Search results

If you use ea4 php rpm, you need to wait for the rpm update to SAPI 7.1, usually, it requires a new official release of PHP 7.1 .

PHP LiteSpeed SAPI 7.1 has been released, it will take some time for other down-stream rpm packager to use the new code. If you compile from source, you can do it now, otherwise, just wait. :-)

I figured out the root cause of this. It is due to a bug in PHP LiteSpeed SAPI 7.0, which affects PHP suEXEC daemon mode. You can either downgrade the PHP package to the one using LiteSpeed SAPI 6.11, or switch to PHP suEXEC process group mode, by simply turning off the daemon mode update...

I could not reproduce it with the same configuration. Is there any symbolic link involves with any related file path? what is the content of rules.conf? I just copied rules.conf.main. Maybe you should update LSWS to 5.2.6.

have test it locally, it looks fine. can you try testing it with curl see if the rule got hit?

thanks for the update. does it happen when litespeed completely replaced Apache? Usually, we only need to run litespeed parallel to Apache in testing mode before go live. Do you need to run both for production?

Looks like a bug with LSWS, which version are you using? Maybe it is due to the relative path not being resolved correctly in the native litespeed setup. can you show us your modsecurity configuration, in the httpd_config.xml? We will try to reproduce it.

Is the web server worker process running as nobody? Please check if nobody can read the whitelist file with command sudo -u nobody cat /<path_to_whitelist_file> .

maybe the parent folder's permission prevent server from reading that file. make sure nobody user can read it. /usr/local/lsws/conf/ has strict permission, nobody may not able to read file under it. you can move the rule set to /usr/local/lsws/modsec/

you can use a different php.ini for the cron job by using "-c ..." option.

I think you can do it with rewrite rules.

The breakage may be due to CloudLinux rpm update. not LSWS update. the enable_ruby_python_selector.sh script need to build binary extensions for both ruby and python rpm installed by CloudLinux. If ruby or python version updated, need to update the extension. It would be optimum if pack the...

usually, it need ESI hole punch to keep some part of a cached page dynamic, requires a cache plugin. Unfortunately, we have no plan to develop plugin for Concrete5 due to its popularity.

which shopping cart are you using? If a cache plugin is available for that platform, you can try the plugin.

You can enable lscache, your wordpress front page takes too much time to generate dynamically. https://wordpress.org/plugins/litespeed-cache/

You can do it with mod_security rule, it is a little slower. but can be flexible. We have dedicate WordPress brute force protection feature. https://blog.litespeedtech.com/2017/12/20/wpw-brute-force-attack-protection/

Yes, you can use mod_bw style config, https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:config:vhost-level_bw_throttling plus "MaxConnPerClient <limit_for_connections>" to configure the maximum concurrent connections from one IP.

that's possible. It was on the to-do list as an feature enhancement.

drwx------ 5 corstocart corstocart 4096 Feb 4 23:43 corstocart only user corstocart can access . need to update permission to allow nobody user access that directory, Are you using any control panel.

If the redirect is done with rewrite rule. just disable the rewrite rule. If the redirect is from PHP code, then you need to fix PHP code. If you want to have different vhost for HTTP and HTTPS, just create another one for HTTPS with "_https" in the vhost name, then bind to the HTTPS listener...