Configuration file '/etc/httpd/conf.d/zzz_php_openbasedir.conf' was created manually to disable 'open_basedir'. Yes we have using Plesk(different version of branch 8).
Yes, these configuration lines works, but if someone use RedirectMatch in his webroot he'll receive Internal server error.
The following rules does not work at Litespeed:
RedirectMatch gone ^.*\.(sql|log|conf)$
RedirectMatch gone VERSION.*
Is it a bug or should we use different constructions(as far as I know these rules works just fine in the Apache)?
Agree, I have same problem. I was looking at gotroot by Prometheus too and was unable to get it working at Litespeed, and I found manual insufficient too(you can find manual on PHP CHROOT insufficient as well). It seems that there is a lot to do with this module or with manuals for LS tech...
Thank you for your quick response and fix, but unfortunately fix does not work for us. We have upgraded LSWS on four servers and have same issue. To clarify - we have not usign WHM/cPanel, we are using Plesk on our servers.
The result is:
Adding 1M data ... [OK] Total: 152 Mb
Adding 1M...
Hi guys. I think I need same patch too. We are having application that require memory limit higher than 256 MB and I have memory_limit set to 512, but scripts stop working at 256 MB of memory. I have used the following script to test this out:
<?
$begin = getmicrotime()...
Good day,
So far, the PHP announced the end of branch four life and some PCI compliance tests how showing security issue at the port with LiteSpeed, saying that it's better to upgrade PHP up to branch 5.
So, I wanted to know, if LiteSpeed Tech are going to switch LiteSpeed Admin's...
First of all would like to tell we guarantee 99% uptime to our customers within our SLA and will agree with money back if client's site was down due to problems with the server(due to our fault). So, we have using Litespeed on our production servers with many users, and using lease license with...
MS must be writing a secure code? :)
So, then additionally third-party software(OpenLDAP, OpenSSL, PHP), which are used by LiteSpeed must be certified too as far as I understand. :)
As far as I know there is no official certifications on code compliance. I mean, there should be a standards written by someone like VISA and additionally there should be a companies which implements such certifications. There a kind of service on VISA compliance, which evaluate if your server...
If you mean PCI compliance audits, then yes, it's not so hard to configure LiteSpeed in the way, PCI tests require(SSLv3, ciphers, TRACE/TRACK, HTTPS authentication form)... Much easier than configuring Plesk to be secure...