LiteSpeed Web Server can operate with an Apache configuration file. Most commonly used Apache features have been implemented. Some Apache-compatible features including .htaccess, mod_rewrite, mod_security, and mod_frontpage are available exclusively on LiteSpeed Web Server and cannot be found in other light-weight web server software.
- .htaccess cache
With LiteSpeed Web Server, commonly used directives in a .htaccess file work exactly the same. According to many benchmarks, .htaccess files add a significant delay to serving pages in Apache. To eliminate this delay, LiteSpeed employs an intelligent caching system to automatically update configuration when changes to a user’s .htaccess file are detected.
LiteSpeed Web Server's rewrite engine is fully compatible with Apache mod_rewrite so there is no need to change rewrite directives when you switch to LiteSpeed. The rewrite engine is highly optimized and increases speed over Apache's rewrite engine, especially for rewrite directives in a .htaccess file.
- mod_security 1.9/2.x compatible request filter
LiteSpeed Web Server Enterprise Edition allows the use of mod_security configuration within your httpd.conf. Unlike the Apache and mod_security combination, LiteSpeed Web Server is built to implement rule sets in a more efficient manner and allows specialized grouping of related rules for an even greater increase in performance.
MS FrontPage Server Extension is supported by LiteSpeed, allowing users to mount the directory containing web pages as a Windows shared folder. This feature is exclusive to LiteSpeed Web Server, Apache and Zeus.
Fully Apache compatibile Server Side Include (SSI) support.
Apache compatible mod_cache to accelerate your web application.
Web Hosting Control Panel Compatibility
LiteSpeed Web Server is able to seamlessly function as a drop-in Apache replacement for servers with control panels such as cPanel, Plesk, DirectAdmin, and Ensim. LiteSpeed Web Server can be configured to automatically update its configuration when any changes to the server’s httpd.conf file are made. LiteSpeed gracefully restarts in such an event, with ZERO downtime.
Full-featured web server
LiteSpeed Web Server is a HTTP/1.1 web server with HTTP/1.0 backward compatibility. Notable HTTP/1.1 features are:
- Chunked Transfer Encoding
- Basic and Digest Authentication (htpasswd and LDAP backend)
- Entity Tag
- Range/Multi-range Request
- GZIP content transfer encoding
Faster, more secure PHP
With our dedicated PHP LiteSpeed SAPI module, LiteSpeed Web Server is able to deliver a level of performance superior to that of mod_php as well as FastCGI. LiteSpeed supports PHP suEXEC without compromises of phpsuexec or suphp implementations. Every PHP process is run as the user who owns the account, dividing resource usage for easy identification, as well as greater separation from the web server (lshttpd) processes. In addition, LiteSpeed PHP allows PHP configuration in .htaccess, which is not available with phpsuexec or suphp implementations.
The Fastest and Easiest Ruby on Rails solution
Offer the fastest Ruby on Rails setup possible to your customers. With utmost security and reliability in mind for your RoR application, LiteSpeed is the best choice for RoR application hosting.
View real-time statistics for the entire server, or even at the virtual host level. Monitor the usage of every site on your server, and quickly find the site taking the most resources in real time! Real-time, flash-based graphs are available within the LiteSpeed console in both LiteSpeed Web Server Standard and Enterprise.
Compression is seamlessly configured in the tuning section of the LiteSpeed Console. Compression can be enabled on your specified types of data at any level you desire. With LiteSpeed, a balance can easily be achieved between CPU usage and the bandwidth usage benefits of gzip compression. LiteSpeed also offers the ability to create -Y´lsz¡ files which are pre-gzipped files, ready to be served to the user at any moment. These files are automatically updated with the change of the original file’s contents. Not only will LiteSpeed help you reduce your hardware costs, but it will also help you reduce bandwidth costs!
Smart Keep Alive
LiteSpeed Web Server is ready for the future IPv6 network.
Wide API Connectivity and web scripting languages support
LiteSpeed support a wide set of server API and scripting languages.
- LSAPI (LiteSpeed SAPI)
- JSP/Servlet via AJP 1.3
- Transparent Reverse Proxy (interface to any web server, application server support HTTP)
- PHP with 3rd party PHP Accelerators compatibilities (APC, eAccelerator, XCache).
- Perl/Python (CGI, FastCGI)
- Ruby/Roby on Rails
- C/C++ (CGI, FastCGI, LSAPI)
Unlimited Virtual Hosting
LiteSpeed Web Server can host an unlimited number of virtual hosts on one server.
LiteSpeed web server is designed with security in mind. With chroot jail, IP level bandwidth throttling, connection accounting, strict HTTP request checking, and URL context filtering, DoS effects are minimized and the application backend is properly fenced away from the HTTP request layer, greatly reducing vulnerability.
- Access Control at server, virtual host and directory (context) level
- IP level throttling (Bandwidth and Request Rate)
- Comprehensive IP level connection accounting
- Hotlink protection
- Strict HTTP request checking
- Comprehensive protection for static files
Not only does LiteSpeed offer built-in denial of service attack protection, but you can quickly identify the site that is the target of such an attack via the real-time statistics available in the LiteSpeed console.
External Application Firewall
LiteSpeed Web server forwards requests to external applications such as CGI, Fast CGI and Servlet engine to process/generate dynamic content. Usually each request requires one instance of the external application. Those applications may use a lot of system resources, and the performance of the whole system will be severely degraded when system resource consumption reaches a certain point, for example, when swapping space has been used. DoS attacks can be conducted by flooding the web server with concurrent requests to an external application that consumes a lot of system resources.
LiteSpeed web server pipelines requests and controls the concurrency level of external applications to prevent server overloading. It only forwards completed requests to external applications and caches the response. Thus external applications will be immediately available to process the next request without waiting for the response to be completely received by the client. In this way, the server can utilize fewer instances of external applications to serve more concurrent requests and will achieve higher performance and scalability. LiteSpeed web server uses its own virtual memory to cache the request and response body to minimize the usage of system memory without sacrificing performance.
CGI Resources Consumption Limit
LiteSpeed web server limits system resources consumption for CGI applications in two ways and effectively fends off "fork bomb" attacks.
- Maximum number of concurrent CGI process is limited.
For each request to a CGI script, the web server needs to start a standalone CGI process to handle it. On a Unix system the number of concurrent processes is limited, excessive concurrent processes will degrade the performance of the whole system and it could become the target of a DoS attack. Maximum number of concurrent CGI instances is configurable.
- Maximum system resource consumption for each CGI process is limited, includes: number of concurrent children process spawned, memory usage and CPU time.
File system protection
LiteSpeed web server will serve a static file only if the following conditions are satisfied:
- ".ht*" and ".svn*" are not allowed in a decoded URL, this will deny accessing some important hidden files and directories.
- the file permission must contain configured required permission bits.
- the file permission must not contain any configured restricted permission bits.
- the file is not in the Access Denied Directory list
- does not contain symbolic links if symbolic linking is not allowed.
Chroot Jail (Enterprise Editions)
LiteSpeed web server can run in a chroot environment also known as a chroot jail with an automatic initial chroot environment setup. In a chrooted environment, the web server and its children processes cannot access the file system outside of the chroot jail. This protects the system from attacks caused by malicious code.
- Zero downtime maintanance (include reconfiguration, software upgrade)
- Watch dog and Instant recovery maximizes up-time
- Graceful shutdown, all requests in process will be completed.
- Runs completely in the user space, OS reliability is not affected
- CGI, Fast CGI and servlet engine run in standalone processes,the reliability of the web server is not affected by third party software.