LiteSpeed Web Server
Release Log

This is archived release log for LiteSpeed Web Server. We actively maintain LiteSpeed Web Server and constantly update with new features and bug fixes.

Click here for latest LSWS release log

LSWS 5.1.17(6-28-2017)Feature Enhancements & Bug Fixes

  • NEW FEATURE Added fine grain control of cache, esi, and crawler features at the vhost level.
  • BUGFIX Fixed UserDir function broken due to a recent cPanel template change.
  • BUGFIX Fixed DirectoryIndex configuration broken due to a recent Plesk Onyx 17.5 template change.
  • BUGFIX Fixed a few bugs in the mod_security engine.

LSWS 5.1.16(6-2-2017)Security & Bug Fixes

  • SECURITY Fixed a bug in the auto index script.
  • INTEGRATION Updated CloudLinux LVE limit for WebAdmin Console users to get around 503 errors caused by CloudLinux kernel changes.
  • BUGFIX Fixed mod_security @rbl and skipAfter breaking with certain chained rules.
  • BUGFIX Fixed a bug in chunk input stream used by POST requests.

LSWS 5.1.15(4-11-2017)Feature Enhancements & Bug Fixes

  • SECURITY Fixed an XSS attack vulnerability in the WebAdmin error log viewer.
  • IMPROVEMENT Improved mod_security engine with better support for file inspection at the response header phase.
  • BUGFIX Fixed a bug in HTTP/2 that caused random protocol errors.
  • BUGFIX Fixed a bug in the cache engine that caused the wrong cache root to be used in shared hosting environments.
  • BUGFIX Fixed a compatibility issue with cPanel v64 subdomain redirects.
  • BUGFIX Fixed a bug that caused missing "PATH" environment for PHP processes started via PHP suEXEC.
  • BUGFIX Fixed a bug in the cache engine where partial responses could be cached with a 206 status code.

LSWS 5.1.14(3-22-2017)Feature Enhancements & Bug Fixes

  • NEW FEATURE Added support for the 444 status code, which can be used to defend against DoS attacks by immediately closing the connection.
  • IMPROVEMENT A 403 response is now used for directory auto indexing, when the server is denied access to a directory.
  • BUGFIX Fixed a bug that caused service interruptions during graceful restarts.

LSWS 5.1.13(2-17-2017)SECURITY Updates

  • SECURITY Protected against focused DDos attacks detected on 02/17/17.

LSWS 5.1.12(1-25-2017) Feature Enhancements, Security Updates, & Bug fixes

  • SECURITY Removed DES-CBC3-SHA from default cipher suite to avoid failing current PCI scan.
  • IMPROVEMENT Improved mod_security log messages to use variable values.
  • IMPROVEMENT New WHM plugin icon set.
  • BUGFIX Fixed uneven load distribution problem with round-robin load balancing.
  • BUGFIX Worked around issues that broke Web Cache Manager WordPress scan for certain sites.
  • BUGFIX Fixed a bug that broke rewrite rule inheritance.
  • BUGFIX Fixed a problem with Plesk roundcube email access.
  • BUGFIX Improved server stability with minor bug fixes.

LSWS 5.1.11(12-15-2016)Major Feature Enhancements, Bug Fixes

  • BUGFIX Fixed an issue where cPanel killed LiteSpeed when applying configuration changes, such as adding an add-on domain or sub domain.
  • BUGFIX Fixed an issue with DirectAdmin running suEXEC CGI under a directory.
  • BUGFIX Fixed a bug that clears WordPress theme configuration when enabling/disabling the LSCache plugin via the Web Cache Manager.
  • IMPROVEMENT Improved the LSCache engine regarding cache vary and stale purge.
  • NEW FEATURE Added support for CloudLinux ruby/python selector.

LSWS 5.1.10(11-7-2016)Major Feature Enhancements, Bug Fixes

  • MAJOR IMPROVEMENT Improved LiteMage first page load speed for new visitors by avoiding going through the backend.
  • IMPROVEMENT Improved cache purging capability: private cache entries can now be purged with public tags and multiple cache purge response headers are accepted.
  • IMPROVEMENT Improved PHP suEXEC setup when used with control panels, defaults to Process Group mode with fine-tuned process keepalive timeout, Auto Start in CGI deamon Async mode.
  • IMPROVEMENT Improved WebCache Manager to scan WordPress installations faster and more accurately.
  • BUGFIX Improved server stability with minor bug fixes.

LSWS 5.1.9(9-28-2016)Feature Enhancements, Bug Fixes

  • SECURITY Updated bundled OpenSSL to 1.0.2j to address CVE-2016-6304 and a few other minor vulnerabilities.
  • IMPROVEMENT WHM WordPress Cache Manager has been improved.
  • BUGFIX Fixed a bug that broke remote LSPHP external application configurations.
  • BUGFIX Fixed a SHM bug that caused the server to crash.

LSWS 5.1.8(9-14-2016)Feature Enhancements, Bug Fixes

  • NEW FEATURE Added a cache object tracker that can timely remove expired cache objects, keeping statistics accurate.
  • NEW FEATURE Added Etag support for cached objects. 304 is returned if the object has not been updated.
  • NEW FEATURE Added support for HTTP/2 with front-end SSL off-loading proxy using HAProxy.
  • IMPROVEMENT WordPress Cache Manager for WHM has been improved.
  • BUGFIX Fixed issues with cPanel EA4 integration.
  • BUGFIX Fixed a bug where "no-cache" being set via a rewrite rule did not stop the page from being served from cache.
  • BUGFIX Fixed a bug in DirectAdmin integration where incorrect server variables were used for PHP suEXEC.
  • BUGFIX Fixed a crash during OCSP responder querying.

LSWS 5.1.7(7-18-2016) Feature Enhancements, Security Updates, & Bug fixes

  • SECURITY Automatically block HTTPOXY attacks with no configuration needed.
  • NEW FEATURE Added authentication realm protection for real-time status report's direct query interface.
  • NEW FEATURE Added CloudLinux mod_proctitle style output in real-time status report.
  • IMPROVEMENT Fixed SSL OCSP stapling for Apache vhosts using CA certificates configured by SSLCACertificateFile to verify the OCSP response.
  • IMPROVEMENT Updated the default configuration for cPanel installations to make them compatible with EA4 and CloudLinux PHP selector.
  • IMPROVEMENT Updated Plesk default configuration to use pre-built lsphp binaries.
  • BUGFIX Fixed a bug caused by MMAPed file being truncated that resulted in crashing.
  • BUGFIX Fixed a bug in serving compressed ESI objects from cache.
  • BUGFIX Fixed a bug in SSI engine that caused SSI scripts to hang.
  • BUGFIX Fixed a bug where cache would not follow cache-vary updates through rewrite rules.
  • BUGFIX Fixed a bug that caused crashing when serving requests from LiteMage Cache.
  • BUGFIX Fixed a bug in serving cached objects compressed with the DEFLATE method.

LSWS 5.1.6(6-8-2016)Bug fixes

  • Fixed a bug in mod_security engine that returned "100 continue" code for rules including the "allow" action.
  • Fixed over-sensitive assertions that caused the server to abort.
  • Fixed a bug in OpenSSL 1.0.2h that caused server crashes.
  • Fixed a bug in Server Side Include engine that caused some SSI scripts to hang.
  • Fixed a bug in HTTP/2 that caused some virtual streams to hang under high traffic.
  • Fixed a bug in SPDY that caused trouble for safari 8.

LSWS 5.1.5(5-21-2016)Feature enhancements and bug fixes

  • NEW FEATURE LiteMage cache data is now stored in a pre-compressed format to save disk space.
  • NEW FEATURE WordPress cache WHM integration for more easily enabling/disabling caching for WordPress installations at the server level.
  • MAJOR IMPROVEMENT Improved scalability of per-user cache storage in shared hosting environments.
  • Updated openssl to 1.0.2h.
  • Included other minor bug fixes from the 5.0.x branch.

LSWS 5.1.4(3-1-2016)Feature enhancements and bug fixes

  • NEW FEATURE detect and block abusive server IPs through proxy/CDN, added vhost level configuration to adjust connection hard limits.
  • Improved HTTP/2 streams priority implementation to avoid head-of-line blocking.
  • Improved handling of regular cache-control response header to enable cache if response is public cacheable.
  • Improved vhost cache root configuration by allowing vhost level variables: $vh_name, $vh_domain and $vh_user.
  • Fixed bug that prevents Vhost cache root from being cleaned automatically.

LSWS 5.1.3(2-11-2016)Feature enhancements and bug fixes

  • NEW FEATURE Added support for the lsc-cookie response header which can be used to cache "Set-Cookie" headers.
  • NEW FEATURE Added an Apache style "CacheLookup" directive which only turns on cache lookup.
  • Improved mod_security audit log format to make it compatible with cPanel "ModSecurity Tools".
  • Improved handling of "Range" requests. LSWS now sends back a 304 response if conditions are met.
  • Fixed an Apache compatibility problem where global level contexts were not properly applied to vhosts.
  • Re-added the "Connection: keep-alive" response header to satisfy online testing tools.
  • Fixed a bug in "Digest" authentication implementation.
  • Fixed reported server crashes.

LSWS 5.1.2(1-28-2016)Feature enhancements and bug fixes

  • SECURITY Updated bundled OpenSSL lib to 1.0.2f to address the concern of CVE-2016-0701, older version is not vulnerable as SSL_OP_SINGLE_DH_USE was turned on.
  • Improved compatibility with cPanel + centos 7 setup, preventing Apache from being started by cPanel.

LSWS 5.1.1(1-18-2016)Feature enhancements and bug fixes

  • SECURITY Fixed a bug reported by Netsparker that allowed request header injection when mod_userdir was enabled.
  • Cleaned up HTTP/2 NPN/ALPN strings which now only use the "h2" signature.
  • Fixed all reported bugs that cause crashes.

LSWS 5.1(1-13-2016)Feature enhancements and bug fixes

  • Updated mod_security engine with support for @rbl and @inspectfile operators.
  • Improved mod_security engine performance.
  • Added SSL OCSP Stapling support through Apache httpd.conf.
  • Added shared SSL Session Cache and SSL Ticket synchronization.
  • Added multi-certificate support for using RSA, DSA, and ECC certificates simultaneously for the same domain.
  • Fixed systemd issue affecting server deployment and hosting control panels on centos7.

LSWS 5.1RC3(1-5-2016)Feature enhancements and bug fixes

  • Improved mod_security engine performance.
  • Improved server stability.
  • Included all applicable enhancements and bug fixes from 5.0.x release branch.

LSWS 5.1RC2(11-10-2015)Feature enhancements and bug fixes

  • Added SSL OCSP Stapling support through Apache httpd.conf.
  • Added shared SSL Session Cache and SSL Ticket synchronization.
  • Added Multi-Certificate support for using RSA, DSA, and ECC certificates simultaneously for the same domain.
  • BUGFIXes and improvements to mod_security engine.

LSWS 5.1RC1(10-13-2015)Major feature enhancements

  • Completely reworked request processing flow to allow pausing/resuming at different stages.
  • Updated mod_security engine with support for @rbl and @inspectfile operators.

LSWS 5.0.19 (7-18-2016) Feature Enhancements, Security Updates, & Bug fixes

  • SECURITY Automatically block HTTPOXY attacks with no configuration needed.
  • NEW FEATURE Added authentication realm protection for real-time status report's direct query interface.
  • NEW FEATURE Added CloudLinux mod_proctitle style output in real-time status report.
  • IMPROVEMENT Updated the default configuration for cPanel installations to make them compatible with EA4 and CloudLinux PHP selector.
  • IMPROVEMENT Updated Plesk default configuration to use pre-built lsphp binaries.
  • BUGFIX Fixed a bug in serving compressed ESI objects from cache.
  • BUGFIX Fixed a bug in SSI engine that caused SSI scripts to hang.
  • BUGFIX Fixed a bug where cache would not follow cache-vary updates through rewrite rules.
  • BUGFIX Fixed a bug that caused crashing when serving requests from LiteMage Cache.
  • BUGFIX Fixed a bug in serving cached objects compressed with the DEFLATE method.

LSWS 5.0.18 (6-8-2016) Bug fixes

  • Fixed a bug in OpenSSL 1.0.2h that caused server crashes.
  • Fixed a bug in Server Side Include engine that caused some SSI scripts to hang.
  • Fixed a bug in HTTP/2 that caused some virtual streams to hang under high traffic.
  • Fixed a bug in SPDY that caused trouble for safari 8.

LSWS 5.0.17 (5-10-2016) Feature enhancements and bug fixes

  • Added support for serving pre-compressed LiteMage pages.
  • Added Apache style configuration directive ‘HtaccessCacheTimeout’ to control how often .htaccess is checked for updates.
  • Updated openssl to 1.0.2h.
  • Fixed a bug causing file descriptor leaks when cache objects are updated.
  • Fixed a bug where configuration broke PHP configuration override in .htaccess.
  • Fixed a LiteMage private session bug that broke some test cases in Magento's performance test suite.

LSWS 5.0.16 (4-20-2016) Feature enhancements and bug fixes

  • Added logging and importing of cache purge events to restore SHM-based cache manager.
  • Fixed a bug in HTTP/2 that caused inaccurate count of active streams.
  • Fixed a bug in mod_security engine where a "drop" action could block a trusted IP.
  • Improved OCSP stapling error handling to avoid repeat error messages.
  • Fixed a bug that caused memory corruption.

LSWS 5.0.15 (3-24-2016) Feature enhancements and bug fixes

  • Fine-tuned the default cache policy to allow caching for requests with query string and cookie.
  • Set the “LSCACHE_VARY” environment variable for the backend when cache vary was set by rewrite rules. This is to work around cache vary problems when multiple web applications run under one domain.
  • Fixed a bug where server level cache policy was ignored when server level cache root was not set.
  • Fixed a bug that caused the auto-index script to run as the “webapps” user for DirectAdmin, which caused a failure to index the directory due to permission denied.

LSWS 5.0.14 (3-1-2016) Feature enhancements and bug fixes

  • NEW FEATURE detect and block abusive server IPs through proxy/CDN, added vhost level configuration to adjust connection hard limits.
  • Improved HTTP/2 streams priority implementation to avoid head-of-line blocking.
  • Improved handling of regular cache-control response header to enable cache if response is public cacheable.
  • Improved vhost cache root configuration by allowing vhost level variables: $vh_name, $vh_domain and $vh_user.
  • Fixed bug that prevents Vhost cache root from being cleaned automatically.
  • Fixed a bug in mod_security engine.

LSWS 5.0.13 (2-11-2016) Feature enhancements and bug fixes

  • NEW FEATURE Added support for the lsc-cookie response header which can be used to cache "Set-Cookie" headers.
  • NEW FEATURE Added an Apache style "CacheLookup" directive which only turns on cache lookup.
  • Improved mod_security audit log format to make it compatible with cPanel "ModSecurity Tools".
  • Improved handling of "Range" requests. LSWS now sends back a 304 response if conditions are met.
  • Fixed an Apache compatibility problem where global level contexts were not properly applied to vhosts.
  • Re-added the "Connection: keep-alive" response header to satisfy online testing tools.
  • Fixed a bug in "Digest" authentication implementation.

LSWS 5.0.12 (1-28-2016) Feature enhancements and bug fixes

  • SECURITY Updated bundled OpenSSL lib to 1.0.2f to address the concern of CVE-2016-0701, older version is not vulnerable as SSL_OP_SINGLE_DH_USE was turned on.
  • Improved compatibility with cPanel + centos 7 setup, preventing Apache from being started by cPanel.

LSWS 5.0.11 (1-18-2016) Feature enhancements and bug fixes

  • SECURITY Fixed a bug reported by Netsparker that allowed request header injection when mod_userdir was enabled.
  • Improved handling of REFRESH cached page requests from LiteMage crawler.
  • Improved handling of requests from googlebot crawling LiteMage cached pages to reduce server load.
  • Cleaned up HTTP/2 NPN/ALPN strings which now only use the "h2" signature.
  • Fixed a systemd issue affecting server deployment and hosting control panels on centos7.

LSWS 5.0.10 (12-24-2015) Feature enhancements and bug fixes

  • Added support for the LSCache plugin for WordPress.
  • Added support for the 308 status code.
  • Fixed a bug that returned status code 200 for PHP-based custom error pages.
  • Fixed a bug that caused incorrect ownership of the access log file of an Apache vhost when "Just In Time Config" was enabled.
  • Fixed a bug that caused a "net::ERR_INCOMPLETE_CHUNKED_ENCODING" error in Chrome.

LSWS 5.0.9 (12-1-2015) Feature enhancements and bug fixes

  • Added new cache policy configurations for LSCache to enable cache lookup while Public/Private Cache is disabled.
  • Improved mod_security engine to avoid blocking the server process.
  • Fixed a bug introduced in 5.0.8 that broke Apache SSL vhost SNI.

LSWS 5.0.8 (11-12-2015) Feature enhancements and bug fixes

  • Improved Apache configuration parser with faster parsing speed and lowered memory usage.
  • Added CHACHA SSL cipher support.
  • Fixed vhost level chroot feature.
  • Fixed missing Etag header in 304 response.
  • Minor bug fixes in mod_security engine.

LSWS 5.0.7 (10-6-2015) Feature improvements and bug fixes

  • Improved LSCache to allow adding cache-vary values with a rewrite rule.
  • Improved ESI subrequest implementation.
  • Added SIGBUS handler for SIGBUS being triggered during the saving of a response body to cache (running out of disk space).
  • Fixed bug in Litemage ESI implementation that prevented cache-vary on cookie from working properly.
  • Fixed bug in mod_security engine that broke the @contains operator.

LSWS 5.0.6 (9-23-2015) Feature improvements and bug fixes

  • HTTP/2 implementation improved to be more strictly compliant with RFC 7540.
  • "DisablePhpOverride", an Apache configuration directive, added to turn off PHP configuration override in .htaccess.
  • Max size of page cache objects increased to 10MB.
  • Minor bug fixes.

LSWS 5.0.5 (8-17-2015) Feature improvements and bug fixes

  • Enhancement: Reduced usage of file backed MMAP I/O for buffering large request and response bodies.
  • Enhancement: Added support for alternative ESI syntax as a work around for issues in LiteMage.
  • Fixed a bug that introduced unnecessary disk I/O synchronization when saving large response bodies to page cache.
  • Fixed a bug causing performance issues during a graceful restart.
  • Fixed two bugs in the Server Side Includes engine, one causing missing included content, and the other causing failure to execute CGI.
  • Other minor bug fixes.

LSWS 5.0.4 (8-5-2015) Feature improvements and bug fixes

  • Added Cache Purge-by-URL through a special response header.
  • Improved mod_security engine to have clear separation of rules belonging to different processing phases. Added support for "GEO:XXXX" collection.
  • Improved Page Cache engine to correctly process and cache ESI injected AJAX responses. (used by LiteMage)
  • Fixed bug in Server Side Includes engine that did not set original "QUERY_STRING" environment for the "exec cgi" directive.
  • Fixed Max dynamic response body size limit, was previously ignored causing a server crash when running out of memory.
  • Changed initial max size limit of .htaccess from 10MB to 2MB to avoid blockage when processing large .htaccess files.

LSWS 5.0.3 (7-22-2015) Feature improvements and bug fixes

  • Improved Client IP address updating for CloudFlare proxied requests. Now using "CF-Connecting-IP" header instead of "X-Forwarded-For".
  • Improved LiteMage Cache with automatic cache root directory clean up.
  • Fixed a regression in rewrite engine that broke some existing rewrite rules when upgrading from LSWS 4.2.x.
  • Fixed bug in processing Apache httpd configuration that prevented context defined at server level from being effective for virtual hosts.
  • Fixed bug in HTTP Range request processing.
  • Added a SIGBUS signal handler to catch and fail affected requests gracefully.

LSWS 5.0.2 (7-9-2015) Feature improvements and bug fixes

  • Updated OpenSSL to 1.0.2d to address (CVE-2015-1793).
  • Improved HTTP/2 implemenation.
  • Improved mod_security engine to work better with OWASP core rule set.
  • Improved compatibility with Plesk 12 control panel.
  • Fixed a bug in Rewrite engine that may trigger 503 errors by cPanel autoconfig/autodiscover feature.

LSWS 5.0.1 (6-26-2015) Feature improvements and bug fixes

  • Added PHP7 support for PHP suEXEC.
  • Updated OpenSSL to 1.0.2c.
  • Fixed various HTTP/2 and SPDY related bugs.
  • Fixed various broken internal features: internal redirect, CloudLinux LVE, cache handler, etc.
  • Fixed a few LiteMage related issues.

LSWS 5.0 (4-17-2015) Major feature enhancements

  • HTTP/2 support.
  • SPDY/2, 3, and 3.1 support.
  • ESI and LiteMage Cache support.
  • Virtual host-level bandwidth throttling with mod_bw compatibility.
  • WebSocket proxy functionality.
  • CPU Affinity setting.
  • Extra build numbers added onto version numbers and supported through lsup command.

LSWS 5.0 RC3 (3-11-2015) HTTP/2 support, feature improvements, and bug fixes

  • Added HTTP/2 draft 14-17 implementation.
  • ESI engine and LSCache improved to better support partial page caching.
  • Fixed a bug in bandwidth throttling.
  • All improvements and bugs fixed in 4.2.15-4.2.21 releases.

LSWS 5.0 RC2 (9-23-2014) Virtual host-level bandwidth throttling, improved stability, and bug fixes

  • Added virtual host-level bandwidth throttling.
  • Improved stability of ESI and SPDY implementation
  • Fixed a bug that turns off gzip compression for FireFox when SPDY is in use.
  • All bugs fixed in 4.2.8-4.2.15 releases.

LSWS 5.0 RC1 (2-18-2014) Major feature enhancements

  • Added SPDY/2, 3, and 3.1 support.
  • Added ESI support.
  • Added WebSocket proxy functionality.
  • Added CPU Affinity setting.

LSWS 4.2.24 (7-9-2015) Feature improvements and bug fixes

  • Updated OpenSSL to 1.0.1p to address (CVE-2015-1793).
  • Improved mod_security engine to work better with OWASP core rule set.
  • Improved compatibility with Plesk 12 control panel.
  • Fixed a bug in Rewrite engine that may trigger 503 errors by cPanel autoconfig/autodiscover feature.

LSWS 4.2.23 (4-17-2015) Feature improvements and bug fixes

  • NEW FEATURE Added support for Apache directive Allow/Deny env=!env-variable.
  • Improvement: mod_security audit logging can log request body now.
  • BUGFIX: Changes in SSL renegotiation protection broke HTTPS proxy backend.
  • BUGFIX: Autoindex script used wrong encoding for "&" character in directory name.

LSWS 4.2.22 (3-17-2015) Feature improvements and bug fixes

  • Improvement: Added option to select default DH Key size to avoid SSL handshake error with older Java clients.
  • Improvement: Apache configuration compatibility with SuexecUserGroup and SSLInsecureRenegotiation directives.
  • Improvement: Avoid parsing bad shtml files that can cause server memory problem.
  • BUGFIX: <DirectoryMatch...> causes PHP suEXEC malfunction.
  • BUGFIX: Slow memory leak in mod_security engine.
  • BUGFIX: Crash caused by long variable value in mod_security engine.
  • Other minor improvements and bug fixes.

LSWS 4.2.21 (1-15-2015) Feature improvement and bug fixes

  • Improved DirectAdmin compatibility — added ability to change user ID inside context of Apache configuration.
  • Fixed bugs in Server Side Include engine.
  • Fixed a bug causing Apache Header directive to not work properly when used inside a directive.
  • Fixed a bug in HTTP authentication using Apache htpasswd generated password hash.
  • Fixed a bug in handling MIME-type strings with upper-case letters.
  • Fixed a bug in AIO logging causing an infinity loop.
  • Fixed a bug in Aho-Corasick string search implementation.

LSWS 4.2.20 (12-19-2014) Feature improvement and bug fixes

  • NEW FEATURE Automatically redirect to HTTPS if a HTTPS port is accessed as HTTP.
  • Fixed a bug in Apache configuration parsing that disables mod_security engine.
  • Fixed Apache httpd wrapper script bug that causes problem with cPanel 11.46 mod_security Tools.
  • Fixed a bug that creates swap directory with wrong permission mask.
  • Fixed a bug that causes trouble for serving cached gzipped content to Facebook Crawler.

LSWS 4.2.19 (11-12-2014) Improvements for high I/O wait and bug fixes

  • NEW FEATUREs to improve server performance when I/O wait is high: asynchronous logging mode and start external process in asynchronous mode through CGI daemon.
  • Improved mod_security engine to allow using variables in depricatevar and expirevar actions.
  • Fixed a bug in HTTPS proxy that causes 503 errors.
  • Fixed a bug that causes GZIP compression not to be used for certain dynamic pages.
  • Fixed a bug in parsing CacheEnable/CacheDisable directives.

LSWS 4.2.18 (10-15-2014) SECURITY update and minor improvements and bug fixes

  • Upgraded OpenSSL to 1.0.1j to address vulnerabilities in 1.0.1i.
  • SSLv3 turned off by default for HTTPS virtual hosts.
  • Improved bandwidth logging by combining write() system calls.
  • Improved autoindexing script.
  • Fixed systemd unit description script.
  • Fixed minor bug in mod_security engine.

LSWS 4.2.17 (10-3-2014) Bug fixes

  • Added more CGI environment variables for SSL Client authentication.
  • Fixed a bug that breaks "Require user user1 user2" Apache directive.
  • Fixed a bug causing 403 error for Server Side Include pages.
  • Fixed a bug causing issues when one user misses a </limit> tag in one .htaccess file.
  • Fixed a bug causing Smart Keep-Alive feature to not work for js files with MIME type application/javascript.
  • Fixed a bug in MP4 random seek.
  • Removed an OpenSSL patch which broke SSL handshake with some clients.

LSWS 4.2.16 (9-25-2014) SECURITY patch

  • Addresses Shellshock Bash vulnerability (CVE-2014-6271 and CVE-2014-7169).

LSWS 4.2.15 (9-23-2014) Improved efficiency and bug fixes

  • Improved Apache configuration parsing speed and memory efficiency.
  • Default SSL cipher list has been tuned to score an "A" on online SSL tests.
  • Added suffix 'php6' to available PHP suEXEC suffixes.
  • Fixed a bug in OCSP stapling result verification.
  • Fixed a bug in HTTP range request handling.
  • Minor bug fixes and fine tunings.

LSWS 4.2.14 (8-6-2014) Bug fixes

  • Improvement: Added support for Apache mod_env and mod_setenvif.
  • BUGFIX: Fixed bug causing cPanel account suspension to erroneously apply to accounts partially matching suspended account name.

LSWS 4.2.13 (7-28-2014) Feature enhancements and bug fix

  • Improvement: Rewrite engine can add a local proxy target automatically if called for in rewrite rules. Node.js hosting on a local server no longer requires manual set up.
  • Improvement: LiteSpeed-specific LSPHP_MaxWaitQ directive added. Specifies PHP external application wait queue limit. Exceeding this limit triggers a 508 "Resource Limit Has Been Reached" error.
  • Improvement: IndexIgnore directive for directory autoindexing is now supported.
  • Improvement: "SetEnv PHPRC=<path_to_php_runtime_config>" can be used to customize php.ini path in Apache vhost configuration files.
  • Improvement: Fixed issues with mod_userdir caused by cPanel 11.44.
  • BUGFIX: Fixed mod_security bug that caused server crash.

LSWS 4.2.12 (6-9-2014) SECURITY update with feature enhancements and bug fixes

  • SECURITY: Updated statically linked OpenSSL library to 1.0.1h to address newly discovered vulnerability in OpenSSL 1.0.1g.
  • Improved LSCache module: Cache storage directory can be set at vhost level.
  • Improved compatibility with Apache configuration when Include directive is used inside a <Files...> or <Location...> context.
  • Improved static file handling in NFS to avoid trouble caused by silly rename.
  • Improved HTTPS proxy with client SNI support.
  • Fixed a bug causing a slow memory leak.
  • Fixed a bug in the mod_security engine ipMatchFromFile directive. Comments in IP list configuration file are ignored now.
  • Fixed a bug in tracking children processes in FreeBSD when "start through CGI daemon" is used.
  • Fixed a bug in HTTPS proxy which failed to properly handle HTTP/1.0 style connection close to end a response.
  • Other minor bug fixes based on isolated bug reports.

LSWS 4.2.11 (5-13-2014) Bug fixes

  • Fixed a bug with HTTP proxying introduced in 4.2.10 while adding support for HTTPS targets.
  • Fixed a bug with Apache AddType directive introduced in 4.2.10.
  • Fixed a bug with processing of Apache <IfDefine ...> tag.
  • Workaround added for FreeBSD security feature that prevented LSWS server process from checking status of PHP processes when sysctrl security.bsd.see_other_uids was turned off.

LSWS 4.2.10 (5-5-2014) Feature enhancements and bug fixes

  • NEW FEATURE Added support for HTTPS proxy backend. (cPanel proxy subdomains over HTTPS work.)
  • NEW FEATURE Added logic to tolerate missing "-" at the beginning or ending of an SSL certificate and key file.
  • NEW FEATURE Added logic to escape special characters in access log following Apache's method.
  • NEW FEATURE Added support for <IfDefined> context in Apache httpd.conf.
  • Improved detection of HTTPS request to an HTTP port. Reduces blocking due to "Bad Request".
  • Fixed bug: Running LiteSpeed process could not apply new expiration date for an updated license key.
  • Fixed bug: Apache and LiteSpeed have different values for SERVER_PORT behind an HTTP proxy.
  • Fixed bug: Block Bad Request setting could not be turned off from WebAdmin console.

LSWS 4.2.9 (4-8-2014) Critical security patch

  • SECURITY patch to fix OpenSSL Heartbleed bug.

LSWS 4.2.8 (3-28-2014) Feature enhancements and minor bug fixes

  • Added IP-based licensing.
  • Added ability to purchase LiteSpeed Cache as an add-on. (Coming soon!)
  • Enhanced "external application no abort" feature to allow uninterrupted PHP script execution during server restarts.
  • Updated default error template.
  • Fixed minor bugs in rewrite engine.
  • Fixed bug: Expires headers could not be added to dynamic response.

LSWS 4.2.7 (1-24-2014) Feature enhancements

  • Allow root owned file in PHP suEXEC mode.
  • Improved mod_security compatibility.
  • Enabled custom php.ini via PP_CUSTOM_PHP_INI environment variable (used in Plesk PHP-FPM Apache configuration).
  • Added support for VH_USER variable in external application environment variable configuration.
  • Apache binary wrapper will remove itself if LSWS is uninstalled.
  • Improved SSI engine.
  • Minor Apache .htaccess compatibility fixes.

LSWS 4.2.6 (11-22-2013) Feature enhancement and minor bug fixes

  • Improved handling of resource limits to avoid generating 508 error pages when possible. After resource limits have been reached, requests will instead be re-queued until resources become available.
  • Fixed bug: Failure to detect all IPv6 addresses.
  • Fixed bug: Multiple <Files ...> <FilesMatch ...> directives in different .htaccess files along a path were processed in the wrong order.
  • Fixed bug: Server crash when an .htaccess file has been updated while it is still referenced by a long running request.
  • Fixed bug: suEXEC ProcessGroup mode set at the virtual host level fails to override server level suEXEC Daemon mode.

LSWS 4.2.5 (10-30-2013) Major feature enhancements and minor bug fixes

  • Added just in time Apache vhost configuration to improve server startup speed.
  • Major improvements and bug fixes and in mod_security engine: added more transform functions, better variable collection handling, added IP match operators, added MATCHED_VARS support.
  • Added new PHP suEXEC ProcessGroup mode to create per-account process groups using the LiteSpeed-specific Apache-style directives "LSPHP_ProcessGroup" and "LSPHP_Workers". It is PHP selector-compatible and opcode caching friendly.
  • Improved CloundLinux compatibility — return 508 error page when resource limit has been reached.
  • Rack/Rails: added per-application environment configurations for Rack/Rails context to better support RVM gemset setup.
  • Bundled OpenSSL library has been upgraded to 1.0.1e with support for TLSv1.1 & TLSv1.2 ciphers.
  • Automatically detect and skip very large .htaccess file that can stall server processes.
  • Enabled skipping "File Not Found" logging in error log via rewrite environment variable "dontlog".
  • Added support for "Charset" in Content-Type header for autoindex pages.
  • Fixed bug in handling symbolic race condition when "Strict File Ownership" (equivalent to CloudLinux SecureLink) is enabled. (Special thanks to Rack911.)
  • Fixed bug allowing create/overwrite arbitrary file as root user via crafted symbolic link. (Special thanks to Rack911.)
  • Fixed bug in handling IPv6 address used in Apache httpd.conf.
  • Fixed bug in SSI engine causing LAST_MODIFIED variable to use wrong timestamp.
  • Fixed bug in rewrite engine with URL encoding.

LSWS 4.2.4 (8-6-2013) Major feature enhancements and minor bug fixes

  • Added Python WSGI support (Apache mod_wsgi equivalent).
  • LSWS will now switch back to Apache automatically when license expires.
  • Added OCSP stapling support for SSL.
  • Added a feature that moves realtime status reports to the RAM disk to avoid blocking lshttpd process in high I/O wait situations.
  • Automatically restart PHP suEXEC daemon if killed or crashed to avoid 503 errors.
  • OpenSSL AESNI hardware acceleration enabled for x86_64-Linux platform.
  • LSAPI STDERR logging is now disabled when STDERR logging is disabled in configuration.
  • Improved Redirect directive processing to make "Redirect 301/..." work in sub-directory .htaccess files.
  • Fixed a bug causing authentication failure when password is blank.
  • Fixed a bug in IPv4 Access Control configuration causing the smaller subnet to overshadow the larger subnet when two subnets overlapped.
  • Fixed a bug in STDERR logging, which may cause interlocking between lscgid and lshttpd worker processes.
  • Fixed a bug causing MIME types such as "text/css; charset=..." to not be gzipped when GZIP is enabled for "text/*".
  • Fixed a bug in SecRuleRemoveById directive.
  • Fixed a bug in mod_security engine when handling collections directives.
  • Fixed a bug in graceful restarting with over 1000 listeners.
  • Fixed a bug causing log rotation not to be disabled when rotating limit is set to 0.

LSWS 4.2.3 (5-22-2013) Feature enhancements and minor bug fixes

  • Added setting to hide the LiteSpeed signature in the default error pages.
  • Added ability to use sendfile() to send back dynamic responses.
  • Updated in-GUI settings explanations.
  • Added option (External Application Abort) to stop the server from aborting external application processes even when the client connection has been broken.
  • Added PHP suEXEC daemon ability to kill runaway child processes.
  • Reserved connections for the WebAdmin console to ensure accessibility regardless of the current number of connections.
  • Added CGI daemon ability to log processes killed by signals to stderr.
  • Fixed FileETag directive and rewrite rule incompatibility.
  • Fixed FreeBSD realtime stats error.
  • Updated PHP build utility to support up to PHP 5.3.25 and 5.4.15.
  • Discontinued support for Solaris SPARC.

LSWS 4.2.2 (1-30-2013) Feature enhancements and minor bug fixes

  • Added HTTP "PATCH" method support.
  • FileEtag directives have been fully supported.
  • Added "Cache-Control:no-cache, no-store, must-revalidate" response header to 302 response.
  • Improved Ruby Rack/Rails support along with new ruby-lsapi 4.1. "RewindableInput" interface has been natively implemented to maximize Rack performance.
  • LiteSpeed Cache improvement: added max-stale age support, stale cache copy can be served while updating the cache; added "REFRESH" method to serve existing cached copy while updating the cache.
  • Improved mod_security compatibility with gotroot ruleset.
  • Fixed CageFS mount point issue with litespeed.
  • Fixed rewrite variable "%{TIME}" parsing error.
  • Updated PHP build utility to include PHP 5.4.11 and 5.3.21.

LSWS 4.2.1 (11-21-2012) Feature enhancements and minor bug fixes

  • PHP suEXEC daemon mode will be auto disabled when different php.ini required via PHPRC or PHPIniDir due to internal limitation of PHP engine.
  • Improved error handling in case of LSWS swap directory out of space.
  • Fixed a bug in SSI encoding.
  • Updated PHP build utility to include PHP 5.4.8 and 5.3.18.

LSWS 4.2 (9-10-2012) Major feature enhancements

  • Added support for PHP suEXEC daemon mode to improve performance and memory efficiency (LSAPI 6.0 required).
  • Improved compatibility of Apache mod_security by adding support for variable collections.
  • Improved symbolic link security for shared hosting by introducing LiteSpeed specific directives "DisableSymlinkOverride" and "VhostRestrained".
  • Updated PHP build utility to include PHP 5.4.6 and 5.3.16.

LSWS 4.1.13 (6-27-2012) Feature enhancements, security update and minor bug fixes

  • Improved compatibility of Apache mod_rewrite.
  • Improved compatibility of Apache mod_security.
  • Fixed a bug that will bypass URL security check when rewrite rule is triggered.
  • Enforce RC4 cipher to get around SSL BEAST attack.
  • Added a script tool for cache purge.
  • cPanel whm plugin: Added a script to build matching php from command line.
  • Updated openssl to 0.9.8x.
  • Updated PHP build utility to include PHP 5.4.4 and 5.3.14.

LSWS 4.1.12 (3-26-2012) Feature enhancements, security update and minor bug fixes

  • Fixed a XSS security issue in Real-time graphs of Web Admin Console.
  • Fixed a bug in .htaccess handling that may cause server crash.
  • Fixed a bug in rewrite rules when handling encoding/decoding url.
  • Added 2 commonly used configurations in cPanel WHM plugin – Configure LiteSpeed.
  • Improved performance and reduced cost of PHP process start-up.
  • Improved compatibility/bug fix of mod_security related to skip-after action handling.
  • Added flag B support in rewrite rules.
  • Added no-cache-domains support in cache configuration.
  • Updated PHP build utility to include PHP 5.4.0.

LSWS 4.1.11 (2-22-2012) Feature enhancements and minor bug fixes

  • Added a security feature of “Force Strict Ownership Checking”, similar to “Secure Link” in Cloud Linux.
  • Added version management in cPanel WHM plugin.
  • Fixed a bug that may cause frequent crash when trying to detect Mime-type based on file suffix.
  • Updated openssl to 0.9.8t.
  • Updated PHP build utility to include PHP 5.3.10.

LSWS 4.1.10 (1-6-2012) Feature enhancements and minor bug fixes

  • Fixed wordpress garbage output when SuperCache GZIP compression is enabled.
  • Lifted the limit for Max Request Body Size for 64Bit OS.
  • Updated openssl to 0.9.8s.

LSWS 4.1.9 (12-17-2011) Feature enhancements and minor bug fixes

  • Fixed a bug that causes random 503 error.
  • Improved mod_security audit logging.

LSWS 4.1.8 (11-18-2011) Feature enhancements and minor bug fixes

  • Fixed a bug that causes 100% CPU utilization once connection limit has been reached.
  • Added command line upgrade script admin/misc/lsup.sh .
  • Added license status information in version managment page of web console

LSWS 4.1.7 (10-28-2011) Feature enhancements and minor bug fixes

  • Fixed a bug that may cause 100% CPU utilization randomly.
  • Added a feature to throttle the number of SSL handshakes that can be made by a client. This is anti-DDoS enhancement against SSL negotiation DDoS attack.

LSWS 4.1.6 (10-17-2011) Minor bug fixes

  • Fixed bugs that introduced in 4.1.5 release such as 403 error, access log permission issue.
  • Security feature of suphp-like file permission introduced in 4.1.5 has been turned off by default. User can manually turn it on if needed.

LSWS 4.1.5 (10-6-2011) Feature enhancements and minor bug fixes

  • Added an option to prevent serving unsafe scripts.
  • Fixed a bug related to userdir URL and suEXEC.
  • Fixed a bug that causes periodic 100% cpu usage by lshttpd.
  • Improved licensing by accessing a second license server if the primary fails.

LSWS 4.1.4 (8-22-2013) Minor bug fixes

  • Fixed a bug that cause LSWS crash when cache is enabled.
  • Fixed a bug in SSI engine.
  • PHP 5.3.8 has been added to PHP build utility.

LSWS 4.1.3 (8-2-2011) Minor bug fixes

  • Improved IPv6 support when loading Apache httpd.conf.
  • Improved bad request detection to avoid accidentally blocking IP while accessing non-configured HTTPS web site.
  • Fixed a bug that causes problem when uploading a large file.
  • Fixed a bug that causes file descriptor leak when page cache is in use.
  • Fixed a bug in SSI engine.
  • Fixed a bug in tracking HTTPS connections in-use.
  • Fixed bugs in real-time statistics.

LSWS 4.1.2 (7-14-2011) Feature enhancements and minor bug fixes

  • Improved cache hash algorithm.
  • Fixed various bugs reported from 4.1.1 release.

LSWS 4.1.1 (5-20-2011) Feature enhancements and minor bug fixes

  • Added private cache support.
  • Display cache related statistics in real-time status report.
  • Fixed various bugs reported from 4.1 release.

LSWS 4.1 (4-13-2011) Major feature enhancements

  • Added support for AIO (Asynchronized disk I/O) to greatly improve performance for servers with heavy Disk I/O.
  • Added support for HTTPS SNI (Server Name Indication), allowing multiple secured sites sharing one IP.
  • Added support for mod_security 2.5 rule sets.
  • Added connection level detailed status in real-time status page of web admin console.
  • Compatible with upload progress bar.
  • Added support for H.264 streaming.
  • Reduced memory usage when thousands of virtual hosts configured through Apache httpd.conf.
  • All bug fixes in 4.0.x branch have been included.

LSWS 4.0.20 (2-24-2011) Feature enhancements and minor bug fixes

  • Added support for Cloud Linux SecureLVE.
  • Added a new response header "x-litespeed-cache-control" to allow program to control LiteSpeed page cache behavior.
    Common cache control values are supported like no-cache, no-store, public, private, max-ages.
  • Changed the status code of "Request Timeout" from 408 to 500; this is to avoid client retrying automatically.
  • Retrying requests are limited to 30 seconds to avoid being processed for too long.
  • Updated openssl to 0.9.8r.
  • Fixed missing download url of mail header, suhosin patch for latest php version in web admin console – phpbuild.

LSWS 4.0.19 (1-20-2011) Feature enhancements and minor bug fixes

  • Improved internal Cache feature:
    Last modified header will be checked and return 304 if it has not changed.
    Added response header “X-LiteSpeed-Cache hit” if content is served from cache.
    Added “CACHE_HIT=1” environment variable, this can be used in customized access log.
    Fixed encoding error related to gzip handling of cached copy.
  • Improved cPanel whm EasyApache Hooks handling.
  • Improved compatibility with ISPconfig.
  • Improved performance under LVE.
  • Upgraded openssl to 0.9.8q, php build to 5.2.17 and 5.3.5.

LSWS 4.0.18 (12-8-2010) Feature enhancements and minor bug fixes

  • Improved mod_security compatibility.
  • Add timeout option for graceful restart.
  • Added logic to take care of orphaned php processes.
  • Improved cache functionality.
  • Improved clean up logic for temporary files.
  • New features in cPanel WHM plug-in: Added EasyApache Integration: Build new php binary through EasyApache will automatically build matching php for LiteSpeed, and manual switch between Apache and LiteSpeed while building php is no longer needed. Fixed directory issues in building matching php add-on modules.

LSWS 4.0.17 (10-5-2010) Feature enhancements and minor bug fixes

  • Added Apache mod_actions support.
  • Added configurable option "Ignore Apache Modules" to bypass unwanted Apache modules.
  • Added configurable option for turning off ModSecurity directives in htaccess.
  • Improved Web Admin PHP build tool, which can build multiple opcode cache at same time, also added memcache build option.
  • Improved rewrite engine.
  • Improved lswsctrl script.

LSWS 4.0.16 (7-30-2010) Feature enhancements and minor bug fixes

  • Implemented a fix for cPanel signal 9 problem.
  • Improved mod_security support.
  • Implemented gzip cache daily cleanup feature.
  • Improved CloudLinux LVE support, compatible with future CloudLinux releases.
  • There are minor bug fixes and feature enhancements

LSWS 4.0.15 (6-23-2010) Security update and minor bug fixes

  • Security fix for null-byte exploit from script.
  • Fixed a bug in SSI engine.
  • A bug in web admin has been fixed that when there is only one external app for status page.

LSWS 4.0.14 (4-15-2010) Major feature enhancements

  • CloudLinux Lightweight Virtual Environment (LVE) support has been added.
  • Support for Interworx hosting control panel has been added.
  • A bug in Server Side Include runtime has been fixed.
  • License management in cPanel WHM plugin has been improved
  • There are minor bug fixes and tuning.

LSWS 4.0.13 (2-19-2010) Security enhancements and minor bug fixes

  • Address CSRF (Cross Site Request Forgery) attack that you are tricked to click on an untrusted link while you login to the Web Admin console.
  • Added Anti-DDoS blocked IP list in real-time status report page.
  • Fine tuned graceful restart and lswsctrl script.

LSWS 4.0.12 (12-16-2009) Security enhancements and minor bug fixes

  • Updated OpenSSL to 0.9.8l to address TLS man-in-the-middle renegotiation attack.
  • Fixed a bug in handling HEAD request.
  • Fixed a bug in SSL error handling.
  • Fixed a bug that prevents LSWS from reloading Apache httpd.conf when an include file was removed.
  • Minor improvements in Web Admin console.
  • Fixed a few minor Apache compatibility issues.

LSWS 4.0.11 (10-13-2009) Security enhancements and minor bug fixes

  • A Bug fixed in php-build script in the admin console, which failed to parse config options in certain cases.
  • Fixed a bug which causes random 500 error when running some CGI scripts.
  • Adding lsadm to the group that the web server running as. This gives the admin console access to most directories served by the web server.
  • Encrypt username/password for the admin console login, so there is no clear text transferred, sniffer proof.
  • Some Changes for version management in the admin console: only notify when there is new release available, do not automatically download the binary.
  • Some validation and security enhancements implemented.

LSWS 4.0.10 (8-18-2009) Security enhancements and minor bug fixes

  • Fixed 503 errors and can tolerant PHP crash under certain situation.
  • Changed admin console to suEXEC mode, which is more secure and stricter on file permissions.
  • Improved PHP build script in admin console.
  • Fixed a bug that causes 403 access deny when access file containing symbolic link.
  • Fixed a few minor Apache compatibility issues.

LSWS 4.0.9 (7-27-2009) Minor bug fixes

  • Fixed a bug which caused random 503 errors in 4.0.7 and 4.0.8.          

LSWS 4.0.8 (7-26-2009) Minor bug fixes

  • Addressed a few bug introduced in 4.0.7.

LSWS 4.0.7 (7-22-2009) Feature enhancements and minor bug fixes

  • Added support for compressed Wordpress super cache.
  • Fixed a bug in RewriteMap handling
  • Improved compatibility with Apache configuration directives, "AddHandler", "SetHandler".

LSWS 4.0.6 (7-12-2009) Security Update

  • Fixed a buffer overflow bug, which was detected by the hacking shield introduced in 4.0.5.

LSWS 4.0.5 (6-26-2009) Minor feature and security enhancements

  • Added support for mod_auth_passthrough to seamlessly integrate with cPanel FrontPage extension.
  • Implemented hacking shield to actively defend hacking attempts of buffer overflow.
  • Fixed a browser compatibility issue by turning off GZIP compression when there is a custom "Content-Encoding" response header added by CGI script.
  • Added license management in cPanel/WHM plug-in.

LSWS 4.0.4 (6-8-2009) Minor bug fixes

  • Improved handling of external redirect by detecting potential loop condition.
  • Improved error page handling to avoid extra rewrite processing, which caused problem in authentication.
  • Improved compatibility of mod_security rules handling.
  • Fixed a bug in cPanel/WHM plug-in, which caused uninstallation not working properly.

LSWS 4.0.3 (5-11-2009) Feature enhancements and minor bug fixes

  • Fixed a bug in symbolic link checking.
  • Improved Auto Index script on handling special characters.
  • Improved compatibility of mod_security rules handling.
  • Improved graceful restart.
  • www.domain and domain are now treated as different domains.
  • Added a few xml related mime types to the default configuration.

LSWS 4.0.2 (4-22-2009) Feature enhancements and minor bug fixes

  • Fixed a bug in SSI implementation that may cause lshttpd crash.
  • Fixed a bug in constrained option for virtual host.
  • Improved Apache config file loading speed.
  • (For suEXEC only) Added support for PHPIniDir directive at virtual host level to allow customized php.ini.
  • (For suEXEC only) Added support for PHPRC environment variable to customize php.ini.
  • Added suEXEC configuration for server level external applications such as FastCGI, LSAPI.

LSWS 4.0.1 (4-7-2009) Minor bug fixes

  • Fixed a bug in Process Manager that failed to stop unused processes
  • Fixed a bug that causes crash when accessing certain UserDir URL
  • Improved cPanel/WHM plug-in
  • Minor bug fixes and improvements.

LSWS 4.0 (3-17-2009) Major Feature enhancements

  • mod_cache support
  • Server Side Include support
  • mod_security 2.x rule support
  • Improved mod_security audit log, compatible with cPanel mod_security plug-in.
  • Large file support for 32bit Linux
  • reorganized real-time status page
  • Improved logging (stderr log control, piped logger, file lock for access logging)
  • Added Rails 2.3 support script using Rack framework.
  • Improved "Build matching PHP" feature in WHM LSWS plug-in.
  • Improved mod_rewrite compatibilities.
  • Minor bug fixes and improvements.

LSWS 3.3.24 (1-11-2009) Minor bug fixes

  • Fixed mailman problem with some cPanel releases.
  • Improved cPanel RubyOnRail support.
  • Improved mod_rewrite compatibilities.
  • Minor bug fixes and improvements.

LSWS 3.3.23 (12-10-2008) Minor bug fixes

  • Fixed a bug that may cause lshttpd crash when access certain page via UserDir format URL.
  • Fixed a bug that cause fixed 256MB memory limit on non-suEXEC lsphp processes when used with cPanel
  • Fixed a bug in RailsRunner.rb that causes compatibility problem with Rails 2.2.1
  • Fixed a bug in virtual host template when referencing $VH_DOMAIN.

LSWS 3.3.22 (10-31-2008) Minor bug fixes

  • Fixed a bug introduced in 3.3.21 that may cause lshttpd crash during server shutdown.

LSWS 3.3.21 (10-27-2008) Feature enhancements

  • Improved access logging, support for pipe logger setup in Plesk.
  • Improved memory usage when hosting massive amount of virtual hosts through Apache httpd.conf .

LSWS 3.3.20 (10-14-2008) Minor bug fixes

  • Fixed a bug in VMware detection code that causes LSWS crash on mostly X86_64 servers.

LSWS 3.3.19 (9-30-2008) Minor bug fixes

  • IP to geo location feature has been updated to match new changes in Apache mod_geoip.
  • Special care has been added to handle 1xx response from proxy back-end web servers.
  • Fixed a bug that cause LSWS not to reload license key after the key being updated.
  • Fixed a few bugs that may rarely cause LSWS to crash.

LSWS 3.3.18 (9-8-2008) Feature enhancements and minor bug fixes

  • New feature: support sub domain for cpanel.*, webmail.*, whm.* and webdisk.* newly added by cPanel
  • Improved script being used to override cPenal HTTP restart script.
  • Fixed a few minor bugs.

LSWS 3.3.17 (8-25-2008) Feature enhancements and minor bug fixes

  • Improved Apache compatibilities for PHP environment variables, PHP_SELF, SCRIPT_NAME, etc.
  • Fixed a bug in the default XML configuration file.

LSWS 3.3.16 (8-18-2008) Feature enhancements and minor bug fixes

  • New feature: added FLV streaming support.
  • New feature: added support for "Header" directive.
  • New feature: added timestamp for std error log entries.
  • ignore signal SIGXFSZ to avoid core dump when log file reaches 2GB.
  • Update PHP to 4.4.9.
  • Improved AWStats log file handling.
  • Fixed a bug in handling IP configuration when server has over 100 IP addresses assigned.

LSWS 3.3.15 (7-7-2008) Feature enhancements and minor bug fixes

  • New feature: Add cPanel WHM LSWS plug-in for cPanel users.
  • Add a feature that allows disabling GZIP compression via URL rewrite.
  • Fixed a bug in request filter that may cause LSWS crash.
  • Improved sorting in version management of web console.
  • Improved compatibility with Apache configuration for vhost with dedicated IP.

LSWS 3.3.14 (6-3-2008) Minor bug fixes

  • Fixed a problem introduced by 3.3.13 that causes LSWS being stopped by control panels
  • cPanel compatibilities has been improved, cPanel should not kill lshttpd during update or account administration.

LSWS 3.3.13 (5-28-2008) Feature enhancements and minor bug fixes

  • Fixed a bug introduced by 3.3.12 that crash lshttpd during server shutdown or graceful restart.
  • cPanel compatibilities has been improved.
  • Improved graceful restart smoothness when server is under heavy load.

LSWS 3.3.12 (5-19-2008) Feature enhancements and minor bug fixes

  • Improved UNICODE support for the web console.
  • Added PHP 5.2.6 option to the PHP build script.
  • SSLv2 has been disabled by default, improved Apache SSL configuration compatibilities.

LSWS 3.3.11 (4-25-2008) Feature enhancements and minor bug fixes

  • Improved cPanel integration by adding a new option to override restart httpd script.
  • Fixed a bug introduced by 3.3.10 which affects .htaccess configuration handling.
  • Increased in memory buffer limit from 1MB to 10MB.
  • Fixed a bug in processing mod_security SecFilter directive.

LSWS 3.3.10 (4-15-2008) Feature enhancements and minor bug fixes

  • Fixed a few bugs that may cause lshttpd process crash occasionally.
  • Fixed access log ownership problem.
  • AWStats Integration: Fixed a bug which always forwards to https connection.
  • Improved mod_expires support.
  • Improved connection timeout handling during SSL handshake.

LSWS 3.3.9 (3-25-2008) Minor bug fixes

  • Fixed a bug in parsing custom access log format string.
  • Fixed a bug in generating mod_security compatible audit log.
  • Fixed a bug in handling SSLCertificateChainFile configuration.
  • Fixed a bug in web console when editing a text field containing some special characters.
  • Improved 30x custom error page handling.

LSWS 3.3.8 (3-13-2008) Feature enhancements and minor bug fixes

  • Due to cPanel changes, an option to replace Apache at server wide with a wrapper script has been added. This solution should work with all control panels.
  • Fixed a problem with using a PHP script as custom error page for status code 30x.
  • Apache configuration compatibilities has been improved.

LSWS 3.3.7 (3-3-2008) Minor bug fixes

  • A bug that causes failure in Apache directive "Include [dir]" has been fixed, it is introduced in 3.3.5 release.

LSWS 3.3.6 (2-28-2008) Feature enhancements and minor bug fixes

  • A bug that cause inappropriate CPU resource limit applied to PHP/Ruby processes has been fixed.
  • Added a default MIME type for ".rar".

LSWS 3.3.5 (2-26-2008) Feature enhancements and minor bug fixes

  • A dedicate security audit log compatible with csf has been added.
  • Add an option in web console to explicitly enabled frontpage extension.
  • Support for H-Sphere mod_psoft_traffic log file has been added.
  • Improved Apache compatibilities with 'Include' and 'DirectoryIndex' directives.
  • Apache custom access log format has fully supported.
  • A resource limit problem for PHP suEXEC has been fixed.
    ATTENTION: if you set Process soft/hard limit for lsphp external app less than 50, you should increase it.
  • Minor improvements in web GUI.
  • Improvements in reducing server load during server start-up.

LSWS 3.3.4 (1-24-2008) Feature enhancements and minor bug fixes

  • PHP build script has been updated to include suhosin and email header patch, PHP 4.4.8 has been added.
  • "staging" has been added to the selectable rails environment.
  • Experimental support for H-Sphere mod_psoft_traffic log file has been added.
  • Broken bytes log for native configured virtual host has been fixed.
  • A bug in AJPv13 for processing large POST request has been fixed.

LSWS 3.3.3 (12-17-2007) Minor bug fixes

  • A bug related "Content-Disposition" response header introduced in 3.3.2 has been fixed
  • A bug related to large message logging has been fixed.
  • A bug in authentication realm configuration file handling has been fixed.

LSWS 3.3.2 (12-11-2007) Feature enhancements and minor bug fixes

  • The internal process manager has been improved, 503 errors has been addressed.
  • "Content-Disposition" response header pass-through has been added for internal redirect.
  • Improved control panel compatibilities, support for ISPConfig has been verified.
  • A link problem with the update agent in 32 bit Linux package has been fixed, you may have to update from 3.3.1 release manually.
  • Minor performance tuning for LSAPI/FastCGI applications.
  • A bug that uses wrong host name for reserve proxy has been fixed.
  • A problem with FrontPage support when Apache mod_frontpage was statically compiled in has been fixed.

LSWS 3.3.1 (11-29-2007) Minor bug fixes

  • Fixed a bug in static file GZIP cache.
  • PHP build script has been improved.
  • Fine tuning of various parameters.

LSWS 3.3 (11-21-2007) Major feature enhancements

  • SSL client authentication has been added.
  • GUI interface for building PHP has been added to web console.
  • The process manager for PHP suEXEC has been improved.
  • Compatibilities with control panels has been greatly improved, including cPanel, directAdmin and plesk.
  • Installer has been improved to include default configuration for using with hosting control panels.
  • Support for vmware/XEN/UserModeLinux VPS has been added for our VPS license.
  • Security of our directory autoindex has been enhanced.
  • There are many minor bug fixes and improvements.

LSWS 3.2.3 (9-21-2007) Minor bug fixes

  • Fixed a few minor compatibility issues with cPanel 11.
  • Fixed connection limit problem in standard edition.
  • Fixed a sendfile() bug for Solaris.
  • Fixed a problem with Rails which returns 404 status code instead of 403 when a request was blocked by request filter.

LSWS 3.2.2 (9-5-2007) Feature enhancements and minor bug fixes

  • Default Rails vhost template has been updated with default rewrite rule configuration to support Rails page cache.
  • YUI has been replaced with light-weight library in web admin console.
  • A bug in handling CGI command line parameter has been fixed.
  • Performance of rewrite engine has been improved when executing complex rewrite rules.
  • User managed LiteSpeed Rails configuration has been improved to work properly with subdomain configuration.
  • Rewrite rule parser has been improved to ignore trialling comments.
  • Size limit of XML element in LSWS configuration file has been increased.
  • Graceful restart procedure has been improved.

LSWS 3.2.1 (8-14-2007) Feature enhancements and minor bug fixes

  • Compatibilities with Plesk control panel has been improved.
  • Gzip compression support has been improved to store compressed static file in its own cache directory, directory write permission is no longer required.
  • REDIRECT_URL and REDIRECT_QUERY_STRING environment variables has been added.
  • Directory redirect has been improved to give better support of RESTful route of Ruby On Rails.
  • Directory autoindex script has been improved, direct access to this script is denied.
  • i-node value in ETag can be turned off to better support mirrored sites.
  • A bug in security engine that fail to check query string in special format has been fixed.
  • 408 request timeout page is customizable.
  • Restart of individual virtual host can be managed by user with a simple configuration file.

LSWS 3.2 (7-16-2007) Major feature enhancements

  • Implemented Rails shared hosting configuration. Support Rails configuration file generated by cPanel 11 EDGE.
  • Improved URL rewrite compatibilities with Apache mod_rewrite on value of %{REQUEST_FILENAME} variable.
  • Fixed random 404 errors when rewrite is used in .htaccess.
  • Improved autoindex script with support for 'FancyIndex off'.
  • Improved compatibilities with cPanel 11.
  • Added VPS license support.
  • Improved license management which allow monthly subscription, license registration and migration.

LSWS 3.1.1 (5-14-2007) Feature enhancements and minor bug fixes

  • Improved Apache compatibility on redirect and .htaccess handling.
  • Fixed a bug in request parser which has problems with large amount of request headers.
  • Prebuilt PHP binary has been upgraded to 4.4.7 .
  • Improved userdir and .htaccess implementation.
  • Added support for using a string in 'ErrorDocument'.
  • A bug in autoindex script has been fixed.

LSWS 3.1 (5-2-2007) Feature enhancements and minor bug fixes

  • Improved request rate throttling algorithm.
  • Added automatic log file rotation for virtual hosts configured through Apache httpd.conf.
  • Fixed a bug in AJP Protocol that causes problem with Winstone Servlet Engine.
  • Fixed a bug in HTTP Proxy that causes problem when upstream web server does not set 'Content-Length' header.
  • Fixed a bug in request parsing which has problems special values in 'Connection' header.

LSWS 3.0.3 (4-19-2007) Minor bug fixes

  • Improved Apache mod_rewrite compatibilities.
  • Updated YUI code to 2.2.1 in web administration console.
  • Fixed a bug that causes FreeBSD 64bit crash.
  • Fixed a bug that may cause response corruption when response header is large.
  • Made 'Force GID' effective for suEXEC PHP.

LSWS 3.0.2 (4-16-2007) Feature enhancements and minor bug fixes

  • Added Apache mod_userdir support
  • Fixed a few minor problems in web administration console.
  • Fixed a issue of .htaccess file not being processed properly
  • Fixed a few minor Apache interchangeability issues on access control, .
  • Compatibility has been improved for DirectAdmin and cPanel.

LSWS 3.0.1 (3-27-2007) Minor bug fixes

  • Fixed tooltips problem in web administration console when used with IE and Opera.
  • Fixed a issue with .htaccess file handling for a redirect context.
  • Fixed broken update agent and auto update script.
  • Added "best" event dispatcher as default to use the best available event dispatcher.

LSWS 3.0 (3-15-2007) Major feature enhancements

  • Completely revamped web admin console: Streamlined layout, improved configuration parsing and processing to handle 1000+ virtual hosts.
  • Request Filtering (compatible with Apache mod_security).
  • Complete third party web hosting control panel support, include cPanel, DirectAdmin, Plesk, etc..
  • Sendfile() support is enabled for standard edition.
  • Max 150 Concurrent Connections for standard edition.
  • Enterprise: IP to GeoLocation Database Support (compatible with Apache mod_geoip).
  • Enterprise: Customizable Access Log Format.
  • Enterprise: 64bit Optimized Binaries available.
  • Improved external application process manager: better handling of malfunctioning process and especially useful for FCGI application.
  • Improved Apache interchangeabilities.
  • Improved performance and scalability.
  • There are minor bug fixes.

LSWS 2.2.6 (11-28-2006) Minor bug fixes

  • Fixed: Problem loading Apache configuration file containing scriptaliasmatch directive.
  • Fixed: Bug where 302 status code is returned for DELETE request to a Rails application.
  • Fixed: Failure to detect .htaccess change if timestamp on new/updated .htaccess file is older than the one it replaces.

LSWS 2.2.5 (11-9-2006) Feature enhancements and minor bug fixes

  • Improved: Better Apache config compatibility with listener entries. LiteSpeed will now works cleanly with httpd.conf generated by cPanel.
  • Improved: Compressed log file archive will now be owned by the LiteSpeed user.
  • Fixed: Matching context problem with vhost level script handler configuration.
  • Fixed: Incorrect value/display of "request in processing" in real-time report due to changes in 2.2.3.
  • Fixed: Tomcat AJP protocol problem which can cause large POST requests to fail.

LSWS 2.2.4 (10-24-2006) Minor bug fixes

  • Fixed: Blocking problem introduced in 2.2.3 which may halt server processing.

LSWS 2.2.3 (10-16-2006) Minor bug fixes

  • Fixed: Authentication failure with .htaccess when a user name is required.
  • Fixed: SSL traffic throttling bug.
  • Updated: Access log will not log canceled requests which did not receive any response body.

LSWS 2.2.2 (9-18-2006) Feature enhancements and minor bug fixes

  • Fixed: Problem with killing external application processes started in suEXEC mode.
  • Fixed: Customized error document handler was not followed for HEAD request.
  • Updated: Added traffic log file rotation.
  • Updated: Upgraded OpenSSL package to 0.9.7k.

LSWS 2.2.1 (9-11-2006) Feature enhancements and minor bug fixes

  • Updated: Real-time report updated to display status of Rails application.
  • Updated: RailsRunner.rb has been updated to deal with DB connection errors.
  • Updated: Support for RedirectMatch, and Redirect directives in .htaccess has been improved.
  • Updated: Admin interface will now allow access of configuration related files under /etc/.
  • Fixed: PHP SuEXEC problem for vhost configured through Apache httpd.conf when both PHP 4 and 5 are configured.

LSWS 2.2 (8-24-2006) Major feature enhancements

  • New: Ruby on Rails integration introduces a simplified method of binding Rail applications.
  • New: Ruby on Rails vhost template available in /lswsinstall/conf/templates/rails.xml.
  • New: Global Force GID option for suEXEC CGI/FCGI/LSAPI.
  • New: PHP suEXEC options for vhosts configured via Apache configuration file.
  • New: SNMPD Bridge + Cacti Templates introduced in /lswsinstall/add-ons/snmp_monitoring/.
  • New: Updated bundled PHP binary to 4.4.4. Installer will not overwrite PHP binary of existing installation.
  • Fixed: AWStats permission problem in suEXEC mode.
  • Updated: Improved documentation.

LSWS 2.1.20 (8-17-2006) Minor bug fixes

  • Fixed: epoll bug introduced in 2.1.19.
  • Fixed: possible realm conflict when authentication is used within .htaccess configuration.
  • Updated: web admin interface will now allow "+" character in MIME type definition.

LSWS 2.1.19 (8-11-2006) Feature enhancements and minor bug fixes

  • Updated: Custom error handler will now process POST requests. Custom error handler can be used to simplify Ruby Rails configuration.
  • Fixed: AJP v1.3 protocol compliance bug.
  • Updated: Performance improvements within LiteSpeed event processor.

LSWS 2.1.18 (7-13-2006) Feature enhancements and minor bug fixes

  • Added ability to log "host" header within access log.
  • Added IP offset feature when using Apache configuration file.
  • Added ability to turn off access log when using Apache configuration.
  • Improved epoll reliability under Linux.
  • Fixed adherence of application level memory min/max limits.

LSWS 2.1.17 (6-19-2006) Feature enhancements and minor bug fixes

  • Improvement: added header "X-Forwarded-Proto: https" header to SSL proxied connections.
  • Fixed file upload disconnects over a SSL connection.
  • Fixed rewrite engine problem when a non-existing HTTP header were referenced in rule.

LSWS 2.1.16 (5-17-2006) Minor bug fixes

  • Improvement: format of bandwidth logging has been updated to match the latest cPanel format.
  • Fixed authentication realm so that when a non-existent file is requested, 403 is returned instead of 404.
  • Fixed bytes logging configuration which can cause LSWS to fail on start-up when access log has not been configured.
  • Fixed .htaccess support for a virtual host configured through Apache configuration file.
  • Fixed a bug in SSL implementation that can cause random connection problem.
  • Fixed a Solaris bug where sendfile() usage can cause blocking and high-load.
  • Fixed installer on-boot start-up script insertion for OS X platform.

LSWS 2.1.15 (5-8-2006) Feature enhancements and minor bug fixes

  • LSAPI 2.0 released for PHP and 1.1 for Ruby. Fixed a bug that can cause header corruption.
  • Fixed a bug in CGI parameter handling that can cause core dump.
  • Improvement: AWStats (add-on) scheduler will no longer update on every server restart.
  • New Feature: added option to start external applications at server start-up instead of on-demand (default).
  • New Feature: added option to log cPanel compatible bandwidth usage.

LSWS 2.1.14 (4-3-2006) Minor bug fixes

  • A bug introduced in 2.1.13 that cause lshttpd crashes has been fixed.
  • A bug in Apache configuration file handling which causes missing vhost to listener mapping has been fixed.
  • GLOBAL::CORE::exit overriding has been added in LiteSpeed Perl daemon to make the Perl process persistent when a Perl CGI script calls "exit".

LSWS 2.1.13 (3-28-2006) Feature enhancements and minor bug fixes

  • Ruby's native LSAPI module has been implemented.
  • Adding additional response header has been implemented.
  • There are minor update in PHP LSAPI module.

LSWS 2.1.12 (2-28-2006) Minor bug fixes

  • A bug that causes "out of swapping space" has been fixed.
  • A bug in FCGI/LSAPI suEXEC that causes file descriptor leak has been fixed.
  • A bug in Apache configuration parser that causes missing listener to vhost mapping has been fixed.

LSWS 2.1.11 (2-15-2006) Feature enhancements and minor bug fixes

  • Reliability of FreeBSD kqueue event dispatcher has been improved.
  • A bug in SSL that causes long delay when request being redirected to another URL has been fixed.
  • LiteSpeed PHP SAPI code has been updated.
  • There are minor bug fixes in Web administration console.

LSWS 2.1.10 (2-6-2006) Feature enhancements and minor bug fixes

  • A bug in SSL throttling that causes partial response body has been fixed.
  • Binary package for Intel MacOSX has been added.
  • PHP binary has been upgraded to 4.4.2 .

LSWS 2.1.9 (12-29-2005) Minor bug fixes

  • A bug that causes random malfunction or other strange behaviors in .htaccess support has been fixed.

LSWS 2.1.8 (12-20-2005) Minor bug fixes

  • A bug introduced in 2.1.7 that prevents AWStats from working properly has been fixed.
  • A bug introduced in 2.1.7 that prevents error log file from rotating during server start up has been fixed.
  • A bug that prevents matching proxy context from working properly has been fixed.
  • The incorrect sort order of context sequence in web admin console has been fixed.
  • A bug in access logging which always logs HTTP/1.0 requests as HTTP/1.1 has been fixed.

LSWS 2.1.7 (12-8-2005) Feature enhancements and minor bug fixes

  • A bug in Fast CGI interface that causes compatibility problem with Python FCGI interface has been fixed.
  • A bug in rewrite internal functions has been fixed.
  • Authentication of web administration interface has been changed to cookie mode, password can be remembered by browser.
  • Error logging has been improved to log access denied hot-linking sites.
  • A bug that causes broken zipped dynamically generated pages in IE has been fixed.

LSWS 2.1.6 (11-22-2005) Security update

  • The 'ConfMgr.php Cross-Site Scripting Vulnerability' has been fixed, it should not cause any problem as administrators password is required to explore it.
  • Reverse proxy has been improved to handle DAV requests properly.
  • A bug that causes hanging LSAPI application not being properly stopped by LSWS has been fixed.

LSWS 2.1.5 (11-01-2005) Minor bug fixes

  • A bug in LSAPI response header handling has been fixed to remove invalid headers.
  • A bug in web administration interface that causes missing context data has been fixed.
  • Matching contexts defined prior to the first normal context will be given higher priority.

LSWS 2.1.4 (10-20-2005) Feature enhancements and minor bug fixes

  • A feature has been added to adjust 'Process Limit' automatically for external applications when the limit is too low.
  • Minimum UID required for web server process has bee lowered from 50 to 10.

LSWS 2.1.3 (10-17-2005) Feature enhancements and minor bug fixes

  • External Application manager has been improved to adjust connection pool size and stop idle applications automatically.
  • Resource limit configuration has been added at individual external application level.
  • An option to turn off persistent FastCGI connections has been added to work around a bug in RubyOnRails FastCGI interface.
  • A new feature has been added to apply Apache configuration changes automatically.
  • A bug in MIME type definition has been fixed.
  • Broken FastCGI authorizer configuration has been fixed.
  • OpenSSL library has been upgraded to 0.9.7h.
  • LiteSpeed PHP library has been updated.

LSWS 2.1.2 (10-03-2005) Feature enhancements and minor bug fixes

  • A couple of minor bugs in .htaccess support has been fixed.
  • A bug that caused leak in external application connection pool has been fixed.
  • LiteSpeed PHP library has been updated.

LSWS 2.1.1 (9-26-2005) Minor bug fixes

  • Incorrect CGI environment variable HTTP_IF_NO_MATCH has been fixed.
  • A bug that caused GZIP compression not working in LiteSpeed PHP has been fixed.
  • LiteSpeed PHP library has been updated.

LSWS 2.1 (9-21-2005) Major Feature enhancements

  • Apache configuration support has been added, LiteSpeed web server is able to run from Apache configuration file, Apache compatibilities has been improved.
  • LiteSpeed API, the fastest server API for LiteSpeed Web server, has been implemented.
  • PHP LiteSpeed SAPI has been implemented with enhanced PHP performance (30% over FastCGI PHP and 100% over Apache mod_php), as well as flexible PHP configuration overridden via .htaccess files.
  • A stateless external application load balancer has been implemented.
  • SSL CA Certificate configuration has been added.
  • Extra protection against 503 errors has been added.
  • Minor bug fixes

LSWS 2.1RC3 (8-31-2005) Major feature enhancements

  • Apache configuration support has been added, LiteSpeed web server is able to run from Apache configuration file.
  • LSAPI protocol has been improved.
  • PHP LiteSpeed API has been improved.
  • SSL CA Certificate configuration has been added.
  • Minor bug fixes in rewrite engine.

LSWS 2.1RC2 (7-25-2005) Major feature enhancements

  • Distributed configuration .htaccess support has been re-engineered in order to improve Apache inter-changeabilities.
  • directive support has been added.
  • CGI daemon socket has been made configurable.
  • Multiple IP address will be passed through X-Forwarded-For header.
  • There are bug fixes in epoll support.
  • PHP binary has been upgraded to 4.4.0
  • Zlib has been upgraded to 1.2.3

LSWS 2.0.7 (6-15-2005) Feature enhancements and minor bug fixes

  • Configuration for static file cache has been added.
  • Bugs in Solaris /dev/poll and sendfile() support have been fixed.
  • a bug in FreeBSD kqueue support has been fixed.
  • More bug fixes on external application manager.

LSWS 2.0.6 (5-24-2005) Minor bug fixes

  • Bug fixes on external application manager.

LSWS 2.0.5 (5-23-2005) Feature enhancements and minor bug fixes

  • TCP_NODELAY flag for a proxy connection has been added to fix a proxy slow down problem.
  • External application manager has been improved to handle hanging external applications.

LSWS 2.1RC1 (5-16-2005) Major Feature enhancements

  • LiteSpeed SAPI, the fastest server API for LiteSpeed web server, has been implemented.
  • PHP LiteSpeed API has been implemented with enhanced PHP performance (30% over FastCGI PHP and 100% over Apache mod_php), as well as flexible PHP configuration overridden via .htaccess files.
  • A stateless external application load balancer has been implemented.
  • External application manager has been improved to deal with non-responding external applications.

LSWS 2.0.4 (4-26-2005) Feature enhancements and minor bug fixes

  • Distributed configuration (.htaccess) cache has been improved to reduce memory usage.
  • An assertion failure has been fixed.
  • There are minor improvements in URL rewrite engine.
  • A bug in FastCGI Authorizer implementation has been fixed.
  • A problem in managing Fast CGI application with command line parameter has been fixed.

LSWS 2.0.3 (4-18-2005) Feature enhancements and minor bug fixes

  • Inaccurate real time report result under heavy load has been fixed.
  • URL rewrite engine has been improved to be more compatible with Apache's.
  • A bug in listener management which failed to release a deleted listener has been fixed.
  • Bundled PHP binary has been upgraded to 4.3.11.

LSWS 2.0.2 (3-31-2005) Minor bug fixes

  • A bug that cause server dump core when request contains no 'Host:' header has been fixed.
  • Broken Front Page Server Extension under chroot environment has been fixed.
  • A bug in MIME configuration has been fixed.

LSWS 2.0.1 (3-29-2005) Feature enhancements and minor bug fixes

  • A couple minor bugs in Web Administration Interface has been fixed.
  • Support for Command line parameters of external application has been added.
  • Apache Configuration Import Tool has been improved.
  • Error Logging has been improved.

LSWS 2.0 (3-10-2005) Major feature enhancements

  • Completely re-engineered web administration interface.
  • Automatic software Update.
  • Flexible directory index.
  • Fast CGI Authorizer.
  • Virtual host configuration template.
  • Apache configuration import tool.
  • Advanced access logging via external piped logger application.
  • IPv6 support.
  • SMP linear performance with Enterprise Edition.
  • High performance event dispatchers: epoll, kqueue and /dev/poll.
  • And there are feature improvements in many areas, overall performance have been greatly improved for both Standard and Professional Edition.

LSWS 2.0RC7 (2-04-2005) Feature enhancements and minor bug fixes

  • IPv6 support has been added.
  • Minor bug fixes in Administration Interface.

LSWS 2.0RC6 (1-24-2005) Minor bug fixes

  • A couple minor bugs in Web Administration Interface has been fixed.
  • A bug that causes virtual hosts loading problem when there is no server level script handler defined has been fixed.
  • A bug that prevent CGI handler being used as a script handler has been fixed.
  • A bug in epoll event dispatcher has been fixed.

LSWS 2.0RC5 (1-19-2005) Major feature enhancements and minor bug fixes

  • Web Administration Interface has been completely re-engineered.
  • Virtual host template configuration has been implemented for mass hosting environment.
  • Advanced access logging via external piped logger application has been implemented.
  • An update agent has been implemented, upgrade/version management can be done via web interface.
  • A MAC OS X release has been added.
  • Apache configuration import tool has been improved.
  • Performance of Standard Edition has been greatly improved.
  • Minor bug fixes.

LSWS 2.0RC4 (12-21-2004) Major feature enhancements and minor bug fixes

  • Apache configuration migration tool is available.
  • Process manager for External Application has been improved.
  • Limitation of number of virtual hosts has been removed
  • High performance event dispatchers: epoll, kqueue and /dev/poll have been implemented.
  • DirectoryIndex directive support in .htaccess has been added.
  • Bundled PHP binary has been upgraded to 4.3.10.
  • Minor bug fixes.

LSWS 2.0RC3 (11-02-2004) Major feature enhancements and minor bug fixes

  • FastCGI Authorizer support has been implemented.
  • Wildcard domain name is implemented in listener to virtual host mapping.
  • Regular expression can be used to specify allowed domains in hotlink protection.
  • Bug fixes in rewrite engine.

LSWS 1.5.11 (10-28-2004) Minor bug fixes

  • OpenSSL library has been upgraded to 0.9.7e
  • SSL hardware accelerator not working on FreeBSD problem has been fixed.

LSWS 1.5.10 (10-20-2004) Feature enhancements and minor bug fixes

  • A bug in CGI daemon on Solaris that leaves zombie children processes has been fixed.
  • Request rate throttling can be turned off for trusted IPs.
  • The accuracy of idle connection count in real-time server status report has been improved.
  • Default configuration has been fine tuned.

LSWS 1.5.9 (9-29-2004) Feature enhancements

  • Pre-built PHP binary has been upgraded to version 4.3.9 with GD and zlib extensions enabled.
  • A persistent Perl CGI daemon equivalent to Apache mod_perl's Apache::Registry has been added.

LSWS 2.0RC2 (9-21-2004) Major feature enhancements

  • AWStats (log analyzer) has been integrated with LiteSpeed web admin interface, AWStats configuration and statistics updates has been automated.
  • Server watch dog has been completely re-engineered, which allows 100% up-time during server restarts and even server binary upgrades.
  • A bug in rewrite engine has been fixed.
  • Compatibility with Apache's mod_rewrite has been improved.
  • Rotated access log file can be stored in compressed format.
  • Reliability and security has been improved for CGI daemon.

LSWS 1.5.8 (9-09-2004) Feature enhancements and minor bug fixes

  • Anti-DoS algorithm has been improved.
  • A bug that may cause Solaris SPARC version crash has been fixed.
  • A bug that may cause corrupted reply on FreeBSD has been fixed
  • and other minor improvements.

2.0RC1 (8-23-2004) Major feature enhancements

  • An Apache compatible rewrite engine has been implemented.
  • Support for Microsoft FrontPage Server Extension 2002 has been added.
  • Flexible directory auto indexing by using external script to generate index page has been implemented.
  • suExec for FastCGI application has been implemented.
  • Static file compression has been improved by using internal compression routine, suffix for compressed file has been changed from ".gz" to ".lsz".

LSWS 1.5.7 (8-10-2004) Minor bug fixes

  • A bug that may cause internally redirected requests failure has been fixed.
  • A bug in SSL implementation that may cause a blank page displayed in user's web browser has been fixed.
  • FastCGI process manager has been improved to remove dead UNIX domain sockets automatically.
  • A bug in web admin interface has been fixed

LSWS 1.5.6 (7-30-2004) Feature enhancements and minor bug fixes

  • Support of "Satisfy" directive in .htacess has been added.
  • CGI header handling has been improved to allow empty header.
  • Session timeout control has been added in WebAdmin interface.
  • PHP binary has been upgraded to 4.3.8.
  • Installer has been improved to allow easy version switch.
  • A bug in deleting context with special characters has been fixed in WebAdmin interface.
  • A bug that causes listener's virtual host map inconsistent during virtual host name change has been fixed in WebAdmin interface.
  • A bug that causes reverse proxy stop working when response buffering is off has been fixed.

LSWS 1.5.5 (7-12-2004) Major feature enhancements

  • IP level request rate throttling has been implemented.
  • Response buffering can be turned off for external applications (Fast CGI, CGI, proxy).

LSWS 1.5 (6-22-2004) Feature enhancements and minor bug fixes

  • Incorrect value of "AUTH_USER" environment variable for CGI, Fast CGI has been fixed.
  • A bug that causes LDAP connection error on low speed connection has been fixed.
  • A bug in Log ID generation code has been fixed.
  • Performance of serving static content has been improved slightly.

LSWS 1.5RC4 (6-03-2004) Major feature enhancements and minor bug fixes

  • Performance has been improved for non keep-alive connections.
  • Fast CGI priority is configurable now.
  • A bug in HTTP authentication with plain file back-end user DB has been fixed.
  • Broken CGI daemon on SPARC Solaris has been fixed.

LSWS 1.5RC3 (5-24-2004) Major feature enhancements

  • HTTP Authenticate with LDAP back-end support has been implemented.
  • SSL hardware acceleration device support has been implemented.
  • Smart Keep-alive algorithm which improves keep-alive efficiency on busy web site has been implemented.
  • Fast CGI process manager has been improved, all children processes started by web server will be stopped when web server exits.

LSWS 1.5RC2 (4-28-2004) Feature enhancements and minor bug fixes

  • A real-time server usage report viewer has been implemented in web admin interface.
  • Various bugs introduced in 1.5RC1 have been fixed.

LSWS 1.5RC1 (4-20-2004) Major feature enhancements

  • A lightweight high performance CGI daemon has been implemented, CGI performance has been improved greatly, CGI can be started in suExec and chroot mode.
  • Manipulation of User/Group file for authentication realm has been implemented in web admin interface.
  • I/O buffering policy has been changed to use in memory buffer when available
  • Logging performance has been improved
  • Default character set can be customized at context level or in a .htaccess file.
  • MIME Type can be customized at context level or in a .htaccess file.
  • ForceType and DefaultType can be set at context level or in a .htaccess file.

LSWS 1.3.3 (3-24-2004) Feature enhancements

  • Throttling algorithm has been improved to address long page loading time issue when throttling is enabled.

LSWS 1.3.2 (3-19-2004) Security update

  • OpenSSL has been upgrade to 0.9.7d to address security issues in 0.9.7c.

LSWS 1.3.1 (2-26-2004) Minor bug fixes

  • ETag header has been added into 304 response to fully comply with HTTP specification.

LSWS 1.3 (2-18-2004) Major feature enhancements

  • Installation of PHP accelerator MMCache and APC with pre-built binaries have been implemented.

LSWS 1.3RC3 (2-10-2004) Feature enhancements and minor bug fixes

  • Hotlink protection has been implemented.
  • Minor bug fixes.

LSWS 1.3RC2 (2-02-2004) Feature enhancements and minor bug fixes

  • Connection accounting/throttling algorithm has been improved.
  • Fast CGI process manager has been improved.
  • Default value for various timeout configurations have been adjusted.

LSWS 1.3RC1 (1-23-2004) Major feature enhancements

  • Implemented reverse proxy feature, lsws can be used as a content accelerator, security gateway or compression proxy running in front of any web server and application server that supports HTTP protocol.
  • Implemented graceful shutdown, all requests in progress will be completed.
  • Improved installation script.
  • Added an option to hide server version string in response header.
  • Added an option to customize required and restricted permission mask for static files.
  • Improved process manager for Fast CGI applications.
  • Minor bug fixes in web admin interface.

LSWS 1.2.2 (12-05-2003) Minor bug fixes

  • fixed minor bugs in SSL, Fast CGI interface implementation.
  • fixed a minor bug in Servlet AJP 1.3 interface implementation.

LSWS 1.2.1 (12-04-2003) Feature enhancements and minor bug fixes

  • fixed minor bugs in SSL, Throttling and Fast CGI interface implementation.
  • Fixed a minor bug in admin interface.
  • improved Fast CGI performance.

LSWS 1.2 (11-25-2003) Minor bug fixes

  • minor bug fixes related to SSL and GZIP compression.

LSWS 1.2RC2 (11-21-2003) Major feature enhancements and minor bug fixes

  • added URL alias match support which is compatible with Apache's mod_alias,
  • added expires header support which is compatible with Apache's mod_expires,
  • added automatic creation and update of compressed static files to save network bandwidth,
  • enhanced URL redirect functions,
  • minor bug fixes,
  • updated documentation.

LSWS 1.2RC1 (10-28-2003) Major feature enhancements and minor bug fixes

  • added chroot support with automatic chroot environment setup (Professional Edition Only),
  • added unix domain socket support which increases inter-process communication performance between web server and Fast CGI,
  • IP level connection accounting algorithm has been improved,
  • added CGI standard error output logging,
  • added CGI resource consumption limits,
  • minor bug fixes
  • updated documentation.

LSWS 1.1.1 (10-15-2003) Minor bug fixes

  • Fixed a bug that may cause range/multi-range requests fail. Updated documentation.

LSWS 1.1 (10-07-2003) Feature enhancements and minor bug fixes

  • HTTP authentication has been re-engineered.
  • Added an authentication cache and permissions can now be granted based on user names or group names.
  • Added an Apache-like "required" directive.
  • Implemented context level access control.
  • Added .htaccess support and an .htaccess cache. Apache-like authentication, access control, and redirect directives are supported in .htaccess
  • SSL toolkit has been updated to OpenSSL 0.9.7c.

LSWS 1.0.3 (8-15-2003) Feature enhancements and minor bug fixes

  • Fixed a bug in pre-built PHP binary that produces warnings under Redhat 9.
  • Added a configurable entry for maximum concurrent CGI instances.
  • Improved security by checking accessibility for symbolic links.
  • Added a configurable entry for external application timeout.
  • Added an uninstall script and imporved installer script.
  • Updated documentation.

LSWS 1.0.2 (7-23-2003) Feature enhancements and minor bug fixes

  • The installation script will now work properly with group names or directory names that contain spaces.
  • A configuration entry has been added to control core file creation when the server process is started by super user.
  • Automatic bug reporting has been improved.
  • Minor SSL improvements.

LSWS 1.0.1 (7-8-2003) Feature enhancements and minor bug fixes

  • Fixed some bugs in the WebAdmin interface.
  • Fixed compatibility bugs for FreeBSD/Solaris.
  • Supported Solaris x86 platform.
  • Fixed a bug in FastCGI implementation.
  • Fixed a bug in basic authentication.
  • Other minor improvements.

LSWS 1.0 (7-1-2003) Initial public release

  • LiteSpeed web server came to live as a full-featured web server.