Search results

still doesnt work on the latest litespeed ... really thinking about switching to apache 2.4

Would be nice if litespeed a few years later would support the mod security core rule set... but no matter how many of the config files a stripped out it doesnt work Litespeed + mod_security = a joke... 3 years and you still dont have it working...

Okay well here is a question for you, I have been in a long discussion with Igor regarding suexec vs lsapi php security... Because we are using CageFS the user can only see their own files... but if you use suexec then and attacker can delete a customers site and or easily add malicious code to...

Thank you, I will try it. Seems odd that it is such a rarely used feature. seams to me developers who are working on websites and using subomains as develop, staging, testing directories would rather use certificates than have to enter a htaccess password over and over again.

<Location /usr/fake/domains/dot.com/public_html/test> SSLRequireSSL SSLVerifyClient require SSLVerifyDepth 10 </Location> WHy doesnt this work in the httpd.conf when using litespeed as a drop in apache replacement???

http://code.google.com/speed/page-speed/docs/module.html Hey litespeed tech, in terms of performance enhancements for your shared webhosting customers this would be an extremely great thing to port to litespeed so we can ensure customers sites are being served up as quickly as possible.

Suexec is a false sense of security, there is better ways to secure your system without leaving vulnerable php scripts wide open to exploitation. Suexec makes the php process run as the same user the php script is owned by... Can we say a website defacers dream come true... exploit...

Hello, we use the server monitoring from serverdensity because it allows us to be pro-active on events that might lead to an outage. One of the things it monitors besides the server itself, is apache using mod_status. Well because we use litepseed we are hoping this is possible...

Nevermind... the home partition was mounted noexec.

Just migrated to a new server on the 2CPU license, having a problem getting CGI to work correctly, we are running with Directadmin and Cloudlinux LVE: their httpd.conf above edited for customer privacy

Would be nice if litespeed integrated a system like this within the cache system... this could create great benefits to return visits to the same content... there are other systems that automate this such as Aptimize but they are expensive solutions to add into shared hosting environments.

I understand that there is not a LSAPI wsgi module... and I have read that article and it seems to be aimed at a single domain setup via the litespeed control panel... I am trying to figure out how to set it up so it is available in a shared hosting environment not having to configure it per...

I am trying to set it up so customers can easily install WSGI based scripts, there is a web chat that integrates into IRC servers and we would like to have it so each customer can upload their chat client to a subdomain with minimal effort on their or our part. Here is the excerpt from the...

And here is mytop

During apache bench here is top:

One of the things I noticed in the attack yesterday was that they used hundreds of IP addresses to all attack the same URL. If I blocked the URL they just changed the botnet to target a different URL. CSF Firewall and Litespeed Anti-DoS were not picking this up because of so many...

Okay a few things, after I was attacked over the past couple days I decided to do some work myself and found that it is pretty easy to bring the server to it's knees using just apache bench mark. So while yes it was being attacked, this also means that something is wrong because it shouldnt...

They say that Disk IO protection will be in future versions of Cloudlinux

Writable directories need to be detectable from within the apache configuration as well as the litespeed configuration. This will add a greater level of security as we will be able to globally lock down writable directories so attackers cannot execute scripts within them <Directory {if...

[root@srv goat]# sudo -u apache ls ../goat/ audit_log_user_command(): Connection refused goldgoat.tar [root@*** goat]# ps aux|grep http root 9851 0.0 0.2 5148 2300 ? S 10:05 0:00 lshttpd root 9852 0.0 0.0 1592 336 ? S 10:05 0:00 httpd...