Announcing:
LiteSpeed Web Server v5.4.2
In this release: Added multiple new features, bug fixes, and more!
RELEASE LOG:
[New Feature] Updated QUIC implementation to support IETF HTTP/3 draft 23.
[New Feature] BBR congestion control for QUIC and HTTP/3.
[New Feature] "Require env XXXX" access control support.
[New Feature] User/Account level bandwidth throttling for Redis dynamic virtual hosting.
[Improvement] Further HTTPS SSL layer performance tuning.
[Improvement] Automatically restart running PHP processes when PHP binary changes are detected.
[Improvement] Automatically convert ea-phpXX handler configuration into a phpXX handler when an ea-php handler is not available.
[Improvement] Improved AIO access logging to minimize disk I/O.
[Improvement] Avoid reCAPTCHA verification on AJAX requests to minimize false positives.
[Improvement] Built-in error and reCAPTCHA verification pages are now responsive.
[Improvement] Remove '[' ']' enclosure for IPv6 addresses in the access log and request environment variable 'REMOTE_ADDR'.
[Improvement] Reduced memory usage to improve server scalability.
[Improvement] Improved accuracy of server real-time statistics.
[Improvement] Enable SSL SHM session cache for Apache HTTPS vhost when server level SSH session cache is enabled.
[Improvement] Disable TLSv1.0 by default for better PCI compliance.
[Improvement] Automatically disable HTTP/2, SPDY, and QUIC for CSF messenger vhosts on port 8887.
[Improvement] Added ""SmartPush no-cookie"" directive to disable cookies used for HTTP/2 and QUIC smart push.
[Improvement] Added lsws/logs/critical_alert log file for writing common license errors that could cause LSWS to stop working.
[Improvement] Improved compatibility with CloudLinux python selector.
[Improvement] Improved modsecurity engine compatibility.
[Improvement] Send ""Alt-Svc"" header advertising QUIC and HTTP/3 support only once per connection.
[Bug Fix] Fixed WordPress brute force protection bugs that were causing false positives and crashes.
[Bug Fix] Fixed a bug causing HTTP/2 requests to stall under rare conditions.
[Bug Fix] Fixed a bug causing broken non-keepalive HTTPS responses.
[Bug Fix] Fixed a Layer4 tunnel bug that caused random crashes.
[Bug Fix] Fixed Apache sometimes starting inside the lshttpd cgroup when switching from LSWS to Apache.
[Bug Fix] Fixed all LSPHP processes not being stopped when switching from LSWS to Apache.
[Bug Fix] Fixed an .htaccess cache bug that caused the server's default PHP handler to be used instead of configured per-vhost suEXEC handlers.
[Bug Fix] Per Apache vhost PHP 7.4 handler now runs in suEXEC mode.
https://www.litespeedtech.com/products/litespeed-web-server/release-log
Please remember, there may be some delay between this announcement and the ability to auto-update. If you don't want to wait, you can update manually via the following command:
Cheers!
LiteSpeed Web Server v5.4.2
In this release: Added multiple new features, bug fixes, and more!
RELEASE LOG:
[New Feature] Updated QUIC implementation to support IETF HTTP/3 draft 23.
[New Feature] BBR congestion control for QUIC and HTTP/3.
[New Feature] "Require env XXXX" access control support.
[New Feature] User/Account level bandwidth throttling for Redis dynamic virtual hosting.
[Improvement] Further HTTPS SSL layer performance tuning.
[Improvement] Automatically restart running PHP processes when PHP binary changes are detected.
[Improvement] Automatically convert ea-phpXX handler configuration into a phpXX handler when an ea-php handler is not available.
[Improvement] Improved AIO access logging to minimize disk I/O.
[Improvement] Avoid reCAPTCHA verification on AJAX requests to minimize false positives.
[Improvement] Built-in error and reCAPTCHA verification pages are now responsive.
[Improvement] Remove '[' ']' enclosure for IPv6 addresses in the access log and request environment variable 'REMOTE_ADDR'.
[Improvement] Reduced memory usage to improve server scalability.
[Improvement] Improved accuracy of server real-time statistics.
[Improvement] Enable SSL SHM session cache for Apache HTTPS vhost when server level SSH session cache is enabled.
[Improvement] Disable TLSv1.0 by default for better PCI compliance.
[Improvement] Automatically disable HTTP/2, SPDY, and QUIC for CSF messenger vhosts on port 8887.
[Improvement] Added ""SmartPush no-cookie"" directive to disable cookies used for HTTP/2 and QUIC smart push.
[Improvement] Added lsws/logs/critical_alert log file for writing common license errors that could cause LSWS to stop working.
[Improvement] Improved compatibility with CloudLinux python selector.
[Improvement] Improved modsecurity engine compatibility.
[Improvement] Send ""Alt-Svc"" header advertising QUIC and HTTP/3 support only once per connection.
[Bug Fix] Fixed WordPress brute force protection bugs that were causing false positives and crashes.
[Bug Fix] Fixed a bug causing HTTP/2 requests to stall under rare conditions.
[Bug Fix] Fixed a bug causing broken non-keepalive HTTPS responses.
[Bug Fix] Fixed a Layer4 tunnel bug that caused random crashes.
[Bug Fix] Fixed Apache sometimes starting inside the lshttpd cgroup when switching from LSWS to Apache.
[Bug Fix] Fixed all LSPHP processes not being stopped when switching from LSWS to Apache.
[Bug Fix] Fixed an .htaccess cache bug that caused the server's default PHP handler to be used instead of configured per-vhost suEXEC handlers.
[Bug Fix] Per Apache vhost PHP 7.4 handler now runs in suEXEC mode.
https://www.litespeedtech.com/products/litespeed-web-server/release-log
Please remember, there may be some delay between this announcement and the ability to auto-update. If you don't want to wait, you can update manually via the following command:
/usr/local/lsws/admin/misc/lsup.sh -f -v 5.4.2
Cheers!