4.0 road map

Discussion in 'Bug Reports' started by mistwang, Mar 19, 2008.

  1. mistwang

    mistwang LiteSpeed Staff

    We have been working on 4.0 feature for a while, the first public beta will be available soon. The follow main feature has been planed
    • squid like disk cache (almost done, will be availabe in Beta1 release)
    • SSI support (due in beta 2)
    • python support with our own python LSAPI module
    • ASP.NET support with our own Mono LSAPI module
    • mod_security 2.0 rule parser
    • Improve real-time status report
    • Improve server scalability for mass hosting using control panels
    • Server performance fine tuning
    • native upload progress bar support, compatible with all existing non-scalable implemenation
    • option to backup and version control configuration file.
    • mod_macro support
    If you have suggestion on new feature, please let us know.

    Stay tuned. :)
    Last edited: Sep 8, 2009
  2. anewday

    anewday Moderator

    Cool, my suggestion made it to the road map. I hope it will be as good as lighttpd server status page. :)

    How about limit number of concurrent connectons from an IP based on filetype on a vhost level and with proxy detection? Also, a whitelist to exempt certain IPs. This would come in handy for download servers where it could limit download accelerators from overloading the server.
    Last edited: Mar 20, 2008
  3. mistwang

    mistwang LiteSpeed Staff

    We do the connection limit at IP level with proxy detection now, it should be good enough for limiting download accelerators.
  4. embed

    embed Member

    One useful feature that I wouldn't mind having is the possibility to define request filter rules that work on the response.

    In particular the possibility to block pages that contain sensitive information.
    In ModSecurity it is possible to do that with something like this:

    ModSecurity 2.5.1:
    SecRule RESPONSE_BODY "ODBC Error Code"

    ModSecurity 1.9:
    SecFilterSelective "ODBC Error Code" OUTPUT
  5. vivek

    vivek Well-Known Member

    Are you sure it is ASP.NET ? As far as I know,it will run only in Windows servers.

    Anyway, good luck and I am waiting for the 4 release

  6. mistwang

    mistwang LiteSpeed Staff

    Yes, mono has ASP.NET support for Linux.
  7. anewday

    anewday Moderator

    How about adding the last login date, time, and the IP? Also, on the real time log viewer, add the time the web server was restarted.
  8. mistwang

    mistwang LiteSpeed Staff

    Yeah, we can do that.
  9. PSS

    PSS Well-Known Member

    These might be a bit esoteric but here goes:

    1. When I see error like

    2007-09-26 15:05:11.869 [NOTICE] [24.241.38.XXX:53081-0#domain.com] [SECURITY] Detected [PATTERN: 'or.+1[[:space:]]*=[[:space:]]1|or 1=1--'|'.+--'] [Msg: SQL Injection attack]

    I would like to be able to link that to access log showing which page was that, string contents, was is POST or GET and any other info that might reveal who is trying what, or was this an unintentional string on normal textarea post.

    2. a native way to obfuscate file path. When obfuscating folder /abc, serving a file /abc/file.jpg LS would serve it as e.g. http://virtdomain/f8085cb09db7467ba973f6b4e5d5a78d.jpg. I think this would benefit also from changing that path on-the-fly in http source ;)

    3. Compile PHP: with download/compile latest APC, Xcache etc. and with version management.

    4. search for logs (also access logs!).

    5. switch to reverse log display (newest first).

    6. Realtime update for log view (also access logs!)

    7. When I get image hotlink protection message

    [189.61.153.XXX:2023-1#domain.com] [HOTLINK] Reference from other web site, access denied, referrer: [www.remote.com]

    I would like to know the referrer page.

    8. performance analyzer: basically I would like to know what is the page requested -> sent time in ms. and if there are any suggested LS settings which would make it faster & use less resources. Something like you see in SiSoft Sandra.
  10. PSS

    PSS Well-Known Member

    Oh, a question: does the 4.0 beta/RC agree with 3.3.X version management? I'm willing to try it out for short periods on my live sites if that is so.
  11. mistwang

    mistwang LiteSpeed Staff

    1. the request URL should has been logged in error.log, but not in audit log.
    2. No, we won't do that, leave it for developer using rewrite rule or something.
    3. Our web console have option to compile PHP now.
    4. Yes, I want that too.
    5. No, just show the last few lines by default.
    6. Maybe, may not work well with busy site, as it you may not able to catch the update speed.
    7. Yes, we can log the request URL.
    8. Maybe

    Yes, you can switch back and forth between 3.3.x and 4.0 beta/RC.
    Last edited: Mar 31, 2008
  12. anewday

    anewday Moderator

    I like 4 and 5, some other CSF features should also be in 4.0 ;)
    Last edited: Mar 31, 2008
  13. anewday

    anewday Moderator

    And should make it possible to see the list of banned IPs (triggered by per client throttling), email notice, and ability to unban them.

    To add to #8, I want to see how many bytes transferred since restart of webserver. Maybe even have alerts when it reaches a certain set threshold (borrow some features from mod_bandwidth), and show stats by day, week, month, etc.. ;)
    Last edited: Mar 31, 2008
  14. mistwang

    mistwang LiteSpeed Staff

    Banned IP will be listed at the minimum.
    We won't do traffic log analyzer in side the server core. use those external packages.
  15. anewday

    anewday Moderator

    Please also add option to add IPs to whitelist so the throttling limits can be exceeded without ban.
  16. mistwang

    mistwang LiteSpeed Staff

  17. mistwang

    mistwang LiteSpeed Staff

    link to 4.0b1 package has been published in another thread.
  18. subBlue

    subBlue Active Member

    My tiny request is to have all the vhost and listening listings sorted alphabetically by default. Becomes a pain to fine the vhost you want when you have a long list!
  19. anewday

    anewday Moderator

    Last edited: Apr 17, 2008
  20. sfreiberg

    sfreiberg Member

    Feature request

    I've been meaning to ask for this for a long time, but it would be awesome to have some kind of a RESTful interface into the admin tool. Even if it was just the ability to add/remove sites from the templates that would be great.

    I just finished writing a little script that will directly modify the xml file, but it would be nicer if I could run it remotely or better yet bake it into a web interface that also interfaces with our DNS servers. That would drastically reduce the time it takes for us to create new sites. Not to mention cutting down on typos. The RESTful interface would also be helpful because all of our servers are redundant so everything has to be done two or more times.

Share This Page