Anti-DDoS Advances

LiteSpeed Web Server mitigates denial of service attacks

Because LSWS's event-driven architecture handles all connections with a single process (or a few processes), LiteSpeed is able to easily gather data about the number of connections or amount of bandwidth an IP is using. This allows the server to efficiently impose limits.

Thread- or processed-based applications, like Apache, have trouble implementing features like this because they need to collect information from their many processes. By the time they know which IP to block, it's too late.

Per-IP Throttling

LiteSpeed Web Server has per-IP connection, request, and bandwidth throttling. With these customizable features, IPs that make too many connections or requests or ask for too much bandwidth will be blocked, stopping attackers before they overrun your server.


LiteSpeed Web Server handles much more traffic with far less resources, allowing it to survive larger attacks than less scalable solutions. This is especially important for very distributed attacks, where it is harder to isolate and block each attacker. Against such attacks, the best defense may be a scalable server.

SSL Renegotiation Protection

SSL renegotiation attacks can tie down a server by repeatedly renegotiating key material in an SSL connection. Because generating a key has substantial overhead for a server, this can allow smaller machines to take down large servers without enlisting a large network.

LiteSpeed Web Server's SSL Renegotiation Protection caps the number of times a client can renegotiate SSL materials, closing this loophole.