LiteSpeed Web Server Users' Manual
Version 4.2 Rev. 5
Server General
General settings for the whole server. When path information is required in a setting, it can be either absolute or relative to $SERVER_ROOT. $SERVER_ROOT is the location where LiteSpeed web server has been installed (your_home_dir/lsws or /opt/lsws, for example). The server executable is under $SERVER_ROOT/bin.
Table of Contents
Server Name | Running As | Priority | Chroot Path | Enable chroot | Cloud-Linux | Max I/O Buffer Size | Swapping Directory | Auto Restart | Auto Fix 503 Error | Graceful Restart Timeout |
MIME Settings | Suffixes | MIME Type | Disable Initial Log Rotation | Server Signature | Hide Error Page Signature | Enable IP Geolocation | Use Client IP in Header | External Application Abort | Check For Update | Download Updates | Administrator Email |
File Name | Log Level | Debug Level | Rolling Size | Enable stderr Log |
File Name | Piped Logger | Log Format | Log Headers | Rolling Size | Keep Days | Compress Archive |
Load Apache Configuration | Auto Reload On Changes | Apache Binary Path | Apache Configuration File | Apache Port Offset | Apache IP Offset | Apache Handled Content | Ignore Apache Modules | Just In Time Configuration | PHP suEXEC | PHP suEXEC Max Conn | Enable FrontPage Extension | Apache Environment Variables |
Running As  |
| Description: Specifies the user/group that the server process runs as. This value was set during installation. To change it, you have to download the installation package and perform an upgrade via command line. |
| Apply: Reinstall required. |
| Tips: [Security] Server should not run as a privileged user such as "root". It is critical that the server is configured to run with a un-privileged user/group combination that does not have login/shell access. A user/group of nobody is generally a good choice. |
Priority |
| Description: Specifies priority of the server processes. Value ranges from -20 to 20. A lower number means higher priority. |
| Syntax: Integer number |
| Tips: [Performance] Usually, higher priority leads to slightly higher web performance on a busy server. Do not set priority higher than that of database processes. |
| See Also: External App Priority, CGI Priority |
Chroot Path |
| Description: Enterprise Edition Only Specifies the directory where the chroot environment is rooted. Only "root" user can run the web server in chroot mode. Whether to run in chroot mode is controlled by Enable chroot option. The installer program will set up the initial chroot environment automatically. This entry is read-only, and if you want to change it, please run the installer again from the command line. In the chroot environment, the web server and its child processes cannot access file systems outside of the chroot jail. Chroot is an advanced security feature and additional administration may be required to make it work properly. All required executables, libraries, configuration files, and device files should be recreated within the chroot jail. As the root directory is changed, you need to pay special attention to path configuration when an absolute path is used. A Unix domain socket or swapping directory is always relative to the new root directory. All other path configurations are always relative to the real root. |
| Apply: Reinstall required. |
| Tips: [security] Use chroot for better security. |
Enable chroot |
| Description: Enterprise Edition Only Specifies whether to start the web server in chroot mode. The new root directory is set by Chroot Path during installation. |
| Syntax: Select from radio box |
Cloud-Linux |
| Description: Specifies whether to enable CloudLinux's Lightweight Virtual Environment (LVE) when it exists. You can use LiteSpeed with LVE to achieve better resource management. For more information, please check http://www.cloudlinux.com. |
| Syntax: Select from drop down list |
Max I/O Buffer Size |
| Description: Specifies the maximum buffer size that is used to store a request body and its dynamically generated response. When this limit is reached, the server will start to create temporary swapping files under Swapping Directory. |
| Syntax: Integer number |
| Tips: [Performance] Set the buffer size large enough to accommodate all concurrent requests/replies to avoid memory to disk swapping. If there is frequent I/O activity to the swap directoy, by default /tmp/lshttpd/swap/, this buffer size is too low and LiteSpeed is swapping to disk. |
| See Also: Swapping Directory |
Swapping Directory |
| Description: Specifies the directory where the swapping files should be placed. When the server started in chroot mode, it is relative to the new root directory, otherwise it is relative to the real root. LiteSpeed web server uses its own virtual memory to reduce the system memory usage. Virtual memory and disk swapping is used to store big request bodies and dynamically generated responses. The swapping directory should be placed on a disk with enough space. |
| Syntax: Absolute path. |
| Tips: [Performance] Place the swapping directory on a separate disk or increase Max I/O Buffer Size to eliminate swapping. |
| See Also: Max I/O Buffer Size |
Auto Restart |
| Description: Enables service auto-recovery, automatically recreating a new server process when the current server exits abnormally. When this option is enabled, there will be two instances of server process "lshttpd". The parent process monitors the child process and will create a new child process if the current one exits abnormally. However, if the current child process exits normally, the parent process will exit as well. You can use the shell command lswsctrl stop or directly kill the child process, and the parent process will exit assuming that you do want to shut down the server. If the server is started by a super user, the child process will change its ownership based on Running As configuration, but the parent process will not change its user/group. |
| Syntax: Select from radio box |
| Tips: [Security] The parent process' only job is to monitor the child. It does not interact with the outside world, and therefore is safe to execute as a super user. [Reliability] This feature should always be enabled for an extra layer of protection against service down time. |
Auto Fix 503 Error |
| Description: Specifies whether to try to fix the "503 Service Unavailable" error by restarting the web server gracefully. A "503" error is usually caused by malfunctioning external applications and a web server restart can often fix the error temporarily. If enabled, the server will restart automatically whenever there are more than 30 "503" errors within a 30 seconds span. This feature is enabled by default. |
| Syntax: Select from radio box |
Graceful Restart Timeout |
| Description: During a graceful restart, even after the new server instance is up, the old instance will continue to handle existing requests. This timeout defines how long the previous instance shall wait before exit. Default value is 300 seconds. -1 means wait forever. 0 means no wait and abort immediately. |
| Syntax: int |
MIME Settings |
| Description: Specifies the file that contains the MIME settings for this server. It is always relative to the real root when an absolute path is given in chroot mode. Click on the file name to view/edit the detailed MIME entries. |
| Syntax: File name which can be an absolute path or relative to $SERVER_ROOT. |
| Tips: Click the file name to edit the MIME settings. |
Suffixes |
| Description: You can list multiple suffixes for the same MIME type, using comma to separate. |
Disable Initial Log Rotation |
| Description: Specifies whether to disable rotation of server error log file at startup. Initial log rotation is enabled by default for standard installations. Servers using cPanel, however, always write to the Apache error log and thus ignore this setting. |
| Syntax: Select from radio box |
Server Signature |
| Description: Specifies whether to show the server signature and version number in the response header Server value. There are three options: When set to Hide Version, only LiteSpeed is shown. When set to Show Version, the LiteSpeed and the version number are shown. Enterprise Edition Only When set to Hide Full Header, the whole Server header will not be shown in the response header. |
| Syntax: Select from radio box |
| Tips: [Security] Set to Hide Version if you do not wish to expose the server version number. |
Hide Error Page Signature |
Description: Specifies whether or not to show the lines Powered By LiteSpeed Web Server.on your default error pages. |
| Syntax: Select from radio box |
Enable IP Geolocation |
| Description: Enterprise Edition Only Specifies whether to enable IP geolocation lookup. It can be set at server-, virtual host-, or context-level. |
| Syntax: Select from radio box |
| See Also: Use Client IP in Header, DB File Path, DB Cache Type |
Use Client IP in Header |
| Description: Specifies whether to use the IP address listed in the X-Forwarded-For HTTP request header for all IP address-related features, including connection/bandwidth throttling, access control, and IP geolocation. This feature is useful if your web server is behind a load balancer or a proxy server. If you select "Trusted IP Only", then X-Forwarded-For IP will be used only when the request is coming from trusted IPs defined in the server-level Allowed List. |
| Syntax: Select from drop down list |
External Application Abort |
| Description: When a client breaks a connection with the server, LiteSpeed Web Server can automatically abort external application processes generating responses for that client. Some users, however, may have (long-running) processes that they wish to continue running whether or not the client is still connected. There are three options for this:
|
| Syntax: Select from drop down list |
Check For Update |
| Description: Specifies how often the update agent will check for a new product release. Options are "Daily", "Weekly", or "Monthly". |
| Syntax: Select from drop down list |
Download Updates |
| Description: Specifies whether to auto-download a new product release package file when available. If a new package has been successfully downloaded, an online one-click upgrade can be performed via the WebAdmin console under Service Manager - Version Management. |
| Syntax: Select from drop down list |
Administrator Email |
| Description: Specifies the server administrator's email address(es). If specified, administrators will be notified by email of important events (for example, when the LiteSpeed service is restarted automatically due to crash detection or when license is expiring). |
| Syntax: Comma delimited list of email address. |
| Tips: Email alert feature will only work if the server has an active MX server such as postfix, exim, or sendmail. |
Index Files |
| Description: Specifies names of index files that will be searched sequentially when a URL is mapped to a directory. You can customize it at the server, virtual host, and context level. |
| Syntax: Comma delimited list of index file names. |
| Tips: [Performance] Only set index files that you need. |
Auto Index |
| Description: Specifies whether to generate a directory index on the fly when index files listed in Index Files are not available in a directory. This option is customizable at the virtual host and context level, and is inherited along the directory tree until it is explicitly overridden. You can customize the generated index page. Please check online wiki How-tos. |
| Syntax: Select from radio box |
| Tips: [Security] It is recommended to turn off Auto Index wherever possible to prevent revealing confidential data. |
| See Also: Index Files, Auto Index URI |
Auto Index URI |
| Description: Specifies the URI that will be used to generate the index page when index files listed in Index Files are not available in a directory. LiteSpeed web server uses an external script to generate the index page providing the maximum customization flexibility. The default script produces an index page with same look as Apache's. To customize the generated index page, please read online wiki How-tos. The directory to be indexed is passed to the script via an environment variable "LS_AI_PATH". |
| Syntax: URI |
| See Also: Index Files, Auto Index |
HT Access |
Description: The following directives are supported in a directory level access control file (.htaccess file).
|
Allow Override |
Description: Specifies what directives in an access control file are allowed. An access control file can be placed in a directory to control the accessibility of files under that directory.
Allow Override configuration is available at three levels: server, virtual host and context. If a configuration is not checked at the server level, the controlled directives will be disabled for the whole server whether or not it is enabled at lower levels. If something is enabled at the server level, virtual hosts will inherit same settings by default. Similarly context level settings will be inherited from virtual host settings. Lower levels can disable a setting that is enabled at an upper level, but cannot enable a setting that is disabled at an upper level. |
| Syntax: Select from checkbox |
| Tips: [Performance] If there is no need for directory level configuration customization, check None. |
Access File Name |
| Description: Specifies the name of access control files. These files will be used only if Allow Override is enabled. Default name is .htaccess. You can configure this at server level and virtual host level. Server level is the default setting, and you can override it at virtual host level. |
| Syntax: File name with ".". |
| See Also: Allow Override |
File Name |
| Description: Specifies the path for the log file. |
| Syntax: File name which can be an absolute path or relative to $SERVER_ROOT. |
| Tips: [Performance] Place the log file on a separate disk. |
Log Level |
| Description: Specifies the level of logging to include in your log file. Available levels (from high to low) are: ERROR, WARNING, NOTICE, INFO and DEBUG. Only messages with level higher or equal to the current setting will be logged. |
| Syntax: Select from drop down list |
| Tips: [Performance] Using DEBUG log level does not have any performance impact, unless Debug Level is set to a level other than NONE. It's recommended to set Log Level to DEBUG and Debug Level to NONE. These settings mean that you will not fill up your hard disk with debug logging, but you will be able to use the Toggle Debug Logging action to control debug output. This action can turn debug logging on and off on the fly, and is useful for debugging busy production servers. |
| See Also: Debug Level |
Debug Level |
| Description: Specifies the level of debug logging. Log Level must be set to DEBUG to use this feature. Debug logging is disabled when "Debug Level" is set to NONE even if Log Level is set to DEBUG. Toggle Debug Logging can be used to control debug level on a live server without restarting. |
| Syntax: Select from drop down list |
| Tips: [Performance] Important! Always set this to NONE if you do not need detailed debug logging. Active debug logging will severely degrade service performance and potentially saturate disk space in a very short time. Debug logging includes detailed information for each request and response. It's recommended to set Log Level to DEBUG and Debug Level to NONE. These settings mean that you will not fill up your hard disk with debug logging, but you will be able to use the Toggle Debug Logging action to control debug output. This action can turn debug logging on and off on the fly, and is useful for debugging busy production servers. |
| See Also: Log Level, Toggle Debug Logging |
Rolling Size |
| Description: Specifies when the current log file needs to be rolled over, also known as log rotation. When the file size is over the rollover limit, the active log file will be renamed to log_name.mm_dd_yyyy(.sequence) in the same directory and a new active log file will be created. The actual size of the rotated log file once it is created will sometimes be a little bigger than this size limit. Set to 0 to disable log rotation. |
| Syntax: Integer number |
| Tips: Append "K", "M", "G" to the number for kilo-, mega- and giga- bytes. |
Enable stderr Log |
| Description: Specifies whether to write to log when receiving stderr output from any process started by the server. If enabled, stderr messages will be logged in the same directory as the server log with the fixed name "stderr.log". If disabled, all stderr output will be discarded. |
| Syntax: Select from radio box |
| Tips: Turn it on if you need to debug configured external applications: i.e. PHP, Ruby, Java, Python, Perl. |
File Name |
| Description: Specifies the file name of the access log file. |
| Syntax: File name which can be an absolute path or relative to $SERVER_ROOT. |
| Tips: [Performance] Put access log file on a separate disk. |
Piped Logger |
| Description: Specifies the external application that will receive the access log data sent by LiteSpeed through a pipe on its STDIN stream (file handle is 0). When this field is specified, the access log will be sent only to the logger application and not the access log file specified in previous entry. The logger application must be defined in External Application section first. Server-level access logging can only use an external logger application defined at the server level. Virtual host-level access logging can only use a logger application defined at the virtual host level. The logger process is spawned in the same way as other external (CGI/FastCGI/LSAPI) processes. This means it will execute as the user ID specified in the virtual host's ExtApp Set UID Mode settings and will never run on behalf of a privileged user. LiteSpeed web server performs simple load balancing among multiple logger applications if more than one instance of a logger application is configured. LiteSpeed server always attempts to keep the number of logger applications as low as possible. Only when one logger application fails to process access log entries in time will the server attempt to spawn another instance of the logger application. If a logger crashes, the web server will start another instance but the log data in the stream buffer will be lost. It is possible to lose log data if external loggers cannot keep up with the speed and volume of the log stream. |
| Syntax: Select from drop down list |
Log Format |
| Description: Enterprise Edition Only Specifies the log format for the access log. When log format is set, it will override the Log Headers setting. |
| Syntax: String. The syntax of log format is compatible with Apache 2.0's custom log format. |
| Example: Common Log Format (CLF) "%h %l %u %t \"%r\" %>s %b" Common Log Format with Virtual Host "%v %h %l %u %t \"%r\" %>s %b" NCSA extended/combined log format "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\" Log cookie value of Foobar "%{Foobar}C" |
| See Also: Log Headers |
Log Headers |
| Description: Specifies whether to log HTTP request headers: Referer, UserAgent, and Host. |
| Syntax: Select from checkbox |
| Tips: [Performance] Turn this off if you do not need these headers in the access log. |
| See Also: Log Format |
Keep Days |
| Description: Specifies how many days the access log file will be kept on disk. Only rotated log files older than specified number of days will be deleted. The current log file will not be touched regardless how many days' data it contains. If you do not want to auto-delete stale and very old log files, set this value to 0. |
| Syntax: Integer number |
Compress Archive |
| Description: Specifies whether to compress rotated log files in order to save disk space. |
| Syntax: Select from radio box |
| Tips: Log files are highly compressible and this is recommended to reduce disk usage for old logs. |
Enable Expires |
| Description: Specifies whether to generate an Expires header for static files. If enabled, an Expires header will be generated based on Expires Default and Expires By Type. This can be set at server, virtual host and context level. Lower level settings will override higher level ones, i.e. context settings will override virtual host settings and virtual host settings will override server settings. |
| Syntax: Select from radio box |
Expires Default |
| Description: Specifies default settings for Expires header generation. This setting takes effect when Enable Expires is set to "Yes". It can be overridden by Expires By Type. Do not set this default at the server or virtual host level unless you have to, since it will generate Expires headers for all pages. Most of time this should be set at the context level for certain directories that do not change often. If there is no default setting, no Expires header will be generated for types not specified in Expires By Type. |
| Syntax: A|Mseconds The file will expire after base time(A|M) plus specified seconds. Base time "A" sets the value to the client's access time and "M" to the file's last modified time. |
Expires By Type |
| Description: Specifies Expires header settings for individual MIME types. |
| Syntax: Comma delimited list of "MIME-type=A|Mseconds". The file will expire after base time (A|M) plus specified seconds. Base time "A" sets the value to the client's access time and "M" to the file's last modified time. MIME-type accepts wildcard "*", like image/*. |
IP to Geolocation DB |
| Description: Enterprise Edition Only Multiple MaxMind geolocation databases can be specified here. MaxMind has the following type of DBs: Country, Region, City, Organization, ISP and Netspeed. If multiple databases of types "Country", "Region", and "City" are configured, the last one will be effective. |
DB File Path |
| Description: Enterprise Edition Only Specifies the path to MaxMind GeoIP database. |
| Syntax: file path |
DB Cache Type |
| Description: Enterprise Edition Only Specifies what kind of cache mode should be used. Cache modes are: Standard, MemoryCache, CheckCache and IndexCache. MemoryCache is recommended and is the default. |
| Syntax: Select from drop down list |
Load Apache Configuration |
| Description: Specifies whether LiteSpeed will read and use a Apache configuration file to configure the web server. Native configurations will have higher priority when there is conflict between LiteSpeed internal and Apache-based configurations. |
| Syntax: Select from radio box |
Auto Reload On Changes |
| Description: Specifies how to apply Apache configuration changes. When set to "Yes", LSWS will perform a graceful restart whenever the Apache configuration file has been modified. This may cause LSWS to restart multiple times when updating Apache configurations. A better solution (introduced in version 3.3.8) is "Use Apache binary wrapper". This will replace Apache httpd binary with a wrapper script. Whenever Apache is requested to start/stop/restart, the script will tell LSWS to take corresponding action. Apache Binary Path must be set to use this setting. Default is "No" for standard installations. For cPanel servers, the default is "Use Apache binary wrapper". ("Override cPanel restart HTTPD script" is an optional workaround that should only be used if the option "Use Apache binary wrapper" is having problems.) For other control panels default is "Yes". |
| Syntax: Select from radio box |
| See Also: Apache Binary Path |
Apache Binary Path |
| Description: Specifies the location of the Apache binary. Usually, it is located at /usr/local/apache/bin/httpd or /usr/local/apache2/bin/httpd, etc. This option must be set when "Use Apache binary wrapper" is used for Auto Reload On Changes. |
| See Also: Auto Reload On Changes |
Apache Configuration File |
| Description: Specifies the location of Apache configuration file. Usually, it is located at /usr/local/apache/conf/httpd.conf or /etc/httpd/conf/httpd.conf. |
Apache Port Offset |
| Description: Specifies an offset to be added to listening TCP ports specified in the Apache configuration file. In the testing phase, this allows LiteSpeed to run alongside Apache on a different port instead of switching back and forth between LiteSpeed and Apache on a production server. If set to 0 or not set, LiteSpeed will use the ports specified in the Apache configuration file. When testing, make this setting a non-zero value. LiteSpeed will then add this offset value to the port specified in the Apache configuration and use this port. After confirming that everything works properly, you can stop Apache, set this option back to 0, and restart LiteSpeed. |
Apache IP Offset |
| Description: Specifies an offset to be added to listening IP address specified in the Apache configuration file. This allows LiteSpeed to run alongside Apache in the testing phase instead of switching back and forth between LiteSpeed and Apache on a production server. The calculated IP address has to be available on this server. |
| Syntax: The offset should be set as an integer (allow negative number), not an IP address. Adding "256" will add 1 to the value of the C class subnet. This option only works with IPv4 address. |
Apache Handled Content |
| Description: Specifies resources to be passed to and processed by Apache on the backend. This feature requires running Apache parallel to LiteSpeed on either another IP or a different port, so either "Apache Port Offset" or "Apache IP Offset" should be set to a non-zero value. |
| Syntax: Resources are specified by a comma delimited list of URI, file suffixes, or regular expressions. A URI starts with "/"; a suffix starts with ".", a regular expression starts with "exp:". For example: "/svn/, .shtml" lets Apache handle requests with a URI starting with "/svn/" or ending with ".shtml". The same effect can be achieved with the regular expression "exp:^/svn/, exp:\.shtml$". |
Ignore Apache Modules |
| Description: Specifies a list of Apache modules that should be ignored by LiteSpeed while parsing the Apache configuration file. LiteSpeed will treat the listed modules as unsupported. Configuration directives enclosed in <IfModule ...> ... </IfModule> will also be ignored. |
| Syntax: comma delimited list of module names |
Just In Time Configuration |
| Description: With just in time configuration, the web server only finalizes vhost configurations when that virtual host is accessed for the first time, instead of loading all configurations at start up. This allows the web server to save memory and speed up server start up. |
| Syntax: Select from radio box |
PHP suEXEC |
| Description: Specifies whether to run PHP script in suEXEC mode when "user" and "group" are specified for a virtual host. When set to Yes, PHP scripts will be executed under the user (and group unless Force GID is set) specified. When set to User's Home Directory Only, scripts outside a user's home directory will run as the global user/group that the web server run as. When using DirectAdmin, User's Home Directory Only is recommended. Default is No. |
| Syntax: Select from radio box |
| See Also: Force GID |
PHP suEXEC Max Conn |
| Description: Specifies the maximum number of concurrent PHP processes each user will have access to when running PHP scripts in suEXEC mode. This is the maximum number of PHP processes each user can run. Default value is 5. |
| Syntax: Integer number |
Enable FrontPage Extension |
| Description: Specifies whether to explicitly enable Microsoft Front Page Server Extension or not. Usually, LSWS will enable it when module "frontpage" has been loaded in Apache httpd.conf. However, when mod_frontpage is statically linked into the Apache binary, configuration for the FrontPage module is not in httpd.conf, and you need to enable it explicitly here. Default is "disabled". |
| Syntax: Select from radio box |
Apache Environment Variables |
| Description: For shell environment variables used inside the Apache configuration file, LSWS will replace "${ENVVAR}" with the values set here. If the ENVVAR variable is not set here, "${ENVVAR}" occurrences are left unchanged. |
| Syntax: Name and value pairs, one pair per line in the form of ENV=VALUE |
| See Also: Apache Env Syntax reference |
Apache Style Configurations |
| Description: Specifies Apache configuration directives (supported by LiteSpeed) that you want to use in LiteSpeed native configuration file. For example, to override the default PHP configurations (php.ini entries) the server will need four directives: "php_value", "php_flag", "php_admin_value" and "php_admin_flag". |
| Syntax: Same as Apache configuration file. |