Introduction

Overview

LiteSpeed Web Server is an Apache-interchangeable, high performance, secure, easy-to-use web server. It can handle thousands of concurrent connections with a small memory footprint. Its security features also make it much less vulnerable to various attacks.

Basic Features

• HTTP/1.1

  • Chunked transfer encoding
  • Basic authentication (password file and LDAP backend)
  • Entity tag
  • Single and multiple ranges requests
  • Static/dynamic response compression (gzip)
  • Apache-compatible URL rewrite
  • Microsoft FrontPage Server Extensions 2002
  • IPv6 support
  • Apache mod_geoip compatible geotargeting support

• Dynamic Content Generation

  LiteSpeed Web Server supports the following dynamic content generation methods:

  • CGI/1.1 with suEXEC
  • Fast CGI with suEXEC
  • PHP with suEXEC through LiteSpeed PHP SAPI (top-of-the-line PHP performance with a mod_php equivalent feature set)
  • JSP/servlets (interface with AJP v1.3 compatible backend servlet engine)
  • Proxy (interface with any web server/application server that supports HTTP protocol)
  • Ruby on Rails with suEXEC through Ruby LSAPI module (best-in-class performance, easy deployment, supports dynamic spawning)

• Virtual Hosting

  • Supports IP-based and name-based virtual hosting
  • Virtual host templates make virtual hosting configuration easy
  • Compatible with popular hosting control panels like cPanel and Plesk.

• Per-Directory Configuration File Support (.htaccess)

  • Unlike other lightweight web servers, Apache-compatible per-directory configuration overrides are fully supported by LiteSpeed web Server. These .htacess files allow you (or your users) to change configurations for any directory under the document root on the fly. This is a must-have for shared hosting.
  • Using .htaccess in LiteSpeed Web Server will not degrade the server's performance. Compare that to Apache's 40% drop in performance when .htaccess files are used.

Security

LiteSpeed Web Server provides the following security features:

• SSL

  Supports SSLv3/TLSv1. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/)

• IP Level Throttling

  Network bandwidth and request rate for a single IP address can be limited regardless of the number of connections.

• Comprehensive Connection Accounting

  Comprehensive control of concurrent connections allowed from a single IP address.

• Request Filtering

  Apache mod_security compatible request filtering. Block known as well as potential attempts at SQL/script injection XSS attacks.

• Access Control

  Access control rules can be set at server, virtual host, and per-directory (context) levels.

• External Application Shield

  LiteSpeed Web Server shields CGI, Fast CGI and servlet engines from talking directly to web clients to ensure maximum reliability and performance.

• CGI Resources Consumption Limit

  LiteSpeed Web Server prevents bad CGI scripts from overloading the server by limiting the system resources CGI applications can consume.

• suEXEC and chroot CGI/Fast CGI

  LiteSpeed Web Server can run CGI scripts and Fast CGI applications in a chroot jail or a different user/group ID, minimizing possible damages from vulnerable scripts.

• DoS Attack Prevention

  LiteSpeed Web Server is much less vulnerable to HTTP Denial of Service(DoS) and Distributed Denial of Service (DDoS) attacks thanks to IP-level throttling, connection accounting, and its outstanding performance and scalability.

• Chroot [Enterprise Edition only]

  LiteSpeed Web Server can run in a chroot jail.

Reliability

LiteSpeed Web Server recovers from crashes instantly. LiteSpeed Web Server also runs completely in user space. Thus the server can easily switch between different versions without affecting the reliability of the operating system.

CGI, Fast CGI and Servlet engine run in their standalone processes, the reliability of web server is not affected by the quality of third party software.

User Friendly

• No need to build the executable yourself.
• Easy to install.
• Easy to control and configure through the WebAdmin interface.
• Sets up PHP and PHP accelerators automatically.
• Applies most changes without restarting the server.

Compatibility

LiteSpeed Web Server is designed to be interchangeable with Apache, the most popular server software on the Web. LiteSpeed web server can even run directly from Apache's configuration files.

LiteSpeed Web Server also uses the same syntax for distributed configuration files (.htacess) and URL rewrite rules, which makes migration as easy as setting the LiteSpeed Web Server document root to the same directory as Apache.

Currently, functionalities of the following Apache modules have been implemented:
mod_access, mod_actions, mod_alias, mod_auth, mod_auth_ldap, mod_auth_passthrough, mod_autoindex, mod_cache, mod_cgi, mod_expires, mod_fastcgi, mod_frontpage, mod_geoip, mod_gzip/mod_deflate, mod_jk, mod_mime, mod_php, mod_proxy, mod_rewrite, mod_security, mod_ssl, mod_suexec, and mod_throttle.