Glossary 2020-11-05 20:19:14 Defining industry-standard terminology for web application delivery such as web server, load balancing, cache plugins, control panels, web acceleration, cluster, internet protocols, web securities and so on.


Defining industry-standard terminology for web application delivery.

What is .htaccess?

.htaccess (aka Hypertext Access) is a directory-level configuration file used by Apache web server (and Apache-compatible servers, like LiteSpeed).

.htaccess defines the configuration of the server, and enables or disables additional functionality. An .htaccess file can be simple, containing basic redirects and rewrite rules, or complex with advanced functions such as password protection, cache control, and image hot link prevention.

The scope of .htaccess is the directory in which it appears.

.htaccess support with LiteSpeed

What is Anti-DDoS?

DDoS is short for Distributed Denial of Service. During a DDoS attack, perpetrators use a large number of IP addresses to flood the server with incoming traffic. These attacks can be volume-based, protocol-based, or application-layer-based.

Anti-DDoS is a collective term for the strategies used to battle the variety of DDoS attack techniques. Typically, Anti-DDoS tools mitigate the impact of DDoS attacks on networks through firewalls, and a variety of harware and software solutions.

LiteSpeed's Anti-DDoS Solutions

What is Apache Web Server?

Apache Web Server is free, open-source, cross-platform web server software. It played a key role in the initial growth of the internet, which is a contributing factor to its continuing popularity since 1996. Typically, Apache runs on Linux, though Windows is also supported. Apache's relatively slow process-based model has been improved upon in recent decades by the event-driven alternatives from companies like LiteSpeed and Nginx.

Easily Replace Apache with LiteSpeed

What is Application Delivery?

Typically, application delivery is a web-based service, through which data is processed and computed in a cloud environment or data center, and then executed through application clients to end users over the internet. Functionality is meant to be quick and efficient.

In the past, application delivery was restricted to hardware solutions, but nowadays you can find software based Application Delivery Controllers (or, ADCs). These software ADCs bring optimization by automating the deployment of additional ADCs as required. Enterprises may use ADCs to create highly scalable models which provide load balancing, security, and a more reliable user experience.

What is an Application Delivery Network?

An Application Delivery Network (or, ADN) is similar to the more familiar Content Delivery Network (CDN), however CDNs focus on static content, while ADNs handle dynamic content. Both CDNs and ADNs exist for the purpose of optimizing content delivery. At the data center end of an ADN is the Application Delivery Controller (ADC). ADNs feature performance-maximizing technologies that, when deployed together, provide availability, security, visibility, and acceleration to clients.

What is an Application Delivery Controller (ADC)?

An Application Delivery Controller (or ADC) is a network device in a data center, and is often part of an Application Delivery Network (ADN). ADCs are used to enhance performance through measures that include load balancing, caching, compression, and offloading of SSL processing. In a data center, ADCs are often placed between the firewall and one or more application servers, in an area known as the DMZ.

Learn about the LiteSpeed's Web ADC

What is an Application Server vs. a Web Server?

Often the terms Application Server and Web Server are used interchangeably, though they are not the same thing. The biggest difference between them is that a web server handles HTTP requests and is meant for static content, while an application server executes business logic using any number of protocols (including, sometimes, HTTP) and is suitable for dynamic content. Most application servers have a web server integrated into them, which means that an application server is capable of any function that a web server is capable of, and then some.

Application servers support Connection Pooling, Object Pooling, Transaction Support, Messaging services, and more. Most production environments use a web server as reverse proxy to the application server. This allows static content to be served quickly by the web server, while the app server handles the dynamic portion of the request.

What is Brute Force Protection?

A ‘brute force’ login attack is a type of attack against a website to gain access to the site by guessing the username and password, over and over again.

WordPress is the most popular CMS and therefore it’s a frequent target of this type of attack. The wp-login.php and xmlrpc.php pages are the most common target of brute force attack by POST method. WordPress doesn’t have any built-in protection to prevent this, hence the need for a third-party solution.

LiteSpeed Web ADC has a built-in WordPress brute force attack protection system. It will protect shared hosting WordPress environments from large-scale brute force attacks, which have the potential to bring down entire servers.

Learn about Brute Force Protection

What is Bubblewrap?

Bubblewrap is a lightweight sandbox application written by Flatpak to implement Linux namespaces. This gives the application a full sandbox, which includes operating-system-supported isolated mounts, user/group IDs, interprocess communications, users, cgroups, host names and more.

Similar to, but perhaps less comprehensive than, CloudLinux CageFS, a bubblewrap'd process is utterly independent. Thus significantly reducing the opportunities for an attack.

What is Caching?

Simply put, caching temporarily stores a snapshot of recently-used information so that the snapshot may be re-used. This saves the system from repeatedly generating the same information. It improves efficiency, shortens data access times, reduces latency and improves system performance. Users are able to access the information more quickly, leading to an improved user experience.

Due to popular demand, we have created a dedicated website for LiteSpeed Cache and its plugins!

Learn about LiteSpeed Cache

What is a Cache Plugin?

A cache plugin is add-on software for a web application that facilitates the caching of static HTML pages generated by the web app. Via the cache plugin, an web app is able to serve up static HTML upon user request, instead of forcing the user to wait for the content to be dynamically generated.

See LiteSpeed's available Cache Plugins

What is a Certification Authority (CA)?

A Certification Authority (also called a Certificate Authority or CA) issues digital certificates, which serve as the subject's proof of ownership for a public key. CA's act as a trusted third party, and conducts digital certificate signing securely through HTTPS.

What is a Certificate Signing Request (CSR)?

When an applicant wishes to apply for a digital identity certifican from a certificate authority, a certificate signing request (CSR) is one of their first steps. A CSR is generated on the server where the certificate will be installed, and contains such information as the organization name, domain name, city, region and country. Also included is a public key, which is an encoded block of text that is given to the CA as part of the application. With the creation of the CSR a private key is created as well. The public key and private key together are known as a key pair.

What is Cloud Hosting?

Cloud hosting refers to a type of server configuration. The simplest example of cloud hosting is a network of virtual servers that tap into an underlying network of physical servers. This setup results in a scalable, reliable, and affordable hosting solution.

Learn how to get LiteSpeed in the cloud

What is Clustering?

Clustering is achieved by placing a load balancer in front of multiple computers (aka nodes) so that they appear to be a single virtual machine to clients. The load balancer accepts client requests and distributes them to the nodes in a manner that keeps any one node from being too much busier than any other.

Clustering provides an easily-scalable, as you can easily add more servers to meet increased demand. It is a cost-effective hardware solution for improving a website or application's performance and reliability.

Clustering may be configured in multiple ways, the simplest being Round Robin. In this setup, requests are distributed sequentially across the nodes in the cluster. Other clustering configurations implement Layer 7 load balancing where different types of specialized machines can direct traffic to the appropriate server based on the type of content requested. For example, requests for video may be routed to a streaming media server, while requests for shop prices or inventory may be sent to a database application.

It's relatively easy to maintain a clustered environment, even during business hours. Nodes in a clustered environment can be taken offline for service and upgraded as needed, while the remaining nodes service user requests.

Learn about LiteSpeed's clustering software solution

What is a CDN?

A CDN, or Content Delivery Network, is a cluster of geographically distributed servers, intended to optimize the delivery of web content to user. Geographically, the closer a CDN server is to a user, the faster the content delivery will be. Additionally, some CDN services are helpful at relieving large surges in traffic and mitigating DDoS attacks.

Learn about CDN, currently in beta

What is cPanel?

cPanel is a popular Linux-based hosting control panel. The web interface allows users to quickly and easily configure many web server and account settings.

A tiered structure facilitates the use of cPanel by users at varying levels, from administrator to end user, and gives each user access to only the settings revelant to his or her role. This setup makes it simple for users to manage their own hosting with minimal technical knowledge.

Learn about LiteSpeed's cPanel plugin

What is Critical CSS (CCSS)?

Critical CSS is the minimum set of blocking CSS required to render the first screen's worth of content to the user.

Cookies can be secured by properly setting cookie attributes. These attributes are:

  • Secure, which prevents the cookie from being sent over HTTP. It may only be sent via a secure HTTPS connection.
  • Domain, which signifies the only domain for which the cookie is valid and can be submitted with every request for this domain or its subdomains.
  • Path, which signifies the URL or path for which the cookie is valid.
  • HTTPOnly, which prevents client-side scripts from accessing the cookie.
  • Expires, which signifies how long the browser should use the persistent cookie and when the cookie should be deleted.
  • SameSite, which governs the usage of cookies in a first-party or third-party context. SameSite=none specifically states that the cookie is for third-party usage. Other options are strict, which indicates first-party only, and lax which means the cookie may be sent from another site, if it is referencing your site's content.


DPLPMTUD stands for Data Packetization Layer Path Maximum Transmission Unit Discovery. It is a way for a transport protocol to figure out the maximum size of a single packet. QUIC, which performs packetization by itself, is the perfect use case for this mechanism.

The search for DPLPMTUD is performed by constructing and sending probe packets. These are packets whose size is larger than PLPMTU. If the peer acknowledges receipt of the probe, increase PLPMTU; otherwise, decrease the ceiling.

What is DNS Load Balancing?

Domain Name System (DNS) Load Balancing is a server configuration by which DNS request are distributed across the servers. This creates a highly available, well-performing DNS infrastructure.

Under this system DNS servers are monitored and removed from service if failure is detected. All servers are behind a single external IP, and so DNS servers can be removed for maintenance at any time, without affecting current requests. Similarly, servers may be added dynamically when needed.

What is ECC SSL certificate?

An ECC SSL certificate is similar to a traditional RSA SSL certificate with the exception of using Elliptic Curve Cryptography (ECC) for it's key exchange and signing operations.

ECC certificates can achieve the same level of security as RSA certificates, but at a much smaller size. Plus, ECC is easier to encrypt/decrypt than RSA, which is especially attractive for mobile users, who may have underpowered processors.

Because of the smaller key size with an ECC certificate, less data is transmitted from the server to the client during the SSL handshake. ECC certificates also requires less CPU and memory, increasing network performance and making a potentially large difference on high-volume or high-traffic sites.

Elliptic Curve Cryptography (ECC) works on the assumption that while it is possible to compute a point multiplication, it is conversely almost impossible to compute the multiplicand given only the original and product points. The difficulty can be dramatically ramped up with the size of the elliptic curve.

What is ESI?

The main purpose of Edge Side Includes (ESI) is to address the problem of web infrastructure scaling. It allows the transparent management of online content across application servers, content management systems (CMS) and content delivery networks (CDN). It's a simple markup language originally proposed by Akamai, Oracle and a group of other companies.

ESI allows an application to set apart sections of a page, and offload the processing of those sections from the application to an edge server. ESI is designed to resolve caching issues that are caused by frequently-changing content, such as that found in catalogs, forums, login pages or other personalized content. With ESI, an uncacheable portion can be split off into a separate request, while the larger portion of the page can be cached. Allowing most of the page to remain cached results in lower costs and faster load time, and it helps to relieve server load during high volume traffic spikes.

Learn about LiteSpeed's ESI support

What is an Event-Driven Architecture?

In an event-driven framework, a server employs one process (or very few processes) to handle all events that pop up — new requests coming in and new dynamic responses ready to go out. The server concerns itself not with creating new processes to handle every aspect of every connection, but with reacting to events that occur. This is faster and consumes significantly less CPU and memory than a process-based server, which requires a new process to be created for each request.

A web server built with an event-driven architecture fields a request and forwards it to an external process. Then, instead of waiting around for a dynamic response, it continues to field more requests. When an external process response is ready, the server gets a callback. The event-driven server then sends the external response back to the requesting client.

Learn about LiteSpeed's Event-Driven Architecture

What is a ForceSecureCookie?

`ForceSecureCookie` is a LiteSpeed Web Server directive, which functions similarly to an Apache `Header Edit Set-Cookie` directive.

Set ForceSecureCookie in the Apache config file at the server or virtual-host level, or in the .htaccess of the document root directory, and assign one or more of the following values:

  • off
  • on or secure
  • httponly
  • same_site_lax or lax
  • same_site_strict or strict
  • same_site_none

What is a Full Page Cache?

A Full Page Cache is a type of caching whereby dynamically-generated content is stored as a static HTML snapshot and served in response to user requests, until the static file expires. This method helps to boost the performance of websites by eliminating the need to dynamically generate pages on every visit.

Learn about LiteSpeed's full page cache plugins

What is High Availability?

High availability (HA) refers to systems that have a long uptime. An HA configuration provides a failover setup for multiple nodes. When one node is temporarily unavailable, other notes will automatically detect and take over their traffic. HA systems are durable and likely to operate continuously without failing for long duration.

Learn about HA for LiteSpeed Web ADC

What is HTTP?

HTTP stands for "HyperText Transfer Protocol." It is a stateless protocol which defines how messages are formatted and transmitted, and what actions web servers and browsers should take in response to various commands.

HTTP was developed by Tim Berners-Lee at CERN in 1989, and has become the foundation of data communication for the World Wide Web.

What is HTTP/2?

In 2015, the Internet Engineering Task Force (IETF) defined a major revision of the HTTP network protocol used by the World Wide Web. This revision is referred to as HTTP/2, and was derived from the Google's experimental SPDY protocol. It is not a ground-up rewrite of the original HTTP. Methods, status codes and semantics remain the same, and it should be possible to use the same APIs with either protocol.

HTTP2's focus is on performance, specifically end-user perceived latency, and network/server resource usage.

Learn about LiteSpeed's HTTP/2 Implementation

What is HTTP/3?

HTTP/3 is the proposed third version of the Hypertext Transfer Protocol (HTTP), which is used to exchange binary information on the World Wide Web. In November 2018, the first successful HTTP/3 interoperability test was performed by LiteSpeed Technologies and Facebook, but the protocol is still experimental. As of mid-2019, The IETF is still defining what HTTP/3 will look like.

HTTP/3 builds on UDP, unlike previous HTTP versions which are TCP-based, and aims to solve constraints within the existing internet infrastructure.

Learn about LiteSpeed's HTTP/3 Implementation

What is HTTPS?

Hypertext Transfer Protocol Secure (HTTPS) is an extension of HTTP using Transport Layer Security (TLS) encryption. It is sometimes referred to as HTTP over TLS, or HTTP over SSL. It is widely used for secure Internet communication.

The main purpose of HTTPS is authentication and privacy protection while data is in transit. It guards against man-in-the-middle attacks. The bidirectional encryption of communications between a client and server protects against eavesdropping and tampering.

HTTPS is now used more often by web users than the original non-secure HTTP.

More Info

What is LiteSpeed QUIC Client Library?

LiteSpeed QUIC Client Library is an open-source implementation of QUIC functionality for clients, and contains all of the code necessary to build a custom QUIC client to interact with QUIC servers. Released in the interest of speeding the adoption of QUIC, most of the code in the distribution is used in LiteSpeed's own web server and ADC products.

QUIC stands for Quick UDP Internet Connections. This is an experimental transport layer network protocol which is designed to provide security protection equivalent to TLS/SSL. QUIC helps to reduce connection establishment time and improve congestion control. QUIC is used to solve the problem of high RTT by reducing the number of trips that must be taken, in which HTTP/2 and SPDY failed to resolve previously. QUIC uses UDP (User Datagram Protocol) instead of ubiquitous TCP. QUIC uses UDP protocol over ports 80 and 443. This permits clients to bypass transparent proxies and also suggest that forwarding proxies can also be bypassed.

Learn about LiteSpeed QUIC Client Library

What is LiteSpeed Technologies?

LiteSpeed Technologies Inc was founded in 2002 by George Wang. It is an information technology company based in New Jersey, USA that produces leading high-performance, high-scalability web server software designed specifically for high-traffic servers, such as those of Internet service providers and corporate data centers.

It's flagship product, LiteSpeed Web Server, can be used to replace an existing Apache server without changing any other programs or operating system details, and without breaking anything. As such, LiteSpeed Web Server can quickly replace a major bottleneck in your existing web hosting platform. With its comprehensive range of features and easy-to-use web administration console, LiteSpeed Web Server can help you conquer the challenges of deploying an effective web hosting infrastructure.

What is LiteSpeed Web ADC?

LiteSpeed Web ADC (LSLB - previously LiteSpeed Load Balancer) is an affordable, high-performance layer 7 HTTP smart load-balancing application. LiteSpeed Web ADC is feature-rich, secure, and efficient, offering more flexibility than similarly-priced load balancing software. This makes it an excellent choice for small enterprises looking to scale their applications beyond one server — both to improve service speed as well as reliability in case of hardware failure.

Learn more about LiteSpeed Web ADC

What is LiteSpeed Web Server?

LiteSpeed Web Server (LSWS) is compatible with commonly used Apache features including mod_rewrite, .htaccess, and mod_security.

As a drop-in Apache alternative, LSWS can load Apache configuration files directly and can fully integrate with popular control panels. Replacing Apache with LSWS takes less than 15 minutes with zero downtime.

Unlike other solutions that act as frontend proxies, LSWS replaces all Apache functions, simplifying use and making the transition to a new server easy for your team. Move confidently forward with little-to-no retraining.

Learn more about LiteSpeed Web Server

What is Load Balancing?

Load balancing is a key component that acts as reverse proxy to distribute application traffic across a number of servers. Load balancers increase performance, load capacity, and reliability.

Layer 7 load balancers make complex and informed load balancing decisions at the application level. There are several industry standard load balancing algorithms, including Round Robin, Weighted Round Robin, Least Connections, and Least Response Time.

Learn about LiteSpeed's Load Balancer

What is Low-Quality Image Placeholder (LQIP)?

Low-Quality Image Placeholders enable web pages to load correctly in an orderly manner, by replacing image content with extremely small-size, low-quality versions of the original images. LQIP is best used in conjunction with JavaScript lazy loading. The advantage over a generic placeholder is the content of the photo is exactly the same as the final image, albeit of a much lower quality.

What is a Managed VPS Hosting?

A managed VPS is a server that is installed, configured, secured, updated, and audited by an expert. Users get the benefit of a VPS without needing to bother with day-to-day maintenance and other management details.

Typically managed VPS hosting packages include:

  • 24x7 expert technical support
  • Data backups on remote servers
  • Guaranteed uptime
  • An easy-to-use control panel that allows one to start/stop/restart the VPS
  • VPS installation and initial setup
  • Solid VPS server security
  • Daily updates and security monitoring
  • Malware scans and removal

What is MIME-type?

A media type (known as a Multipurpose Internet Mail Extensions or MIME type) is a two-part identifier for file formats and format contents transmitted on the Interne. Designed mainly for SMTP, the content types defined by MIME standards are also of importance in communication protocols outside of email, such as HTTP for the World Wide Web.

Servers insert the MIME header at the beginning of any web transmission. Clients use this header to select an appropriate viewer application for the type of data the header indicates.

What is ModSecurity?

ModSecurity is an open-source Apache module specifically designed to protect websites from malicious activity. It's a web application firewall (WAF), requiring a group of customizable rulesets and triggers, in order to achieve real-time web application monitoring, logging, and access control.

Learn about LiteSpeed and ModSecurity

What is OpenLiteSpeed?

OpenLiteSpeed is the Open Source edition of LiteSpeed Web Server Enterprise.

Both servers are actively developed and maintained by the same team, and are held to the same high-quality coding standard.

OpenLiteSpeed contains all of the essential features found in LiteSpeed Enterprise, and represents our commitment to support the Open Source community.

Learn about OpenLiteSpeed

What is OpenSSL?

OpenSSL is widely used by internet servers to secure communications over networks. The majority of HTTPS websites use OpenSSL, which contains an open-source implementation of the SSL and TLS protocols. Its core library is written in the C programming language. OpenSSL executes basic cryptographic functions and provides various utility functions. Wrappers are available in a variety of computer languages, allowing for widespread use of the OpenSSL library.

What is Private Cache?

A private cache is a cache that is accessed by a single client at a single IP address. A separate, personalized copy of a privately cached page is stored for each user who requests it. Private caches are helpful for data that cannot or should not be shared publicly, such as personalized greetings and shopping cart contents.

What is Public Cache?

A public cache is a cache that can be accessed by everyone. A single copy of a publicly cached page is stored and served to everyone who requests it. Public cache is ideal for sites that do not require a login, or do not display sensitive or personalized information.

What is QUIC?

QUIC (Quick UDP Internet Connections) was originally a Google effort to improve HTTP/2 by transporting it encrypted over UDP. In 2016, the IETF began working to standardize the protocol. Part of that process involved splitting QUIC into the transport protocol (QUIC) and the application protocol (HTTP/3).

Learn more about LiteSpeed's QUIC Implementation

What is is the first and only content delivery network (CDN) with the ability to cache dynamic WordPress pages. Using QUIC as the transfer protocol, LiteSpeed Cache as the caching mechanism, and a global network of nodes, is used for fast and secure delivery of WordPress content.

What is reCAPTCHA?

reCAPTCHA is a security feature, meant to determine that a user is human before granting access to a submission form, web page, application, or even an entire server. At the server level, reCAPTCHA is an effective Anti-DDoS measure.

Hundreds of millions of CAPTCHAs are solved by people every day. reCAPTCHA makes positive use of this human effort by channeling the time spent solving CAPTCHAs into annotating images and building machine learning datasets. This in turn helps improve maps and solve hard AI problems.

Learn more about LiteSpeed's reCAPTCHA

What is Redis?

Redis, aka REmote DIctionary Server, is an in-memory key-value database often used for caching. Redis has the ability to store and manipulate several different kinds of abstract data structures, such as strings, lists, maps, sets, and sorted sets. Its high performance has enabled developers to use it in place of traditional databases in situations where the volume of read and write operations is particularly high.

What is Reseller Hosting?

Reseller hosting is a form of web hosting where the account owner uses allocated hard drive space and bandwidth to host websites on behalf of third parties. Typical web hosting resellers include web design firms, web developers, and marketing agencies who offer web hosting as an add-on service. Most reseller hosting plans allow resellers to create their own branding via customized control panels and service plans, and allow them to choose their own pricing structure.

What is a Reverse Proxy Server?

A reverse proxy is a server that sits in front of one or more web servers, intercepting requests from clients. When clients send requests to the origin server of a website, those requests are intercepted at the network edge by the reverse proxy server. The reverse proxy server will then send requests to and receive responses from the origin server. A reverse proxy provides an additional level of abstraction and control to ensure the smooth flow of network traffic between clients and servers. It ensures that no client ever communicates directly with that origin server.

Common uses for a reverse proxy server include:

  • Load Balancing
  • Caching
  • Web acceleration
  • Protection from attacks
  • SSL encryption

What is a Reverse Proxy vs. a Load Balancer?

A reverse proxy server and load balancer have very similar features. Often, they are promoted together as a load balancer/reverse proxy combination, and all of the features are built into one bundle. A load balancer refers to a server or a device that balances inbound requests across two or more web servers to even the load. A reverse proxy server typically includes load balancing capabilities but also boasts additional features, like caching, security, and SSL acceleration.

What are Rewrite Rules?

Rewrite rules or mod_rewrite is an Apache web server extension for flexible url rewriting. It uses a rule-based rewriting engine, based on a PCRE regular-expression parser, to rewrite requested URLs on the fly. mod_rewrite's main function is to map a URL to a file system path. It can also be used to redirect one URL to another URL or to invoke an internal proxy fetch.

mod_rewrite can have an unlimited number of rules, and each rule can attach an unlimited number of rule conditions. This allows a URL to be rewritten on the basis of server variables, environment variables, HTTP headers, or time stamps. mod_rewrite may be invoked in httpd.conf or in .htaccess.

What is Round-Robin Load Balancing?

This is one of the most simplistic methods for distributing client requests across a number of servers. Round Robin forwards a client request to each server in turn, and loops back to the beginning of the server list, once it reaches the end.

The main benefit of Round Robin load balancing is that it is very easy to implement. However, since it assumes all servers are the same, it does not always result in the most accurate or efficient distribution of traffic. Because of this, two variations exist:

  • Weighted Round Robin — A weight is assigned to each server based on the criterion of the traffic handling capacity by an site administrator. The higher the weight, the larger volume of client requests the server receives.
  • Dynamic Round Robin — A weight is assigned to each server dynamically, based on real-time data of server load and idle capacity.

What is RSA?

RSA is one of the oldest public-key cryptosystems, and is widely used for secure data transmission. Ron Rivest, Adi Shamir, and Leonard Adleman publicly described the algorithm in 1977, thus the RSA acronym was derived from their names.

RSA is a relatively slow algorithm, and as such it is often used to transmit shared keys for symmetric key cryptography, which are then used for bulk encryption-decryption. It is not commonly used to directly encrypt user data.

What are Server Side Includes (SSI)?

Server Side Includes (SSI) are codes you can add to your HTML document that tell the web server to include other content with the document being served. They let you add dynamically generated content to an existing HTML page, without having to serve the entire page dynamically.

HTML documents with SSI directives should be saved with the .shtml, .stm or .shtm file extensions.

What is Session Persistence?

In load balancing, session persistence ensures that a client's requests go to the same, single backend server for the duration of that session. This is also referred to as a "sticky session". Additionally, session persistence can refer to the feature that forces multiple client requests of the same protocol to be directed to the same node. This is common with many web applications that do not inherently share application state between back-end servers. The implemented logic ties a user session to a specific server for as long as necessary.

What is Shared Hosting?

Companies that offer shared hosting allow customers to utilize and share a single server. Each customer generally has a limited amount of server resources available to them, as defined by the hosting package. While the server resources are shared, customers are unable to access each others' data on the server. Since accounts on shared hosting don't have direct access to the server, maintenance is handled by the hosting provider.

Shared hosting tends to be the most economical hosting option, however, the cheap price comes with limitations. It is common for busy websites to outgrow shared hosting, and in this case, hosting companies usually offer upgrades to dedicated hosting packages.

Find a Shared Hosting Provider who offers LiteSpeed

What is a Subrequest?

A subrequest looks like a normal request, but shares some data with its parent. The request is processed as usual, but without the overhead of sending a full HTTP request over the network. Subrequests are primarily used to insert output of one request into another, possibly mixed with other data.

What is Transport Layer Security (TLS)?

Transport Layer Security (TLS) is a protocol that provides authentication, privacy, and data integrity between two communicating applications. It's the most widely-deployed security protocol today and is used for web browsers and other applications that require data to be securely exchanged over a network, such as web browsing sessions, file transfers, VPN connections, remote desktop sessions, and voice over IP (VoIP).

What is TLS 1.3?

TTLS 1.3 is an update for Transport Layer Security, the most important security protocol on the Internet. It features improvements in privacy, security, and performance, removes many problematic options, and only includes support for algorithms with no known vulnerabilities. TLS 1.3 encrypts more of the negotiation handshake to protect it from eavesdroppers, while at the same time shaving an entire round trip from the connection establishment process.

What is Web Acceleration?

The term "web acceleration" refers to the activity of increasing website and application performance. It utilizes variety of techniques such as caching and compression, in order to speed up the transfer of content between web servers and client browsers.

Learn more about how LiteSpeed accelerates the Internet

What is WordPress Nonce?

The word "nonce" is derived from the phrase "number used once," although that's not an entirely accurate way of describing them. Nonces are not really numbers, nor are they used only once. They're actually a hash made up of numbers and letters, and they can be used multiple times within their limited lifetimes.

Nonces make certain WordPress activities more secure. A nonce is generated for a particular user, and only that user is allowed access to it. After the nonce expires, it can no longer be used by anyone.

Nonces can be applied to all sorts of things, like form submissions and post previews.

Privacy Policy

Privacy Policy

LiteSpeed Technologies, Inc. (aka “LiteSpeed”) is committed to protecting your privacy. This policy ("Privacy Policy" or "Policy") explains our practices for our site, ("Site"). You can visit most pages of the Site without giving us any information about yourself, but sometimes we do need information to provide services that you request. By using this Site or any products or services provided through the Site, you expressly consent to the use and disclosure of information as described in this Privacy Policy.

LiteSpeed reserves the right to revise, modify, add, or remove provisions to this Privacy Policy at any time. If we make changes to this Privacy Policy, we will update the Effective Date to note the date of such changes. LiteSpeed encourages you to review this Privacy Policy periodically for any changes. IF YOU DO NOT AGREE WITH ANY OF THE TERMS BELOW, YOU SHOULD NOT USE THIS SITE OR THE PRODUCTS OR SERVICES OFFERED BY LITESPEED TECHNOLOGIES AT THIS SITE.

Collection of Information

Personal Information.

LiteSpeed will ask you for certain “Personal Information” when you complete registration or product information request forms on the Site, including but not limited to your name, address, telephone number, email address, and credit card information. You can always choose not to provide us with the requested information, however, you may not be able to complete the transaction or use our products or services if you do not provide the information requested.

Non-Personal Information.

LiteSpeed may collect non-personally identifiable information from you such as the type of browser you use, your operating system, the screen resolution of your browser, your ISP, your IP address, which pages you view on the Site and the time and duration of your visits to the Site (collectively, “Non-Personal Information”). LiteSpeed may associate Non-Personal Information with Personal Information if you register with the Site.

User Communications.

If you communicate with us, we may collect information relating to that communication whether it takes the form of email, fax, letter, forum posting, blog comments, testimonials or any other form of communication between you and LiteSpeed or Submitted by you to the Site (collectively, “User Communications”).

Server Information.

If you use one of our software products such as LiteSpeed Web Server or LiteSpeed Web ADC, we may collect certain information concerning such software and concerning the server upon which the software operates. This information includes: (a) the licensed or unlicensed status of the software; (b) the source from which the license for the software was obtained (i.e., LiteSpeed or a LiteSpeed affiliate); or (c) information about the server upon which the software is installed including (i) the public IP address, (ii) the operating system and (iii) the use of any virtualization technologies on such server ((a) through (c) collectively, “Server Information”). Additionally, “Server Information” may also include information collected from you by LiteSpeed in the event that you request technical support services including without limitation, IP addresses, usernames, and passwords necessary to login to SSH, the root directory of the server upon which you installed the LiteSpeed software and any affected accounts including email accounts, control panel accounts, MySQL accounts, CMS accounts and other accounts.

Use and Storage of Collected Information

LiteSpeed may use Personal Information to create and authenticate your account, to respond to your requests, to provide you with customer and technical support, or to provide you with information regarding our products, services, partners, and company. You may update your Personal Information with us at any time, but we may maintain records of any Personal Information you disclose to us indefinitely, unless otherwise requested as outlined below.

We may use User Communications in the same ways we use Personal Information. If you communicate with us for a particular purpose, we may use your User Communications for that purpose. For example, if you contact us for technical support, we may use your communications to provide technical support to you. We may maintain records of User Communications you transmit to us indefinitely, unless otherwise requested as outlined below.

LiteSpeed may use Non-Personal Information to maintain, evaluate, improve and provide our Site, the Services and any other LiteSpeed products and services. We may retain Non-Personal Information indefinitely.

We may use Server Information to provide you with technical support services and to maintain, evaluate, improve and provide LiteSpeed products and services. We may also use such information to investigate unlicensed (and therefore unauthorized) uses of our software. LiteSpeed may maintain Server Information indefinitely, with the exception of usernames, passwords, and other login information given in connection with support service requests. Such login information will be purged when the ticket is closed.

Disclosure of Collected Information

LiteSpeed will only disclose Personal Information to third parties if acting under a good faith belief that such action is necessary, including but not limited to: (a) to resolve disputes, investigate problems, or comply with laws or regulations; (b) to enforce our Terms of Service; (c) to protect and defend the rights, property, or safety of our company or our users; or (d) in the event of a merger, acquisition or sale of all or substantially all LiteSpeed assets. Other than this limited activity, we do not share, sell, or rent any personal information to third parties.

You will receive notice in the form of modifications to this Policy when information about you might go to third parties other than as described in this Policy, and you always have the opportunity to contact us as set forth below if you do not wish your information to go to third parties.

LiteSpeed cannot be responsible for protecting your information if you share such information in publicly available sections of the Site such as the user forums, blog comments, or testimonials section. You should use your own judgment in disclosing this information on the Site.

Use of Cookies

“Cookies” are small pieces of information that your browser stores on your computer on behalf of a website that you have visited. Cookies may be used in order to complete transactions on our site. You can always choose not to accept cookies with the settings of your web browser, however, you may not be able to complete these transactions if you do not accept cookies.

Security of Personal Information

We use reasonable security methods to protect your personal information from unauthorized access, use or disclosure. No data transmission over the Internet or any wireless network can be guaranteed to be perfectly secure. While we try to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.

LiteSpeed uses industry-standard SSL-encryption to protect sensitive data.

In the event that LiteSpeed becomes aware of a security breach, unauthorized disclosure or inadvertent disclosure concerning your information, you agree that LiteSpeed may notify you of such an event using the Personal Information previously provided.

You are responsible for maintaining your account’s security.

GDPR Notice and your Rights as Data Subject

For the purposes of the General Data Protection Regulation (the “GDPR”), in the European Union, LiteSpeed Technologies Inc. is a “data controller” of the Personal Information you provide to us for the primary purposes of providing you or your customers with our services.

For our customers and users in the European Union, by clicking the "I Accept" button or otherwise accepting the terms and conditions of our services through a clickable action or similar action, you hereby acknowledge, agree and unequivocally consent to the collection, processing, management, treatment, transfer and authorization of your Personal Information by LiteSpeed Technologies and/or its affiliates, clients, sub-processors and/or authorized third parties.

If you are a resident of Switzerland, the contact details for the data protection authorities are available here:

For European Union (EU) customers, please be reminded that the EU has not found the United States and some other countries to have an adequate level of protection of Personal Information under Article 45 of the GDPR.

The sections here below cover certain situations that you, as data subject, and we as a data controller, are most likely to encounter; but you should also carefully review the full list of data subject rights here:

  • Right to be Forgotten: You can request us to be “forgotten”; that is, to have your entire Personal Information removed from our service. If we are asked to do this, in accordance with Article 17 GDPR we will remove any Personal Information that we have collected from you as requester. We will also need to contact any third parties that process your Personal Information on our behalf, such as our cloud service providers using the adequate mechanisms. To ensure that any personal data in LiteSpeed Technologies’ possession can be removed in a timely manner, you can relay any request to be “forgotten” to us by submitting a request.
  • Right to Data Portability: In accordance with Article 20 GDPR our users located in the EU may request LiteSpeed Technologies to send them any Personal Information in our possession. In this case, we will provide you with any Personal Information that you have in a commonly used, machine-readable format.
  • Right to Data Access: As a data subject, in accordance with Article 15 GDPR you can ask LiteSpeed Technologies to confirm how and where your Personal Information is being stored and processed. You also have the right to know how such data is shared with third parties by us.
  • Right to Data Rectification: As a data subject, in accordance with Article 16 GDPR you have the right to obtain from LiteSpeed Technologies, without undue delay, the rectification of inaccurate Personal Information concerning you.
  • Right to be Informed: You have the right to be informed about the Personal Information we collect from you, and how we process it.
  • Right to Withdraw Consent: In accordance with Article 7(3) GDPR, you have the right to withdraw your consent given to us at any time.
  • Right to Object: In accordance with Article 18 GDPR you have the right to object to us processing your Personal Information for the following reasons:
    • Processing was not based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
    • Direct marketing (including profiling);
    • Processing for purposes of scientific/historical research and statistics; and
    • Rights in relation to automated decision-making and profiling.
  • Automated Individual Decision-Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
  • Right to Complain: You have the right to file a complaint with supervisory authorities if your information has not been processed in compliance with the GDPR. Furthermore, in accordance with Article 77 GDPR, if the supervisory authorities fail to address your complaint properly, you may have the right to a judicial remedy.

Privacy Requests

Lastly, you retain the right to access, amend, correct or delete your Personal Information where it is inaccurate at any time. To do so, please contact us as indicated in the Contact Us section. We reserve the right to charge a reasonable fee, as permitted by applicable laws and regulations, in order to comply with complex requests or repetitive requests from individual users.

Your privacy request must include, at the least, the following information: (i) your complete name, address and/or e-mail address in order for us to notify you of the response to your request; (ii) attached documents establishing your identity; and (iii) a clear and concise description of the Personal Information with regard to which you seek to enforce any of your privacy rights. If you request rectification, please indicate amendments to be made and attach documentation to back up your request.

Upon receipt of your privacy request, and after due review, we may then edit, deactivate and/or delete your Personal Information from our services for the maximum term allowed by the GDPR for each applicable case. In case of secure databases under our control where deletion is impossible, we will make such information permanently inaccessible.

Notice to California Residents

Pursuant to the California Consumer Privacy Act of 2018 (the “CCPA”), LiteSpeed Technologies and/or its affiliates, clients, sub-processors and/or authorized third parties hereto provide the following Privacy Policy notice regarding the categories of Personal Information that we may collect and/or disclose within the preceding twelve (12) months regarding California residents who are not employees, independent contractors, owners, directors, officers, or job applicants of LiteSpeed Technologies, or emergency contacts or benefits beneficiaries of the foregoing.

Thenceforth, the CCPA provides Californians with the following rights:

  • Requests for Information: you (or your authorized agent) can request a copy of your Personal Information, including how we have collected, used, and shared your Personal Information over the past 12 months (if any), including the categories of Personal Information we collected and our purposes for doing so; the categories of sources for that information; the categories of third parties with whom we shared it for a business purpose and our purposes for doing so.
  • Your Right to Notification: under the CCPA, we cannot collect new categories of Personal Information or use them for materially different purposes without first notifying you.
  • Nondiscrimination for exercising your CCPA Rights: the CCPA prohibits us from discriminating against you for exercising your rights under the law. Such discrimination may include denying services, charging different prices or rates for services, providing a different level or quality of services, or suggesting that you will receive a different level or quality of goods or services as a result of exercising your rights.
  • Your Right to Delete Personal Information: you can request that we delete your Personal Information by contacting us. You also can request that we delete specific information, and we will honor such requests, unless a due exception applies, such as when the information is necessary to complete a transaction, verify a fraud, review a chargeback or contract for which it was collected or when it is being used to detect, prevent, or investigate security incidents, comply with laws, identify and repair bugs or ensure another consumer’s ability to exercise their free speech rights or other rights provided by law.
    • Please take into consideration that we may deny your deletion request if retaining the Personal Information is necessary for us, our affiliates or our service providers in order to:

      • Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
      • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
      • Debug our products to identify and repair errors that impair existing intended functionality;
      • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
      • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);
      • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
      • Comply with a legal obligation that has substantive grounds;
      • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Overall, we have, may or will collect the following categories of Personal Information from our users, customers and individuals, as necessary to fulfill our legal obligations and operational business purposes:

  • Personal information (as defined in the California Customer Records Law), such as contact information;
  • Identifiers, such as online identifier, IP address and name;
  • Internet or network activity information, such as browsing history and interactions with our and other websites and systems;
  • Geo-localization data, such as device location and IP location;
  • Audio, electronic, visual and similar information, such as video recordings and multimedia content created in connection with our business activities; and
  • Inferences drawn from any of the Personal Information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics.

International Data Transfer Notice

LiteSpeed Technologies values your users’ privacy. Although our software does not directly collect any personally identifiable information from visitors to your site, LiteSpeed may still be considered a data processor in certain jurisdictions, as user information may be temporarily cached and/or logged, as outlined in this document.

We have our headquarters in the State of Pennsylvania, United States of America (USA). Henceforth, your Personal Information may be accessed by us or our affiliates, agents, partners and third-party service providers in the USA and our locations which may or may not be located in your country of residence, and you hereby consent to such access and transfer by simple disclosure.


LiteSpeed Web Server, OpenLiteSpeed, LiteSpeed Web ADC, and related software may record IP addresses as a part of normal logging. An access log and an error log may record visitor IP addresses and URL visited. The logs are stored locally on the system where LiteSpeed server software is installed and are not transferred to or accessed by LiteSpeed employees in any way, except as necessary in providing routine technical support if you request it. This logging may be turned off through configuration. It is up to individual server administrators to come up with their own schedule for removing such logs from the file system.

Cache Solutions

Our cache plugins potentially store a duplicate copy of every web page on display on your site. The pages are stored locally on the system where LiteSpeed server software is installed and are not transferred to or accessed by LiteSpeed employees in any way, except as necessary in providing routine technical support if you request it. All cache files are temporary, and may easily be purged before their natural expiration, if necessary, via a Purge All command. It is up to individual site administrators to come up with their own cache expiration rules.

LSCache for WordPress

In addition to caching, our WordPress plugin has an Image Optimization feature. When optimization is requested, images are transmitted to a remote LiteSpeed server, processed, and then transmitted back for use on your site. LiteSpeed keeps copies of optimized images for 7 days (in case of network stability issues) and then permanently deletes them.

Similarly, the WordPress plugin has a Reporting feature whereby a site owner can transmit an environment report to our server so that we may better provide technical support.

Neither of these features collects any visitor data. Only server and site data is involved.

Support Services

Sometimes, when you request technical support, LiteSpeed may ask for login credentials to various areas of your site. You may refuse to share such credentials, however refusal may impact LiteSpeed’s ability to provide the requested support services.

Upon completion of a support ticket, LiteSpeed immediately deletes all login credentials you may have shared.

Any user data encountered by LiteSpeed is kept strictly confidential. We never provide your support ticket information to any third party without your explicit consent.

Contact Us

If you would like to update information that you have voluntarily provided to us, stop receiving information from us, or exercise any of the rights granted to you under Privacy Laws, including the EU’s General Data Protection Regulation, please e-mail