Configure LiteSpeed Web Server¶
Note
Most of the configuration documentation for LiteSpeed Web Server has not been migrated from our Wiki yet. Please visit the wiki if you don't find what you are looking for below.
Apache-Style Directives¶
These directives can be used within Apache configuration files, but they may be LiteSpeed-specific (i.e. not recognized by Apache), in which case they must be contained within <IfModule litespeed>
/</IfModule>
tags.
LogRotationSize¶
The LogRotationSize <size>
directive controls how frequently the access log should be rotated. In other words, once the log reaches the specified size in bytes, the contents will be copied to a backup file and a new log will be started.
This directive may only be set at the server level, and it cannot be used in Apache virtual host configuration.
Tips
LogRotationSize
needs to be set prior to definingCustomLog
. OnceLogRotationSize
is set, all subsequentCustomLog
configurations will follow the specified size limit.- You can add
K
,M
, orG
to the size, to signify kilo-, mega-, and gigabytes respectively. Use a value of0
to disable the log rotation.
Examples
Disable log rotation:
<IfModule litespeed>
LogRotationSize 0
</IfModule>
<IfModule litespeed>
LogRotationSize 10M
</IfModule>
LogKeepDays¶
The LogKeepDays <N>
directive controls how many days to keep the access log. This directive may only be set at the server level, and it cannot be used in Apache virtual host configurations.
LogCompressArchive¶
The LogCompressArchive on|off
directive is to turn on or off the access log compression archive. This directive may only be set at the server level, and it cannot be used in Apache virtual host configurations.
UniqueId¶
The UniqueId on|off
directive is used to create a unique identifier for requests, similar to the Apache mod_unique_id directive. UniqueID is disabled by default.
This directive may be set at the server level, the virtual-host level or in the document root's .htaccess
file.
Example
Enable UniqueID:
<IfModule litespeed>
UniqueId on
</IfModule>
AllowBlockedUrl¶
By default, LiteSpeed prohibits access to some hidden files with extensions like .hta
, .git
, and .svn
. This is a LiteSpeed security feature which does not exist in Apache. Apache may rely on an additional rewrite rule to block such files.
If you need to allow access to these file names for a single vhost (for example, you might want to proxy requests to OpenResty with a rewrite rule in the File Manager function), the AllowBlockedUrl
directive can be placed into the Apache configuration for that vhost. AllowBlockedUrl on
allows prohibited files to be accessed.
Example
Allow blocked URLs:
<IfModule litespeed>
AllowBlockedUrl on
</IfModule>
ForceSecureCookie¶
LiteSpeed doesn't support Apache's header edit
directive, and so the following Apache directive won't work on LiteSpeed:
Header always edit Set-Cookie (.*) "$1;HTTPOnly;Secure;SameSite=none"
The ForceSecureCookie
directive may be used to enforce secure
, SameSite
, and httponly
cookie attributes. It can be set in the Apache config file at the server or virtual-host level, or in the .htaccess
of the document root directory.
ForceSecureCookie
accepts the following values in any order:
off
on
orsecure
httponly
same_site_lax
orlax
same_site_strict
orstrict
same_site_none
Tips
- You can combine
same_site_xxxx
values withsecure
andhttponly
. - LiteSpeed Web Server automatically adds a
secure
flag when serving traffic over HTTPS, so it is not necessary to add it with a directive.
Examples
To enforce the secure
attribute only:
<IfModule LiteSpeed>
ForceSecureCookie secure
</IfModule>
secure; SameSite=none
: <IfModule LiteSpeed>
ForceSecureCookie secure same_site_none
</IfModule>
SameSite=strict
only: <IfModule LiteSpeed>
ForceSecureCookie strict
</IfModule>
<IfModule LiteSpeed>
ForceSecureCookie same_site_strict
</IfModule>
MaxReqBodySize¶
Use MaxReqBodySize
at the virtual-host level to specify the maximum size of an HTTP request body.
Example
<IfModule LiteSpeed>
MaxReqBodySize 1024M
</IfModule>
MaxDynRespSize¶
Use MaxDynRespSize
at the virtual-host level to specify the maximum body size of a dynamically generated response.
Example
<IfModule LiteSpeed>
MaxDynRespSize 1024M
</IfModule>
Environment Variables¶
The following special environment variables may be used in rewrite rules to control LiteSpeed Web Server features:
dontlog¶
When set to any value, dontlog
prevents access logging.
Example
RewriteRule \.gif - [E=dontlog:1]
nokeepalive¶
When set to any value, nokeepalive
closes the client's connection after finishing this request.
Example
RewriteRule .* - [E=nokeepalive:1]
no-gzip¶
When set to any non-zero value, no-gzip
instructs the server not to use GZIP compression for this request.
Example
RewriteRule \.css - [E=no-gzip:1]
no-gzip:0
has no effect.
Proxy-Host¶
Proxy-Host
modifies the proxy request Host
header value.
Example
A web site whose domain name is www.example.com
sends a proxy request to the backend, which is a web server with the name node1
. The backend web server requires the domain name to be www.example.com
. This is the rewrite rule which enforces that:
RewriteRule ^(.*)$ http://node1/$1 [P,E=Proxy-Host:www.example.com]
cache-ctrl/cache-control¶
The cache-control
or cache-ctrl
environment variable allows you to modify the server's page cache policy, enable, or disable cache.
Examples
Rewriterule ^/special_cachable_url$ - [E=Cache-ctrl:max-ages=30]
Rewriterule ^/non-cacheable-url$ - [E=Cache-control:no-cache]
For more details on how to use cache-control
, please see the LSCache Without a Plugin documentation.
noabort¶
This flag prevents the server from killing external application processes while they are still running.
Example
RewriteRule ^script_url$ - [E=noabort:1]
wait-req-full-body¶
When LiteSpeed Web Server processes a request, it usually passes the request to the backend (PHP) without waiting for the full request body to complete. Usually, this is not a problem, but it can be an issue if the script needs the whole request body to work properly.
The wait-req-full-body
environment variable instructs the server to wait until the full request body completes before passing the request to the backend.
Example
RewriteRule ^(.*)$ - [E=wait-req-full-body:1]