Skip to content

Configure LiteSpeed Web Server

Note

Most of the configuration documentation for LiteSpeed Web Server has not been migrated from our Wiki yet. Please visit the wiki if you don't find what you are looking for below.

Apache-Style Directives

These directives can be used within Apache configuration files, but they may be LiteSpeed-specific (i.e. not recognized by Apache), in which case they must be contained within <IfModule litespeed>/</IfModule> tags.

LogRotationSize

The LogRotationSize <size> directive controls how frequently the access log should be rotated. In other words, once the log reaches the specified size in bytes, the contents will be copied to a backup file and a new log will be started.

This directive may only be set at the server level, and it cannot be used in Apache virtual host configuration.

You can add K, M, or G to the size, to signify kilo-, mega-, and gigabytes respectively. Use a value of 0 to disable the log rotation.

Examples

Disable log rotation:

<IfModule litespeed>
LogRotationSize 0
</IfModule>
Rotate logs after they reach 10MB:
<IfModule litespeed>
LogRotationSize 10M
</IfModule>

UniqueId

The UniqueId on|off directive is used to create a unique identifier for requests, similar to the Apache mod_unique_id directive. UniqueID is disabled by default.

This directive may be set at the server level, the virtual-host level or in the document root's .htaccess file.

Example

Enable UniqueID:

<IfModule litespeed>
UniqueId on
</IfModule>

ForceSecureCookie

LiteSpeed doesn't support Apache's header edit directive, and so the following Apache directive won't work on LiteSpeed:

Header always edit Set-Cookie (.*) "$1;HTTPOnly;Secure;SameSite=none"

The ForceSecureCookie directive may be used to enforce secure, SameSite, and httponly cookie attributes. It can be set in the Apache config file at the server or virtual-host level, or in the .htaccess of the document root directory.

ForceSecureCookie accepts the following values in any order:

  • off
  • on or secure
  • httponly
  • same_site_lax or lax
  • same_site_strict or strict
  • same_site_none

Tips

  • You can combine same_site_xxxx values with secure and httponly.
  • LiteSpeed Web Server automatically adds a secure flag when serving traffic over HTTPS, so it is not necessary to add it with a directive.

Examples

To enforce the secure attribute only:

<IfModule LiteSpeed>
ForceSecureCookie secure
</IfModule>
To enforce secure; SameSite=none:
<IfModule LiteSpeed>
ForceSecureCookie secure same_site_none
</IfModule>
To enforce SameSite=strict only:
<IfModule LiteSpeed>
ForceSecureCookie strict
</IfModule>
or
<IfModule LiteSpeed>
ForceSecureCookie same_site_strict
</IfModule>

Environment Variables

The following special environment variables may be used in rewrite rules to control LiteSpeed Web Server features:

dontlog

When set to any value, dontlog prevents access logging.

Example

RewriteRule \.gif - [E=dontlog:1]

nokeepalive

When set to any value, nokeepalive closes the client's connection after finishing this request.

Example

RewriteRule .* - [E=nokeepalive:1]

no-gzip

When set to any non-zero value, no-gzip instructs the server not to use GZIP compression for this request.

Example

RewriteRule \.css - [E=no-gzip:1]

no-gzip:0 has no effect.

Proxy-Host

Proxy-Host modifies the proxy request Host header value.

Example

A web site whose domain name is www.example.com sends a proxy request to the backend, which is a web server with the name node1. The backend web server requires the domain name to be www.example.com. This is the rewrite rule which enforces that:

RewriteRule ^(.*)$ http://node1/$1 [P,E=Proxy-Host:www.example.com]

cache-ctrl/cache-control

The cache-control or cache-ctrl environment variable allows you to modify the server's page cache policy, enable, or disable cache.

Examples

Rewriterule ^/special_cachable_url$ - [E=Cache-ctrl:max-ages=30]
Rewriterule ^/non-cacheable-url$ - [E=Cache-control:no-cache]

For more details on how to use cache-control, please see the LSCache Without a Plugin documentation.

noabort

This flag prevents the server from killing external application processes while they are still running.

Example

RewriteRule ^script_url$ - [E=noabort:1]

wait-req-full-body

When LiteSpeed Web Server processes a request, it usually passes the request to the backend (PHP) without waiting for the full request body to complete. Usually, this is not a problem, but it can be an issue if the script needs the whole request body to work properly.

The wait-req-full-body environment variable instructs the server to wait until the full request body completes before passing the request to the backend.

Example

RewriteRule ^(.*)$ - [E=wait-req-full-body:1]

Last update: February 9, 2023