Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Last revision Both sides next revision
litespeed_wiki:changelog [2020/04/15 14:56]
Lucas Rolff 5.4.6 build 5
litespeed_wiki:changelog [2020/09/18 15:41]
Lucas Rolff version 4.4.9
Line 1: Line 1:
 ====== LiteSpeed Web Server Changelog ====== ====== LiteSpeed Web Server Changelog ======
 +
 +===== Version 6.0 =====
 +
 +=== RC1 ===
 +
 +  [Major New Feature] Apache 2.4 conditional context <If> <​Ifelse>​ <​Else>​ support.
 +  [Major New Feature] Asynchronous mod_security engine.
 +  [Major New Feature] Bubblewrap isolated CGI/PHP execution environments.
 +  [New Feature] HTTP/3 draft 29 support.
 +  [Major Enhancement] HTTP/2 has gone through a major rewrite with more efficient header handling.
 +  [Enhancement] Added ModSecurity JSON audit log.
 +
 +===== Version 5.4.9 =====
 +
 +=== Build 3 ===
 +
 +  [New Feature] Allow LiteSpeed Cache for WordPress plugin to use ESI combine sub-requests to improve ESI performance.
 +  [New Feature] Update cPanel plugin to automatically apply new ECC certificates generated through the plugin.
 +  [Bug Fix] Normalize IPv6 address to properly reuse existing listener sockets.
 +  [Bug Fix] Close down HTTP3/QUIC streams reset by peer in timely manner. ​
 +
 +=== Build 2 ===
 +
 +  [New Feature] New ForceSecureCookie configuration directive to enforce "​secure"​ and "​SameSite"​ cookie attributes. This directive can be set in an Apache config file at the server or vhost level, or in the document root directory'​s .htaccess file.
 +  [Bug Fix] Apply header operations for pages generated by python/​nodejs applications.
 +  [Bug Fix] Properly detect HTTP/2 GREASE frame and GREASE settings entry, avoiding protocol errors.
 +  [Tuning] Automatically detect and neutralize bad rewrite rules that cause looping proxy to the same server.
 +  [Tuning] Install alt-python38 wsgi-lsapi binary from source if rpm package is not available.
 +  [Bug Fix] Avoid releasing cache objects too early.
 +  [Bug Fix] Address a rare crash in ESI parser. ​
 +
 +=== Build 1 ===
 +
 +  [Feature] Apply Expires header to a partial response for a range request.
 +  [Bugfix] Force apply ACL configuration changes when client access level is cached in SHM.
 +  [Bugfix] For directory auto index, avoid a blank file name when special characters are in the name.
 +
 +=== Build 0 ===
 +
 +  [New Feature] WHM plugin 4.1 with Let's Encrypt ECC certificate support. QUIC.cloud integration with SSL certificates synchronization.
 +  [New Feature] Automatic CloudFlare CDN IP detection.
 +  [New Feature] Support for bcrypt password hash for HTTP authentication.
 +  [Improvement] PHP version detection for cPanel FCGId PHP handler.
 +
 +===== Version 5.4.8 =====
 +
 +=== Build 5 ===
 +
 +  [Bug fix] Properly pass CHUNK encoded request body to script handler to address random file upload failure.
 +  [Bug fix] Addressed graceful restart failure when the server has many IPs in use and is forced to create listeners for individual IP.
 +
 +=== Build 4 ===
 +
 +  [New Feature] Control whether to wait for the full request body or not before passing requests to the request handler with new environment variable "​wait-req-full-body"​. (Waiting allows the request handler to see the full request body immediately)
 +  [Tuning] Increase reCAPTCHA verified status timeout from 1-hour to 1-day.
 +  [Tuning] Increase .htaccess processing time limit from 500ms to 2.5sec to allow for the processing of larger .htaccess files.
 +
 +=== Build 3 ===
 +
 +  [Bug Fix] LiteMage cache object count is now more accurate.
 +  [Bug Fix] Address a few compatibility issues with Plesk admin console proxy through regular HTTPS access.
 +  [Bug Fix] Cache statistics access through IPv6.
 +  [Improvement] Protect WebAdmin listener port from duplicate regular listener configuration.
 +  [Improvement] Add Plesk git integration support.
 +
 +=== Build 2 ===
 +
 +  [Bug Fix] Address 404 error for reCAPTCHA verification.
 +  [Bug Fix] '​SetEnv'​ directive is now properly applied inside <​Files>​ or <​FilesMatch>​ contexts. ​
 +
 +=== Build 1 ===
 +
 +  [Bug Fix] Correct DirectAdmin PHP handler detection when "​DirectAdmin"​ panel is selected under "​PHP"​ config tab.
 +  [Bug Fix] WebSocket ProxyPass configuration now works correctly inside the <​Location>​ context.
 +  [Bug Fix] Match Apache'​s Redirect behavior by discarding original query string if target URL has query string set.
 +
 +=== Build 0 ===
 +
 +  [New Feature] Add the ability to load an extra ECC certificate for an Apache virtual host when multi-cert support is enabled.
 +  [New Feature] Apply header modification configurations in .htaccess to dynamic responses for CloudLinux Python/​Ruby/​NodeJS selector application.
 +  [New Feature] Update client IP using request header "​X-Real-IP"​.
 +  [New Feature] Use Client IP in Header can now be set to use the last IP listed in the X-Forwarded-For header for servers behind AWS ELB.
 +  [Security] Block '​LD_*'​ environment variable overriding from .htaccess.
 +  [Improvement] New Ruby 2.0+ compatible RackRunner script for ruby-lsapi 5.0.
 +  [Improvement] Separate IPv4 and IPv6 virtual hosts now share cached pages for the same domain.
 +  [Improvement] Update WHM plugin to v4.0 (drops support for EasyApache 3).
 +  [Improvement] Make reCAPATCHA compatible with WordPress password protected pages.
 +  [Bug Fix] Invisible reCAPTCHA now works properly with IE 11 browser.
 +  [Bug Fix] Correct Magento LiteMage2 cache object statistics.
 +  [Bug Fix] Address an AJPv13 hanging bug.
 +  [Bug Fix] Enabling bandwidth throttling no longer causes rare HTTP/2 response hangs.
 +  [Bug Fix] Properly apply UMASK configuration for external applications.
 +  [Bug Fix] Fix a problem with Plesk log rotation when LSWS overrode Apache'​s rc script with a symbolic link.
 +  [Bug Fix] NodeJS default being not properly set in httpd_config.xml no longer causes crashing.
 +  [Bug Fix] Address cp_switch_ws.sh issues when switching back to Apache.
 +
 +===== Version 5.4.7 =====
 +
 +=== Build 9 ===
 +
 +  [Bug Fix] Correct a SHM memory allocation issue.
 +  [Bug Fix] Address a URL handling regression introduced in build 7 that affected NextCloud WebDAV clients.
 +
 +=== Build 8 ===
 +
 +  [New Feature] Use Client IP in Header can now be set to use the last IP listed in the X-Forwarded-For header for servers behind AWS ELB.
 +  [Bug Fix] Address cp_switch_ws.sh issues when switching back to Apache.
 +  [Bug Fix] Invisible reCAPTCHA now works properly with IE 11 browser.
 +  [Bug Fix] Correct a crash bug in cache engine.
 +  [Tuning] Separate IPv4 and IPv6 virtual hosts now share cached pages for the same domain.
 +
 +=== Build 7 ===
 +
 +  [New Feature] For CloudLinux Python/​Ruby/​NodeJS selector application,​ applies header modification configuration in .htaccess to dynamic response.
 +  [Bug Fix] A mod_security engine bug that causes random crash.
 +  [Bug Fix] A bug in access log format validation.
 +
 +=== Build 6 ===
 +
 +  [Bug Fix] Fixed Plesk log rotation issue when LSWS override Apache rc script with symbolic link. 
 +  [Bug Fix] Fixed a crash when NodeJS default was not properly set in httpd_config.xml. ​
 +
 +=== Build 5 ===
 +
 +  [Security] Blocks overriding LD_PRELOAD environment variable from .htaccess.
 +  [Bug Fix] Fixed a corner case that causes hanging HTTP/2 response when bandwidth throttling is enabled. ​
 +  [Bug Fix] Properly apply UMASK configuration for external application. ​
 +
 +=== Build 4 ===
 +
 +  [New Feature] Added the ability to load extra ECC certificate for Apache virtual host when multi-cert support is enabled.
 +  [Improvement] New Ruby 2.0+ compatible RackRunner script for ruby-lsapi 5.0. 
 +  [Tuning] Disable cache if a request is blocked by mod_security.
 +  [Bug Fix] Minor bug fixes in cache engine. ​
 +  [Bug Fix] Minor bug fix in mod_security engine.
 +
 +=== Build 3 ===
 +
 +  [Bug Fix] Fixed an HTTP/2 protocol bug encountered when a PHP page failed without sending back a response header.
 +  [Bug Fix] Fixed an internal memory management bug that caused random crashing.
 +
 +=== Build 2 ===
 +
 +  [Bug Fix] Fixed an AJPv13 protocol bug that caused requests containing a request body to hang.
 +  [Tuning] Improved reCAPATCHA verification to make it compatible with WordPress password protected pages.
 +
 +=== Build 0 ===
 +
 +  [Security] Fixed a symbolic link attack in directory auto index script. Thank you KnownHost for the bug report. (CloudLinux user is not affected.)
 +  [New Feature] Added strict suEXEC and ownership checking on scripts.
 +  [New Feature] Added ability to configure static/​dynamic request per second limit for Apache ghost.
 +  [Bug Fix] Fixed reCAPTCHA triggering for the first access of an allowed robot.
 +  [Bug Fix] Added "​Cache-Control:​ no-cache"​ to reCAPTCHA verification page to disallow CDN/proxy cache.
 +  [Bug fix] Fixed delayed .htaccess loading.
 +  [Bug fix] Fixed a delayed server response bug with HTTP/2.
 +  [Bug fix] Fixed a NodeJS websocket backend configuration bug.
 +  [Bug fix] Shared lib for lscmctl script is now updated on server install/​update.
 +  [Tuning] Prevent ports 443 and 80 from being used as WebAdmin listener port.
 +  [Tuning] Avoid triggering 503 errors when cPanel backend services (cpcontacts,​ webdisk, ...) are unavailable.
 +  [Tuning] Automatically update /​proc/​sys/​net/​core/​somaxconn to 1024 whenever server performs a fresh startup.
 +  [Tuning] Added after=lve_namespaces.service to systemd unit file.
  
 ===== Version 5.4.6 ===== ===== Version 5.4.6 =====
  • Admin
  • Last modified: 2021/01/15 12:32
  • by Lucas Rolff