Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revision Both sides next revision
litespeed_wiki:changelog [2020/02/19 12:38]
qtwrk
litespeed_wiki:changelog [2020/08/12 13:43]
Lucas Rolff 5.4.8 build 5
Line 1: Line 1:
 ====== LiteSpeed Web Server Changelog ====== ====== LiteSpeed Web Server Changelog ======
 +
 +===== Version 6.0 =====
 +
 +=== RC1 ===
 +
 +  [Major New Feature] Apache 2.4 conditional context <If> <​Ifelse>​ <​Else>​ support.
 +  [Major New Feature] Asynchronous mod_security engine.
 +  [Major New Feature] Bubblewrap isolated CGI/PHP execution environments.
 +  [New Feature] HTTP/3 draft 29 support.
 +  [Major Enhancement] HTTP/2 has gone through a major rewrite with more efficient header handling.
 +  [Enhancement] Added ModSecurity JSON audit log.
 +
 +===== Version 5.4.8 =====
 +
 +=== Build 5 ===
 +
 +  [Bug fix] Properly pass CHUNK encoded request body to script handler to address random file upload failure.
 +  [Bug fix] Addressed graceful restart failure when the server has many IPs in use and is forced to create listeners for individual IP.
 +
 +=== Build 4 ===
 +
 +  [New Feature] Control whether to wait for the full request body or not before passing requests to the request handler with new environment variable "​wait-req-full-body"​. (Waiting allows the request handler to see the full request body immediately)
 +  [Tuning] Increase reCAPTCHA verified status timeout from 1-hour to 1-day.
 +  [Tuning] Increase .htaccess processing time limit from 500ms to 2.5sec to allow for the processing of larger .htaccess files.
 +
 +=== Build 3 ===
 +
 +  [Bug Fix] LiteMage cache object count is now more accurate.
 +  [Bug Fix] Address a few compatibility issues with Plesk admin console proxy through regular HTTPS access.
 +  [Bug Fix] Cache statistics access through IPv6.
 +  [Improvement] Protect WebAdmin listener port from duplicate regular listener configuration.
 +  [Improvement] Add Plesk git integration support.
 +
 +=== Build 2 ===
 +
 +  [Bug Fix] Address 404 error for reCAPTCHA verification.
 +  [Bug Fix] '​SetEnv'​ directive is now properly applied inside <​Files>​ or <​FilesMatch>​ contexts. ​
 +
 +=== Build 1 ===
 +
 +  [Bug Fix] Correct DirectAdmin PHP handler detection when "​DirectAdmin"​ panel is selected under "​PHP"​ config tab.
 +  [Bug Fix] WebSocket ProxyPass configuration now works correctly inside the <​Location>​ context.
 +  [Bug Fix] Match Apache'​s Redirect behavior by discarding original query string if target URL has query string set.
 +
 +=== Build 0 ===
 +
 +  [New Feature] Add the ability to load an extra ECC certificate for an Apache virtual host when multi-cert support is enabled.
 +  [New Feature] Apply header modification configurations in .htaccess to dynamic responses for CloudLinux Python/​Ruby/​NodeJS selector application.
 +  [New Feature] Update client IP using request header "​X-Real-IP"​.
 +  [New Feature] Use Client IP in Header can now be set to use the last IP listed in the X-Forwarded-For header for servers behind AWS ELB.
 +  [Security] Block '​LD_*'​ environment variable overriding from .htaccess.
 +  [Improvement] New Ruby 2.0+ compatible RackRunner script for ruby-lsapi 5.0.
 +  [Improvement] Separate IPv4 and IPv6 virtual hosts now share cached pages for the same domain.
 +  [Improvement] Update WHM plugin to v4.0 (drops support for EasyApache 3).
 +  [Improvement] Make reCAPATCHA compatible with WordPress password protected pages.
 +  [Bug Fix] Invisible reCAPTCHA now works properly with IE 11 browser.
 +  [Bug Fix] Correct Magento LiteMage2 cache object statistics.
 +  [Bug Fix] Address an AJPv13 hanging bug.
 +  [Bug Fix] Enabling bandwidth throttling no longer causes rare HTTP/2 response hangs.
 +  [Bug Fix] Properly apply UMASK configuration for external applications.
 +  [Bug Fix] Fix a problem with Plesk log rotation when LSWS overrode Apache'​s rc script with a symbolic link.
 +  [Bug Fix] NodeJS default being not properly set in httpd_config.xml no longer causes crashing.
 +  [Bug Fix] Address cp_switch_ws.sh issues when switching back to Apache.
 +
 +===== Version 5.4.7 =====
 +
 +=== Build 9 ===
 +
 +  [Bug Fix] Correct a SHM memory allocation issue.
 +  [Bug Fix] Address a URL handling regression introduced in build 7 that affected NextCloud WebDAV clients.
 +
 +=== Build 8 ===
 +
 +  [New Feature] Use Client IP in Header can now be set to use the last IP listed in the X-Forwarded-For header for servers behind AWS ELB.
 +  [Bug Fix] Address cp_switch_ws.sh issues when switching back to Apache.
 +  [Bug Fix] Invisible reCAPTCHA now works properly with IE 11 browser.
 +  [Bug Fix] Correct a crash bug in cache engine.
 +  [Tuning] Separate IPv4 and IPv6 virtual hosts now share cached pages for the same domain.
 +
 +=== Build 7 ===
 +
 +  [New Feature] For CloudLinux Python/​Ruby/​NodeJS selector application,​ applies header modification configuration in .htaccess to dynamic response.
 +  [Bug Fix] A mod_security engine bug that causes random crash.
 +  [Bug Fix] A bug in access log format validation.
 +
 +=== Build 6 ===
 +
 +  [Bug Fix] Fixed Plesk log rotation issue when LSWS override Apache rc script with symbolic link. 
 +  [Bug Fix] Fixed a crash when NodeJS default was not properly set in httpd_config.xml. ​
 +
 +=== Build 5 ===
 +
 +  [Security] Blocks overriding LD_PRELOAD environment variable from .htaccess.
 +  [Bug Fix] Fixed a corner case that causes hanging HTTP/2 response when bandwidth throttling is enabled. ​
 +  [Bug Fix] Properly apply UMASK configuration for external application. ​
 +
 +=== Build 4 ===
 +
 +  [New Feature] Added the ability to load extra ECC certificate for Apache virtual host when multi-cert support is enabled.
 +  [Improvement] New Ruby 2.0+ compatible RackRunner script for ruby-lsapi 5.0. 
 +  [Tuning] Disable cache if a request is blocked by mod_security.
 +  [Bug Fix] Minor bug fixes in cache engine. ​
 +  [Bug Fix] Minor bug fix in mod_security engine.
 +
 +=== Build 3 ===
 +
 +  [Bug Fix] Fixed an HTTP/2 protocol bug encountered when a PHP page failed without sending back a response header.
 +  [Bug Fix] Fixed an internal memory management bug that caused random crashing.
 +
 +=== Build 2 ===
 +
 +  [Bug Fix] Fixed an AJPv13 protocol bug that caused requests containing a request body to hang.
 +  [Tuning] Improved reCAPATCHA verification to make it compatible with WordPress password protected pages.
 +
 +=== Build 0 ===
 +
 +  [Security] Fixed a symbolic link attack in directory auto index script. Thank you KnownHost for the bug report. (CloudLinux user is not affected.)
 +  [New Feature] Added strict suEXEC and ownership checking on scripts.
 +  [New Feature] Added ability to configure static/​dynamic request per second limit for Apache ghost.
 +  [Bug Fix] Fixed reCAPTCHA triggering for the first access of an allowed robot.
 +  [Bug Fix] Added "​Cache-Control:​ no-cache"​ to reCAPTCHA verification page to disallow CDN/proxy cache.
 +  [Bug fix] Fixed delayed .htaccess loading.
 +  [Bug fix] Fixed a delayed server response bug with HTTP/2.
 +  [Bug fix] Fixed a NodeJS websocket backend configuration bug.
 +  [Bug fix] Shared lib for lscmctl script is now updated on server install/​update.
 +  [Tuning] Prevent ports 443 and 80 from being used as WebAdmin listener port.
 +  [Tuning] Avoid triggering 503 errors when cPanel backend services (cpcontacts,​ webdisk, ...) are unavailable.
 +  [Tuning] Automatically update /​proc/​sys/​net/​core/​somaxconn to 1024 whenever server performs a fresh startup.
 +  [Tuning] Added after=lve_namespaces.service to systemd unit file.
 +
 +===== Version 5.4.6 =====
 +
 +=== Build 5 ===
 +  [Bug Fix] Fixed a bug that reCAPTCHA was shown for the first access of an allowed robot.
 +  [Bug Fix] Added "​Cache-Control:​ no-cache"​ for reCAPTCHA verify page to disallow CDN/proxy cache. ​
 +
 +=== Build 4 ===
 +
 +  [Bug Fix] Minimize interference with mandatory rewrite processing when bypassing favicon URL rewrite.
 +  [Tuning] Avoid triggering 503 errors when cPanel backend services (cpcontacts,​ webdisk, ...) are unavailable.
 +
 +=== Build 3 ===
 +
 +  [Bug Fix] Use request header value for RBL lookups.
 +  [Bug Fix] Fixed a configuration parser crash.
 +  [Bug Fix] Fixed HTTP/3 ALPN string to properly advertise h3-27.
 +  [Tuning] Automatically update /​proc/​sys/​net/​core/​somaxconn to 1024, when server performs a fresh startup.
 +  [Tuning] Avoid adjusting external application process priority based on server'​s priority.
 +
 +=== Build 2 ===
 +
 +  [New Feature] Added strict suEXEC and ownership checks for scripts.
 +  [New Feature] Added ability to configure static/​dynamic request per second limit for Apache vhost.
 +  [Tuning] Added after=lve_namespaces.service to systemd unit file.
 +  [Bug Fix] Fixed a bug when switching vhost log file.
 +  [Bug Fix] Fixed an HTTP/3 timestamp/​ACK ping-pong bug.
 +  [Bug Fix] Fixed a bug causing extra delay when response has content length = 0.
 +
 +=== Build 1 ===
 +
 +  [Bug fix] Fixed a bug causing delayed .htaccess loading.
 +  [Bug fix] Fixed an HTTP/2 bug that sometimes delayed server response.
 +  [Bug fix] Fixed a bug in NodeJS websocket backend configuration.
 +  [Bug fix] Shared lib for lscmctl is now updated on server install/​update.
 +  [Tuning] Prevent ports 443 and 80 for use as a WebAdmin listener.
 +
 +=== Build 0 ===
 +
 +  [New Feature] Updated HTTP/3 support to include h3-27.
 +  [Bug Fix] Fixed a bug that caused ProxyPass ws:// target to stop working for certain configuration combination.
 +  [Bug Fix] Fixed a bug in HTTP/2 handling mismatched response content-length and actual reponse body size.
 +  [Bug Fix] Fixed a false positive that triggered ACL denied for Plesk.
 +  [Bug Fix] Fixed a regression that broke /​tmp/​lshttpd/​swap auto cleanup.
 +  [Bug Fix] Fixed a false positive when handling ModSecrurity SecRemoteRule.
 +  [Bug Fix] Fixed a crash in ModSecurity using libinjection.
 +  [Tuning] Set mod_security RBL DNS cache to 60 seconds.
 +  [Tuning] Disable TLSv1.1 by default.
 +  [Tuning] Enable SSL session tickets by default.
 +  [Tuning] No longer add ECDHE-RSA-AES128-SHA cipher automatically.
  
 ===== Version 5.4.5 ===== ===== Version 5.4.5 =====
 +
 +=== Build 3 ===
 +
 +  [Bug Fix] Fixed a false positive that triggered ACL denied for Plesk.
 +  [Bug Fix] Fixed a regression that broke /​tmp/​lshttpd/​swap auto cleanup.
 +  [Bug Fix] Fixed a false positive when handling ModSecrurity SecRemoteRule.
 +  [Bug Fix] Fixed a crash in ModSecurity using libinjection.
 +  [Tuning] No longer add ECDHE-RSA-AES128-SHA cipher automatically.
  
 === Build 2 === === Build 2 ===
  • Admin
  • Last modified: 2021/01/15 12:32
  • by Lucas Rolff