hi , i am new to litespeed and i have migrated from apache/cpanel after using it for 1.5 years. now i am a bit confused about how can i set/configure different modules that i used with apache for litespeed ?
1-in cpanel apache configuration , there was include files which apache used to read , now i see those lines are still included in litespeed httpd.conf file but those modules are not running anymore . what should i do ?
for example :
cpanel --> Main >> Service Configuration >> Apache Configuration >> Include Editor --> Pre Main Include
4-what about directory index priority and allow override functions ?
cpanel and apache had a setting for them which i donot see it in litespeed .
5-about mod security , as i have read lite speed uses some other functions like mod security but with the same rules/commands , where should i set my mod security rules in litespeed ?
i`ll be thankful if someone gives me his time and answers my questions completely . thanks in advanced.
1. for apache modules:
litespeed has better (in general) anti-ddos features built-in. it can be configured through admin console->server->security
2.admin console->click on "Actions" ( on the right of "Home")
5.we're working on full compatible with mod_security 2.5. the usage is same as apache.
regarding 3,4, will do some testing and reply
hi thanks for the reply.
5-about mod security , can i use mod security interface which is in whm/cpanel ? or should i place the rules somewhere else , so that litespeed uses them ?
2-about apache full status , i meant apache detailed status which when extended status was active , i could have both from cpanel and ssh with the command i wrote earlier. which was very complete because i could easily understand which ip is using which host/files on the server and how many connections it opened and so many other details.
i mean this status page :
For server status, you should look at the real-time stats in LSWS (Admin Web Console -> Actions -> Real-Time Stats).
regarding 2, in addition to admin console's Real-time stats, lsws will support apache's mod_status, may be what you're familiar with. please refer http://www.litespeedtech.com/support...ead.php?t=4601 for status: "it's on the roadmap of our official 4.1 release..."
regarding 3, the wiki page has updated. if you want to use /home/ini/user1/php.ini , may have to use PHPIniDir
regarding 4, while I haven't done experiment yet, I think lsws is compatible with apache in this regards -- just do what changes in cPanel, as if apache is running . the change should apply for litespeed as well. if not, please give an example for us to reproduce.
ok thanks for the answers ,
about extended status i`ll be waiting for later releases of litespeed.
about 3 , i`m using php 5.2.16 so i`ll try to learn the usage of that function till tonight and i`ll let you know the result if i faced any problems.
about 4 , i use the method explained in such sites to configure both php.ini and suphp configuration per user , under cpanel and apache with suexec.
so i created a dir for all of php.ini files , and /usr/local/apache/conf/std/userdata/2/user1/user1.conf for suphp config files. and with that suphp config files i have set many security rules like shell code execution blocking and allow override controlling and php.ini addressing per directory for every host.
in cpanel with directory index priority setting we can set which index file being read first . for example in root dir of a host ( public_html ) there are both index.html and index.php files , and we want apache to read index.html first instead of index.php . this could be set from that cpanel function. which as i see is still in httpd.conf file which litespeed generated.
maybe if i remove that ifmodule , litespeed reads those configurations ? because i saw alerts about reading this configs :
as you see i have blocked directory listing by #options -indexes , so when i dont set this , or when i set #options All , when i create a new folder (/public_html/1) and i go to its address with browser (site.com/1/) there will be list of the files inside that dir (file1.bmp , file2.jpg ... ) but now with litespeed , when it controlls htaccess files itself and there is 1 setting for all hosts , how can i give directory access to one user and block it for others ? and also how should i set different ini files for different directories in one host ?
i wish i have explained it completely and you help me with my case . thanks in advanced for taking time anyway. please give me suggestion so that i change my settings to a rule that litespeed detects.
here's my suggestion if I read right:
then in $VH_ROOT(for example /home/user2), create symbol link:
ln -s /home/ini/user2/php.ini /home/user2/myphp.ini
dear niteWave , what you suggested is for php.ini , what about working with suphp and allow override functions per user/directory in litespeed ?
please read my last post and examples again and see if my suphp configuration per user can be applied in litespeed too or not ? thanks
this is about 1 week that i`m with litespeed , every thing is just fine except the things i need and i had with apache :( i dont know whether stay with lite or return to apache which with those rules i could block some shell commands and secure my server that way . with litespeed now every one can upload and execute shell file/codes to the hosts :(
let's go ahead step by step.
php suExec must be enabled for PHPRC to take effect.
Using Apache Configuration File->PHP suEXEC:Yes
since this warning
litespeed's "PHPRC=$VH_ROOT/myphp.ini" should do the same job of
as for "suPHP_ConfigPath /home/ini/user2/shop/" ... ok, finally I got what you want.
above settings: enable PHP suExec+PHPRC settings should meet your per-user php(each user run php with different php.ini) requirement. further, you need per directory php override/settings?
it's still possible for lsphp. lsphp support
php_value name value
php_flag name on|off
in .htaccess for per-directory php settings.
php_value memory_limit 16M
however, this need some conversion work at your side.
If not wrong, suPHP you mentioned is running in cgi mode. It may be most flexible but worst performance. while lsphp is running in fcgi mode, much better performance yet support directory level php parameter adjustment. We did benchmark before to compare suPHP(in CGI mode) with mod_php, lsphp, please refer http://blog.litespeedtech.com/2010/0...ache-vs-nginx/
thanks i didnt have time to test this , i`ll test and let u know as soon as possible . i`m too busy these days .
the main problem of this way that litespeed is working is that i must use local .htaccess files , even if i chmod them as root , and have some codes inside them , the .htaccess file is inside user directory and thus the user will notify how i blocked him and what is limited for him which is not good. and also many scripts need their local .htaccess files to run correctly and if i want the main .htaccess file be owned by root , then how should the user have his script work.
i need to address suexec or suphp to read another config file for each user . like what suphp had in /usr/local/apache/conf/userdata/std/2/user1/user1.conf for example.
and this being outside user homedir and user access.
also in cpanel , my php was running in suphp mode , not dso or not cgi/fcgi . and now lite speed is working in fcgi i think.
ok i think instead of ifModule commands for suPHP i must search for equivalent rules for PHP_Value and address them to each user as you said.
the strange thing is that , even when i havent configured this php.ini or suexec configurations some of shell code blockings are functioning ( for example i have blocked access to .htm and .js online editor for a user , and its still blocked . how ? :D i dont know .
|All times are GMT -7. The time now is 12:07 AM.|