What are Server-Side Includes (SSI)

Server-Side Includes (commonly called SSI) are small commands that you can put in your HTML document. These commands perform specific functions, such as inserting text, the date, server variables, etc. Nowadays I rarely see it used, but there are some use cases for sure. For a complete list of SSI commands visit W3.

How do Server Side Includes work?

When you receive a visitor to your web page, your visitor’s browser is sending a request for your HTML page to your server. The server grabs the page, then sees the SSI command (or “call”) and knows that you wanted the server to do something to the HTML file before giving the HTML file to the browser. Because of the nature of SSI, you as a visitor cannot see that SSI is in use.

How do I use Server Side Includes on my web site?

Most servers that support SSI require that all web pages using it are named with the .shtml extension instead of .html – otherwise all of your include calls will be ignored.

What can I use SSI for?

There are many things SSI can do for you.

Include a File Into Your html Document

You can “include” a file into your html document . For example, you have a footer that you would like to show on every page in a web site. You have named the footer file footer.html. In your main html document (let’s call it index.shtml), you would include this code: 

<!--#include virtual="footer.html"-->

It is important to remember the pound sign (#), as that is the key to letting the server that you are using SSI. When your index.shtml is retrieved by a visitor, the server reads your page and sees your call to insert footer.html into your page. The server then retrieves footer.html and inserts it exactly where you placed your SSI call.

Insert Environment Variables

You can insert your environment variables (Why? We don’t know why, but some people like to do this). For example, in your .shtml document, typing 

<!--#echo var="HTTP_HOST"-->

returns www.hostingmanual.net on this server.

Other environment variables that are available, and their corresponding output include:

  • <!--#echo var="SERVER_SOFTWARE" --> : Apache/x.x.x (Unix) FrontPage/4.0.4.3
  • <!--#echo var="GATEWAY_INTERFACE" --> : CGI/1.1
  • <!--#echo var="DOCUMENT_ROOT" --> : CGI/1.1
  • <!--#echo var="REMOTE_ADDR" --> : 64.208.172.178
  • <!--#echo var="SERVER_PROTOCOL" --> : HTTP/2.0
  • <!--#echo var="REQUEST_METHOD" --> : GET
  • <!--#echo var="HTTP_USER_AGENT" --> : chrome
  • <!--#echo var="SERVER_NAME" --> : www.hostingmanual.net
  • <!--#echo var="SERVER_PORT" --> : 443
  • <!--#echo var="SERVER_ADMIN" --> : webmaster@hostingmanual.net

Insert Last Modification Date

You can insert the file’s last modification date by using 

<!--#echo var="LAST_MODIFIED" -->

This is the output of LAST_MODIFIED for this page: Wednesday, 02-Jul-2021 15:13:02 CDT

Execute a Script

You can execute a program . This is highly contingent on your host. When you use this, your script has to be tight and have no security holes. For example, if you have a “Quote of the Moment” script, which inserts a new quote every time your page is reloaded. Some people make you go to a specific page to look at your random quotes, but SSI allows you to insert your random quote into your .shtml page. The command would look like: 

<!--#exec cgi="cgi-bin/randomquote.cgi"-->.

In order for your #exec cgi command to work, you need to make sure that your script is working. Make sure that permissions are at least 755 (rwxrw-rw-) or higher, and if possible, try to run the program first, before including it into your document.

Insert Current Date

You can insert the current date (relative to the server – if you are in Asia, the date may appear as yesterday’s or tomorrow’s date) by using 

<!--#echo var="DATE_LOCAL"-->

Example: Wednesday, 29-Aug-2007 03:13:00 CDT

Insert IP Number of your visitor

You can let the visitor know their IP# by using 

<!--#echo var="REMOTE_ADDR"-->

Example: 64.208.172.178

Why Can’t I Use SSI with .html pages?

Server-Side Includes tend to run slower than regular .html documents because the server looks for SSI commands to parse into the .shtml documents before displaying the page to your visitors. If we had our configuration set to allow SSI parsing in .html documents, server response would be degraded for those users who don’t use SSI. For that reason, most server configurations are set to SSI-parse only those documents with the .shtml extension.

If you want to override the default server configuration so that SSI will work with .html documents, you can create a file named .htaccess and upload it (in ASCII mode) to your main www directory. Add the following lines to your .htaccess file:

AddType text/html .html
AddHandler server-parsed .html

If you want both .html and .htm documents to parse SSI, create your .htaccess file with these lines:

AddType text/html .html
AddHandler server-parsed .html
AddHandler server-parsed .htm

Please note that because the server will now look for SSI commands in each .htm page before displaying the page to your visitors, pages with this extension may parse slightly slower (the same speed as normal .shtml files).