IP of 127.0.0.1 banned

[anewday]

I think this made litespeed fail and cpanel automatically restart it.

email from cpanel

httpd failed @ Mon Nov 10 23:32:03 2008. A restart was attempted automagically.

Failure Reason: Service check failed to completehttpd: [ != HTTP/1..]

error_log

2008-11-10 23:25:37.119	NOTICE	[127.0.0.1] Reached per client connection hard limit: 60, close connection!
2008-11-10 23:32:05.655	NOTICE	Server Restart Request via Signal...

Just minutes before httpd failed. I checked the access log and it seems that someone spoofed that IP.

I think you should hard code the IP of 127.0.0.1 exempt from being banned by litespeed.

 

[mistwang]

Make 127.0.0.1 a trusted IP.

http://www.litespeedtech.com/docs/webserver/config/security/#accessControl_allow

 

[anewday]

Yes, I thought of that afterwards. But, I think you should include it by default in the later versions. It only makes sense.

Is this fine to exclude 127.0.0.1 from connection/throttling limits?

Allowed List

ALL
127.0.0.*T

 

[mistwang]

It is not safe, as some one may be able to initiate an attack from localhost.

 

[anewday]

Will litespeed continue to function if it blocks 127.0.0.1 ?

 

[mistwang]

Yes, it should work.
cPanel should not try to establish 60 connections at once though.

 

[anewday]

It's not cpanel, I think it's a legitimate person using a proxy server. The cpanel monitoring restarted httpd automatically as I set it to enabled in the Service Manager.