added.
See Also
External Redirect⇑
Description
Specifies whether this redirect is external. For external redirection, Status Code may be specified and Destination URI can start either with "/" or "http(s)://". For internal redirection, Destination URI must start with "/".
Status Code⇑
Description
Specifies the response status code of the external redirection. If the status code is between 300 and 399, Destination URI can be specified.
Syntax
Select from drop down list
Destination URI⇑
Description
Specifies the target location of the redirect. If this redirected URI maps to a URI in another redirect context, it will be redirected again.
Syntax
This URI can either be a relative URI on the same web site starting with "/", or an absolute URI pointing to different web site starting with "http(s)://". If the URI contains regular expressions, the destination can reference the matched variables, such as $1 or $2.
Header Operations⇑
Description
Specifies additional response/request headers to be added. Multiple header directives can be added with one directive per line. "NONE" can be used to disable parent header inheritance. If no directive is provided 'Header' is assumed.
Syntax
[Header]|RequestHeader [condition] set|append|merge|add|unset header [value] [early|env=[!]variable]
Example
append Cache-control no-store
Header set My-header cust_header_val
RequestHeader set My-req-header cust_req_header_val
Tips
Syntax and usage are similar to Apache's mod_headers directives for supported operations.
The 'Header' directive is is optional and can be excluded or left in when copying rules from elsewhere without issue.
Allow Override⇑
Description
Specifies what directives in an access control file are allowed. An access control file can be placed in a directory to control the accessibility of files under that directory.
- When nothing is checked, inherited default settings will be used.
- When None is checked, access control files will be ignored.
- When Limit is checked, directives "Allow", "Deny", and "Order" are allowed. <Limit> and <LimitExcept> directives are also allowed with limited support for GET, HEAD, and POST requests.
- When Auth is checked, directives "AuthGroupFile", "AuthName", "AuthType", "AuthUserFile", "Require", and "Satisfy" are allowed. <Limit> and <LimitExcept> directives are also allowed with limited support for GET, HEAD, and POST requests.
- When FileInfo is checked, directives "AddDefaultCharset", "AddType", "DefaultType", "ForceType", "Redirect", "RedirectPermanent", "RedirectTemp", "RewriteBase", "RewriteCond", "RewriteEngine", "RewriteOptions", and "RewriteRule" are allowed.
- When Indexes is checked, directives "DirectoryIndex", "ExpiresActive", "ExpiresByType", and "ExpiresDefault" are allowed.
- When Options is checked, directive "Options" is allowed.
Allow Override configuration is available at the Server, Virtual Host, and Context levels. If a configuration is unchecked at the Server level, those controlled directives will be disabled for the entire server regardless of settings at lower levels. Lower levels can disable a setting that is enabled at a higher level, but cannot enable a setting that is disabled at an upper level.
Default values:
Server level: "None" (ignore access control file)
VH level: Inherit Server level setting
Context level Inherit VH level setting
Syntax
Select from checkbox
Tips
If there is no need for directory level configuration customization, check None.
Realm⇑
Description
Specifies the authorization realm for this context. When specified, a valid username and password must be provided in order to access this context. Authorization Realms are set up in the Virtual Host Security section. This setting uses each realm's Realm Name.
Syntax
Select from drop down list
Authentication Name⇑
Description
Specifies an alternative name for the authorization realm for the current context. If not specified, the original realm name will be used. The authentication name is displayed on the browser's login pop-up.
Require (Authorized Users/Groups)⇑
Description
Specifies which user/group can access this context. This allows you to use one user/group database (specified in Realm) across a number of contexts, but only allow certain users/groups from that database to access this context.
Syntax
Syntax is compatible with Apache's Require directive. For example:
- user username [username ...]
Only listed users can access this context. - group groupid [groupid ...]
Only users belonging to the listed groups can access this context.
Access Allowed⇑
Description
Specifies which IPs or sub-networks are allowed to access resources under this context. Together with Access Denied and server/virtual host level access control, accessibility is determined by the smallest scope that a client's IP address falls into.
Syntax
Comma-delimited list of IPs/sub-networks.
Example
Access Denied⇑
Description
Specifies which IPs or sub-networks are NOT allowed to access resources under this context. Together with Access Allowed and server/virtual host-level access control, accessibility is determined by the smallest scope that a client's IP address falls into.
Syntax
Comma-delimited list of IPs/sub-networks.
Example
Authorizer⇑
Description
Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit http://www.fastcgi.com.
Syntax
Select from drop down list