this is after Starting DEBUG
2011-03-04 15:42:07.782 [NOTICE] [727] Loading LiteSpeed/4.0.20 Standard ...
2011-03-04 15:42:07.819 [DEBUG] Daemonized!
2011-03-04 15:42:07.844 [NOTICE] [ADMIN] server socket: uds://usr/local/lsws/admin/tmp/admin.sock.7050
2011-03-04 15:42:07.844 [NOTICE] Loading configuration from /usr/local/lsws/conf/httpd_config.xml ...
2011-03-04 15:42:07.848 [INFO] old priority: 0, new priority: -19
2011-03-04 15:42:07.848 [INFO] [config:server:basic] For better obscurity, server version number is hidden in the response header.
2011-03-04 15:42:07.886 [INFO] Start listen socket [/usr/local/lsws/admin/cgid/cgid.sock].
2011-03-04 15:42:07.903 [NOTICE] [PID: 731]: start cgid: 733, /usr/local/lsws/bin/httpd
2011-03-04 15:42:07.904 [DEBUG] [config:server:security:secfilter:XSS attack:1] processing direcitve: SecFilterSignatureAction "log,deny,status:403,msg:'XSS attack'".
2011-03-04 15:42:07.905 [DEBUG] [config:server:security:secfilter:XSS attack:2] processing direcitve: SecFilterSelective ARGS "(alert|expression|eval|url)[[:space:]]*\(".
2011-03-04 15:42:07.916 [DEBUG] [config:server:security:secfilter:XSS attack:3] processing direcitve: SecFilterSelective ARGS "(&\{.+\}|(&#[[0-9a-fA-F]]|\x5cx[0-9a-fA-F]){2})".
2011-03-04 15:42:07.916 [DEBUG] [config:server:security:secfilter:XSS attack:5] processing direcitve: SecFilterSelective ARGS "((javascript|vbscript):|style[[:space:]]*=)".
2011-03-04 15:42:07.916 [DEBUG] [config:server:security:secfilter:XSS attack:6] processing direcitve: SecFilterSelective ARGS "(fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->)".
2011-03-04 15:42:07.916 [DEBUG] [config:server:security:secfilter:XSS attack:7] processing direcitve: SecFilterSelective ARGS "document\.(body|cookie|location|write)".
2011-03-04 15:42:07.916 [DEBUG] [config:server:security:secfilter:XSS attack:9] processing direcitve: SecFilterSelective ARGS_VALUES "jsessionid|phpsessid|onReadyStateChange|xmlHttp".
2011-03-04 15:42:07.916 [DEBUG] [config:server:security:secfilter:XSS attack:11] processing direcitve: SecFilterSelective ARGS "<(applet|div|embed|iframe|img|meta|object|script|textarea)".
2011-03-04 15:42:07.917 [DEBUG] [config:server:security:secfilter:XSS attack:14] processing direcitve: SecFilterSelective ARGS "on(Abort|Blur|Click|DblClick|DragDrop|Error|Focus|KeyUp|KeyDown|KeyPrerss|Load|Mouse(Down|Out|Over|Up)|Move|Reset|Resize|Select|Submit|Unload)".
2011-03-04 15:42:07.917 [DEBUG] [config:server:security:secfilter:SQL injection:1] processing direcitve: SecFilterSignatureAction "log,pass,msg:'SQL Injection attack'".
2011-03-04 15:42:07.917 [DEBUG] [config:server:security:secfilter:SQL injection:3] processing direcitve: SecFilterSelective ARGS "drop[[:space:]]+(database|table|column|procedure)".
2011-03-04 15:42:07.917 [DEBUG] [config:server:security:secfilter:SQL injection:4] processing direcitve: SecFilterSelective ARGS "delete[[:space:]]+from|create[[:space:]]+table|update.+set.+=|insert[[:space:]]+into.+values".
2011-03-04 15:42:07.917 [DEBUG] [config:server:security:secfilter:SQL injection:5] processing direcitve: SecFilterSelective ARGS "select.+from|bulk[[:space:]]+insert|union.+select|alter[[:space:]]+table".
2011-03-04 15:42:07.917 [DEBUG] [config:server:security:secfilter:SQL injection:6] processing direcitve: SecFilterSelective ARGS "or.+1[[:space:]]*=[[:space:]]1|or 1=1--'|'.+--".
2011-03-04 15:42:07.917 [DEBUG] [config:server:security:secfilter:SQL injection:8] processing direcitve: SecFilterSelective ARGS "into[[:space:]]+outfile|load[[:space:]]+data|/\*.+\*/".
2011-03-04 15:42:07.921 [DEBUG] Created new Listener [adminListener].
2011-03-04 15:42:07.921 [DEBUG] Created new Listener [Default].
2011-03-04 15:42:07.921 [NOTICE] The maximum number of file descriptor limit is set to 4096.
2011-03-04 15:42:07.943 [DEBUG] [config:admin:1] processing direcitve: php_admin_value expose_php 0.
2011-03-04 15:42:07.943 [DEBUG] [config:admin:1] add PHP config: expose_php 0
2011-03-04 15:42:07.943 [DEBUG] [config:admin:2] processing direcitve: php_admin_flag allow_url_fopen On.
2011-03-04 15:42:07.943 [DEBUG] [config:admin:2] add PHP config: allow_url_fopen On
2011-03-04 15:42:07.944 [DEBUG] [config:admin:3] processing direcitve: php_admin_value session.save_path '/usr/local/lsws//admin/tmp'.
2011-03-04 15:42:07.944 [DEBUG] [config:admin:3] add PHP config: session.save_path '/usr/local/lsws//admin/tmp'
2011-03-04 15:42:07.955 [DEBUG] Associates [_AdminVHost] with [*:7080] on hostname/IP [*] succeed!
2011-03-04 15:42:08.026 [DEBUG] Associates [dev.grunt.com] with [*:80] on hostname/IP [dev.grunt.com] succeed!
2011-03-04 15:42:08.029 [NOTICE] litespeed (731) is ready
2011-03-04 15:42:08.030 [DEBUG] [AutoRestarter] prepare to fork new child process to handle request!
2011-03-04 15:42:08.034 [NOTICE] [AutoRestarter] new child process with pid=735 is forked!
2011-03-04 15:42:08.052 [DEBUG] try to give up super user privilege!
2011-03-04 15:42:08.052 [NOTICE] [child: 735] Successfully change current user to nobody
2011-03-04 15:42:08.053 [NOTICE] [Child: 735] Core dump is enabled.
2011-03-04 15:42:08.053 [NOTICE] [Child: 735] Setup swapping space...
2011-03-04 15:42:08.054 [NOTICE] [Child: 735] LiteSpeed/4.0.20 Standard starts successfully!
2011-03-04 15:42:09.117 [NOTICE] [AutoUpdate] Checking for new releases..., pid=756
2011-03-04 15:42:09.263 [INFO] [AutoUpdate] No new update.
2011-03-04 15:42:12.220 [NOTICE] Start to clean up cache directory, pid=757
2011-03-04 15:48:46.215 [NOTICE] [192.168.1.44:62929-0#_AdminVHost] Content len: 0, Request line: 'GET /login.php?logoff=1 HTTP/1.1'
2011-03-04 15:48:46.223 [INFO] [192.168.1.44:62929-0#_AdminVHost] Cookie len: 602, __utma=217057728.671012469.1277901155.1299246709.1299251092.166; __utmz=217057728.1295379173.102.8.utmcsr=mcafeesecure.com|utmccn=(referral)|utmcmd=referral|utmcct=/customer/SecurityVuln.sa; COMMERCE_SITE_PreviousCatalogPage=http://usmcshop.grunt.com:80/Browse.aspx?Catalog=Marines&Category=Headgear; __utma=262649241.1586401583.1283364408.1284755517.1288106981.8; exp_last_visit=1284057478; exp_last_activity=1284061409; GRUNT_Identity={e0ed3596-a5bf-4b92-b0a9-0f44a5255ae7}; __utmc=217057728; LSWSWEBUI=db1e94ead822ce5a1554e4270664abab; lsws_uid=anuUyNfcmQU%3D; lsws_pass=nqzussAPwoR05DN4xad6hg%3D%3D
2011-03-04 15:48:46.225 [DEBUG] [UDS://tmp/lshttpd/admin_php.sock] create new connection succeed!
2011-03-04 15:48:46.225 [DEBUG] [UDS://tmp/lshttpd/admin_php.sock] request [192.168.1.44:62929-0#_AdminVHost:lsapi] is assigned with connection!
2011-03-04 15:48:46.225 [INFO] Start listen socket [/tmp/lshttpd/admin_php.sock].
2011-03-04 15:48:46.291 [INFO] [AdminPHP] pid list size: 1
2011-03-04 15:48:46.291 [INFO] [AdminPHP] add child process pid: 1659
2011-03-04 15:48:46.987 [DEBUG] [UDS://tmp/lshttpd/admin_php.sock] add recycled connection to connection pool!
2011-03-04 15:48:48.101 [NOTICE] [192.168.1.44:62929-1#_AdminVHost] Content len: 0, Request line: 'GET /login.php?generateKeypair=true HTTP/1.1'
2011-03-04 15:48:48.102 [INFO] [192.168.1.44:62929-1#_AdminVHost] Cookie len: 493, __utma=217057728.671012469.1277901155.1299246709.1299251092.166; __utmz=217057728.1295379173.102.8.utmcsr=mcafeesecure.com|utmccn=(referral)|utmcmd=referral|utmcct=/customer/SecurityVuln.sa; COMMERCE_SITE_PreviousCatalogPage=http://usmcshop.grunt.com:80/Browse.aspx?Catalog=Marines&Category=Headgear; __utma=262649241.1586401583.1283364408.1284755517.1288106981.8; exp_last_visit=1284057478; exp_last_activity=1284061409; GRUNT_Identity={e0ed3596-a5bf-4b92-b0a9-0f44a5255ae7}; __utmc=217057728
2011-03-04 15:48:48.102 [DEBUG] [UDS://tmp/lshttpd/admin_php.sock] connection available!
2011-03-04 15:48:48.102 [DEBUG] [UDS://tmp/lshttpd/admin_php.sock] request [192.168.1.44:62929-1#_AdminVHost:lsapi] is assigned with connection!
2011-03-04 15:48:48.240 [DEBUG] [UDS://tmp/lshttpd/admin_php.sock] add recycled connection to connection pool!
2011-03-04 15:48:48.316 [NOTICE] [192.168.1.44:62929-2#_AdminVHost] Content len: 267, Request line: 'POST /login.php HTTP/1.1'