Domain Registration from
Domain Registration from


Server Side Includes (SSI)

Using Server Side Includes - SSI

Using Server Side Includes - SSI

SSI works in conjunction with a web page usually with the .shtml extension. The .shtml extension tells the server to do something different with the web page. When you append the .html or .htm extension, this tells the server to "read" the page only. The .shtml extension tells the server to "Execute" the page, in addition to just reading it.

So, why would you want to execute the page? There are various commands you can program into a web page, which the server will look for and parse when the file is called as .shtml. In many cases, this mode is used in conjunction with Server Side Include (SSI) tags, to call a CGI script. For example, you have a visitor counter script, and we'll call it count.cgi. Every time someone visits your website, you want the script to be called, so that it logs the visitor into a file.

To do this, you would place an tag into your web page. The tag in this case, would look something like:

<#exec cgi="/cgi-bin/count.cgi">

This small tag, which is hidden in the html coding of your page is telling the server to:

1. Go to the cgi-bin
2. Execute count.cgi

That's it! The information has been captured and processed by the count.cgi script. Of course, that's the short version of what happens. The long version would no doubt, would take us far beyond the scope of this document.

PLEASE do not use the .shtml extension on "all" of your web pages unless it's absolutely necessary. With a busy web site, this means that every page must be executed, as opposed to just read. This as you can appreciate, can add considerable memory and CPU load to the system. As always, read the instructions that came with your script carefully. They should provide specific instructions on how to configure the script, as well as the SSI tag.

Additonal Information on SSI

1. What are server side includes?
Server-side includes (SSIs) are simple,
HTML-embedded directives that instruct the web server to include data in the
HTML document. As a shorthand alternative to CGI, server-side includes can be
2. How do I use SSI?
First you must create a page with
a .shtml extension! Then SSI is easily implemented into
your web page by using the following syntax or directives:

Directives can have more than one parameter, and multiple parameters are
separated by white space.
3. What directives are available?
The valid SSI directives are as follows:

echo var="environment-variable"
Echo inserts the value of one or more
SSI environment variables.

include file|virtual="path"
The include directive inserts the text
of another document, specified either as a file or a virtual file. Path must
be relative to the current document in the case of a file, or it can be a
virtual path. For example: fsize 

Syntax: fsize file="path"
The fsize directive inserts the size of
the file specified by path, in bytes.

 For example: This file is 

flastmod file="path"
Similar to fsize, flastmod inserts the
modification date for the file specified by path. 
For example: This file was last modified on .
config errmsg|sizefmt|timefmt="string"
You can use the config directive to
modify the default SSI behavior. The parameters are as follows:
Sets the default error message. 
For example: sizefmt:

Sets the format for file size data returned by the fsize directive. The
string for this parameter is either "bytes" for file sizes in bytes, or
"abbrev" for file sizes rounded to the nearest kilobyte. 

For example: timefmt:
Sets the format for dates and times returned by the flastmod directive and
the DATE_LOCAL and DATE_GMT variables.
The possible values for this parameter are as follows:

Format Code

Abbreviated day of the week, such as "Sun" for Sunday %A

Unabbreviated day of the week %b

Abbreviated month, such as "Jan" for January %B

Unabbreviated month %d

Two-digit, numerical day of the month, such as "01" . %D

Numerical month, day, and year, such as "01/24/97" %e

Numerical day, such as "1"


24-hour clock hour, such as "17" %I

12-hour clock hour, such as "11" %j

Numerical day of the year, such as "278" %m

Numerical month, such as "11" %M

Minutes, such as "08" %p

am or pm %r

Time, such as "08:23:17 am" %S

Seconds, such as "56" %T

24-hour time, such as "23:54:56" %U

Week of the year, such as "47" %w

Numerical day of
the week, such as "0" for Sunday and "7" for Saturday %y

Year of the current century, such as "97" %z

Abbreviated time zone, such as "PST" skip=n

Skips the next  rules in a sequence if the current rule matches S=n

Same as "skip" env=VARIABLE:VALUE

Sets the environment variable VARIABLE to the value VALUE E=VARIABLE:VALUE

Same as "env"  printenv
This directive prints a complete list of all existing SSI variables and their values. It has no attributes. For example:
set Syntax:
set var="variable" value="value"
This directive sets the value of an
environment variable. For example:

4. What extended SSI elements are available?
Our server implements Extended SSI, which includes flow control elements much like the ones used in programming languages. With flow control, you can create more sophisticated SSI scripts.
There are four flow control elements:

The test-condition is one of the following:

Test Condition
Description string
True if the string is not empty sring1=string2
True if string1 matches string2 string1!=string2
True if string1 does not match string2 (test-condition)
True if test-condition is true !test-condition
True if test-condition is false test-condition1 && test-condition2
True if both test-condition1 and test-condition2 are true test-condition1 || test-condition2
True if either test-condition1 or test-condition2 is true

5. What SSI environment variables available?
The filename of the current HTML document. For example:
This file is called  test

The URL of the current file. For example:

This document is located at .

An UUencoded query string whose metacharacters are escaped with a backslash ().
The local date and time. For example:

Here in San Diego, it is now .
The current Greenwich Mean Time. For example:
The current time is GMT.

The date and time when the current file was last modified. For example:
I last modified this page on .

6. What CGI environment variables can I use with SSI?
SERVER_SOFTWARE=Stronghold/2.0 The name and version number of the server software

SERVER_NAME=hostThe host being addressed in this request, which may be the main host or a virtual host, either as a fully-qualified domain name or an IP address
The same as SERVER_NAME HTTP_ACCEPT=MIME-type[, MIME-type, MIME-type . . .]

One or more MIME types that the client can accept
HTTP_USER_AGENT=name/version (platform) The name, version number, and platform of the client software

REMOTE_HOST=host The hostname or IP number of the client host or proxy server that originated the request
REMOTE_PORT=port The client-side port number that originated the requestREMOTE_ADDR=IP The IP number of the client host

The remote username, if the script is subject to basic authentication
The remote username as supplied by identd, if available
The protocol and version number used to send the request, which Stronghold also uses in its response in order to
ensure compatibility with the client REQUEST_METHOD=method The method used in this request, such as GET or POST
AUTH_TYPE=method The authentication method used in this request, if any

The MIME type of any data attached to the request header
The size, in bytes, of any data attached to the request header
The URL of the requested script

SCRIPT_FILENAME=absolute/path/to/scriptThe absolute path to the requested
The URL of the requested script

The URL of the requested script

The query-string for this transaction,
embedded in the requested URL

Categories: 28 | Questions: 909

Categories: 30 | Questions: 183



  • 5.2.x 5.3.x 5.4.x 5.5.x 5.6.x 7.0.x 7.1.x 7.2.x

  • 5.0.xx 5.1.x 5.5.x 5.7.x 10.x.x

  • 11.6x.x 11.70.x 11.72.x

  • 4.7.x (older versions available)

  • 5.2.x 5.3.x 5.4.x 5.5.x 5.6.x 7.0.x 7.1.x 7.2.x

  • 5.0.xx 5.1.x 5.5.x 5.7.x 10.x.x

  • 11.6x.x 11.70.x 11.72.x

  • 4.7.x (older versions available)


SecurityMetrics Credit Card Safe

Developed by