07-11-2010, 11:12 PM
Join Date: Aug 2007
LS sets arbitrary limit on numb of htaccess rewrite rules
A strange issue, or bug in LSWS.
I'm doing some work for a client on a site that has LSWS operating under a cPanel shared web host. (On this server I do not have access to the LS Admin interface, so I am not aware of which version of LS Enterprise they are running. Probably 4.0.15).
I'm attempting to setup a rewrite rule set in .htaccess to block access to a site according to user agent. So I have a big set of rules (see attached) that I wanted to place in the .htaccess for this site. There are about 200 rewrite conditions in this set.
What I have noticed is that Litespeed stops processing rewrite rules in .htaccess after parsing exactly 165 lines of Rewritecond's in the htaccess file attached.
Up to that point, the rewrite rules work fine and generate the desired 403 Forbidden code. But after there are more than 165 rewriteconds in the set, LSWS totally ignores EVERYTHING in the whole rewrite rule and performs no test at all on user agent, and may even be totally ignoring the .htaccess file.
In other words, if there are 164 rewritecond's in the rule set, it works. If there are more than 165 rewritecond's in the rule set. LS ignores the whole lot.
The problem does not seem to be in any of the rewritecond rules themselves. I've tested this by systematically removed and re-inserted or rearranging blocks of rules, saving htaccess each time, and LS has noticed the change and reparsed .htaccess. Then I've tested the rules after each change to see if they reject my browser user agent, or let me through into ths site. (Using Opera as my test browser, hence the 2nd last rewritecond in the set).
After a lot of futzing around, I have found that if I remark out the number of rewrite conditions in the attached set to something like 100 or 150 conditions, no matter what the rules may be, then LS happily parses the whole set of rewrite conditions in htaccess and blocks access to the folder as desired with a 403 Forbidden.
But if I bump the total number of rewrite conditions to 165 or above, then LS just skips every single rule and lets any user agent through.
Is this a bug or a feature of Litespeed's Apache compatibility mode?
There seems to be in force either (a) a simple limit to the number of rewrite rules LS will parse in Apache compatibility mode, or perhaps (b) a buffer issue of some sort happening where the amount of memory reserved for storing rules is limited. Or something.
Apache 2 doesn't seem to have any such limitation on the number of RewriteCond rules, and neither does Litespeed itself appear to - on a regular LS site where I can get into the Litespeed Administration area, I can setup hundreds of user agent blocking rules under Configuration > Server > Request Filter > Request Filtering Rule Set without any problem.
The full rewrite rule set I am having trouble is attached. I know these rules could probably be written more efficiently, but that comes later.