WebSocket Proxy

LiteSpeed Web Server can work as a WebSocket proxy.

What's a WebSocket?

WebSocket changes the way the Internet works: It is a protocol that allows the server and the client to have a bidirectional conversation where the client doesn't just request content from the server but the server also sends content to the client whenever there is content to be sent (without waiting to be asked). This bidirectional conversation allows for realtime web experiences. Where HTTP tries to simulate real-time interaction at great expense (through incessant refreshing), WebSocket makes realtime interaction a reality. This upgrades all sorts of web applications: stock tickers, data center monitors, news feeds... but probably the most exciting feature of realtime Internet is the ability for multiple users to see and react to each other's actions in real time.

Set up a WebSocket Backend

The first step is to have a working WebSocket backend set up. Explaining how to achieve this is out of this document's scope but there are plenty of online tutorials that can be consulted. One such tutorial involves using an Nginx backend with an nchan module.

Test the Backend WebSocket

Assuming you have a backend WebSocket up and running on port 80 at ws://domain.com/sub/xx1, you will need to test it to ensure it is working.

There are many tools available for such testing. You can either try some online tools such as Echo Test or download chrome extension tools like Simple WebSocket Client. We will use Chrome Simple WebSocket Client as an example in this wiki.

!Add WebSocket Proxy

This screenshot shows a successful test. If it had failed, you would see a Simple WebSocket Client undefined error, like so:

!Failed WebSocket Proxy

Configure LiteSpeed Web Server

LSWS supports ProxyPass for WebSocket, used like so:

ProxyPass / ws://localhost:3000/

Note

This directive must be placed in an Apache vhost configuration file, not in .htaccess.

For example, for RocketChat, create two files like these, replacing EXAMPLE and www.example.com with the cPanel username and the actual domain:

/etc/apache2/conf.d/userdata/ssl/2_4/EXAMPLE/www.example.com/proxy.conf

/etc/apache2/conf.d/userdata/std/2_4/EXAMPLE/www.example.com/proxy.conf

Add the following code to both files:

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule (.*) http://localhost:3000/$1 [P,L]
ProxyPass / ws://localhost:3000/
</IfModule>

Rebuild the Apache configuration file, and restart LSWS:

/scripts/buildhttpdconf

/usr/local/lsws/bin/lswsctrl restart

Note

LiteSpeed currently can only offload SSL and forward to the backend using ws://. wss:// is not currently supported, and there are no plans to make it available soon. If you must, you could try an SSL tunnel. LiteSpeed communicates with the SSL tunnel via ws://, the SSL tunnel adds SSL encryption, and then the tunnel communicates with the backend via wss://.

Final Test: The Front End

Test front-end port 443:

wss://example.com/sub/xx1

If all is working fine you should see the following:

!WebSocket Proxy Success


Last update: August 7, 2020