Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
litespeed_wiki:changelog [2019/04/13 12:59]
Lucas Rolff 5.3.7 build 4
litespeed_wiki:changelog [2024/03/19 21:03] (current)
Michael Alegre Added release log info for LSWS v6.2.1 builds [1,2].
Line 1: Line 1:
 ====== LiteSpeed Web Server Changelog ====== ====== LiteSpeed Web Server Changelog ======
  
-===== Version ​5.=====+**Note:** If a build is missing, you're always able to find it here as well: https://​groups.google.com/​g/​litespeed-edge-users 
 +===== Version ​6.2.1 ===== 
 +=== Build 2 === 
 +  [Bug Fix] Address compatibility issues with older versions of nodejs. 
 +  [Bug Fix] Apply server level log rotation setting to modsec audit log. 
 +  [Bug Fix] Address a few corner cases in HTTP/3 (lsquic).  
 +=== Build 1 === 
 +  [Bug Fix] Addressed an HTTP/3 0-RTT packet validation issue. 
 +=== Build 0 === 
 +  [New Feature] Add hCaptcha support for reCAPTCHA validation. 
 +  [Improvement] Add support for .mjs nodeJS application startup file.  
 +  [Bug Fix] Address a crash related to SecRemoteRules handling. 
 +  [Bug Fix] Address a rare corner case causing HTTP/3 responses to hang.
  
-=== RC3 ===+===== Version 6.2 ===== 
 +=== Build 7 === 
 +  [Bug Fix] Address a crash related to SecRemoteRules handling. 
 +=== Build 6 === 
 +  [Bug Fix] Address broken auto index script introduced in build 5. 
 +  [Bug Fix] Address a potential HTTP/3 CPU spinning issue. 
 +  [Bug Fix] Address a false positive in install script that reports a port is in use. 
 +=== Build 5 === 
 +  [Bug Fix] Do not force override LSAPI_MAX_IDLE_CHILDREN if set explicitly. 
 +  [Bug Fix] Address PHP 8.2 warning in directory auto index script. 
 +  [Bug Fix] Address an issue in handling custom status code. 
 +  [Bug Fix] Increase rewrite engine PCRE match limit to avoid PCRE_ERROR_MATCHLIMIT.  
 +  [Tuning] Add dark mode for server generated error page and directory index page.  
 +=== Build 4 === 
 +  [Bug Fix] Fix a rare corner case in HTTP/3. 
 +  [Bug Fix] Fix "​RewriteOptions IngoreInherit"​ 
 +  [Bug Fix] enable suEXEC for PHP 8.3 by default. 
 +=== Build 3 === 
 +  [Bug Fix] Fix no-abort for CGI script. 
 +  [Bug Fix] Fix Redirect 410 handling. 
 +  [Bug Fix] Fix python application with long vhost name. 
 +  [Bug Fix] Fix CPU spinning caused by HTTP/3 corner case. 
 +=== Build 2 === 
 +  [Bug Fix] Fix HTTP/3 session resumption bug introduced in 6.2 Build 1. 
 +=== Build 1 === 
 +  [Security] Disable HTTP/2 when detecting a rapid reset attack. 
 +  [Improvement] Override server level per client connection soft limit with vhost level limit. 
 +  [Tuning] Limit pipe logger buffer size to 1MB. 
 +  [Bug Fix] Fix RackRunner.rb bug introduced in 6.1.2 build 8. 
 +  [Bug Fix] Fix minor mod_security issues. 
 +=== Build 0 === 
 +  [New Feature] Update HTTP/3 implementation to support QUICv2 protocol. 
 +  [New Feature] mod_security engine now has an option to use RE2 instead PCRE regex engine. 
 +  [New Feature] Add vhost level max request body length and max dynamic response length configurations. 
 +  [New Feature] Add vhost level dedicated PHP handler configuration option. 
 +  [New Feature] Add support for rewrite flags "​BNP",​ "​backrefnoplus",​ "​BCTLS",​ and "​BNE"​. 
 +  [Improvement] Improve reCAPTCHA custom error page handling to avoid expensive dynamic processing. 
 +  [Improvement] Add missing access log format following Apache spec. 
 +  [Improvement] Enhance Apache expression support with dynamic regular expression matching. 
 +  [Improvement] Apache expression support in RewriteCond. 
 +  [Improvement] Virtual host level reCAPTCHA trigger by concurrent connections. 
 +  [Security] More strict request header validation. 
 +  [Bug Fix] Fix a compatibility issue with Rack version >3.0 for Ruby applications. 
 +  [Bug Fix] Allow use of stdout/​stderr as log file names. 
 +  [Bug Fix] Address large request header compatibility issue with PHP-FPM. 
 +  [Tuning] Add PHP 8.3 support. 
 +  [Tuning] Lift default virtual memory limit for external applications. 
 +  [Bug Fix] Minor bug fixes to cache engine, mod_security engine, and request handling.
  
-  ​[Major New Feature] ​Dynamic ​Virtual ​Host configuration through REDIS backend+===== Version 6.1.2 ===== 
-  [Major Improvement] ​Greatly improved ​HTTP/​2 ​performance ​-- up to 7x faster than previous implementations+=== Build 8 === 
-  [Bug Fix] Improved QUIC engine performance and stability+  ​[New Feature] ​Add support for rewrite flags "​BNP",​ "​backrefnoplus",​ "​BCTLS",​ and "​BNE"​. 
-  [Bug Fix] All bug fixes and enhancements on 5.3.x branch included.+  [Bug Fix] Fix cp_switch_ws.sh switch back to Apache failure. 
 +  [Bug Fix] Fix a compatibility issue with Rack version >3.0 for Ruby applications.  
 +  [Bug Fix] Allow use of stdout/​stderr as log file names. 
 +  [Bug Fix] Fix a mod_security engine Multi-thread race condition. 
 +=== Build 7 === 
 +  [Bug Fix] Address a bug in expression parser introduced in build 5. 
 +=== Build 6 === 
 +  [Bug Fix] Address a bug in RewriteCond expression parser. 
 +  [Bug Fix] Address a bug in SSI engine. 
 +=== Build 5 === 
 +  [Improvement] Enhance Apache expression support with dynamic regular expression matching. 
 +  [Improvement] Apache expression support in RewriteCond. 
 +  [Improvement] ​Virtual ​host level reCAPTCHA trigger by concurrent connections. 
 +  [Bug Fix] Fix FreeBSD + ZFS crash due to unsupported posix_fallocate() syscall. 
 +  [Tuning] Add PHP 8.3 support. 
 +  [Tuning] Tweak graceful restart to avoid being killed by systemd during service restart. 
 +=== Build 4 === 
 +  [Security] Properly handle multiple HOST headers. 
 +  [Tuning] Lift default virtual memory limit for external applications
 +  [Improvement] ​Add "​wordpress_logged_in_*"​ session cookie detection.  
 +  [Bug Fix] Address two rare crashes relating to ESI handling. 
 +=== Build 3 === 
 +  [Improvement] Improve reCAPTCHA custom error page handling to avoid expensive dynamic processing.  
 +  [Bug Fix] Address broken Plesk feature "deny access to the site"​. 
 +  [Bug Fix] Improve install script to now automatically install missing dependencies.  
 +=== Build 2 === 
 +  [Security] Address request header smuggling over HTTP/​2 ​and HTTP/3. 
 +  [Bug Fix] Address broken FastCGI POST for large request body, introduced in 6.1.2 build 1.  
 +=== Build 1 === 
 +  [New Feature] Add vhost level max request body length and max dynamic response length configurations. 
 +  [New Feature] Add vhost level dedicated PHP handler configuration option.  
 +  [Improvement] Install necessary ruby-lsapi gem package for alt-ruby 3.1+
 +  [Bug Fix] Address large request header compatibility issue with PHP-FPM
 +  [Bug Fix] Address a false positive for per client soft limit blocking. 
 +=== Build 0 === 
 +  [Improvement] Allow total header sizes > 64KB.  
 +  [Improvement] Add support for websocket upgrade using <​LocationMatch> ​and ProxyPassMatch (used by Plesk). 
 +  [Improvement] Add support for Unix domain socket proxy target address (used by DirectAdmin). 
 +  [Bug Fix] Address a corner case in LSAPI 304 response handling. 
 +  [Bug Fix] Address unique ID duplication in mod_security audit log.  
 +  [Bug Fix] Address a corner case in mod_security request header matching.  
 +  [Bug Fix] Address a license key verification issue during server reboot. 
 +  [Bug Fix] Update ls-qpack to address a corner case.  
 +  [Bug Fix] Address a request header parser corner case for a look-alike header.  
 +  [Bug Fix] Address broken mailman support for Plesk 
 +  [Bug Fix] Address two corner cases in layer 4 proxy.  
 +  [Bug Fix] Address an issue with proxy forwarding to the Plesk admin panel. 
 +  [Tuning] Better handling of buggy HTTP/2 clients with poor flow control implementations.
  
-=== RC2 ===+===== Version 6.1.1 ===== 
 +=== Build 0 === 
 +  [New Feature] Add SSL strict SNI mode option to fail SSL connections when there is no vhost level SSL certificate. 
 +  [New Feature] Add a vhost level AllowBlockedUrl option to allow blocked URL passthrough.  
 +  [Improvement] Add support for unix domain socket for redis dynamic vhost.  
 +  [Improvement] Update WebAdmin Console login to use BCRYPT password hash. 
 +  [Improvement] Add support for "​Require local" configuration directive. 
 +  [Bug Fix] Avoid blocking on socket read for internal fetcher. 
 +  [Bug Fix] Address broken "​RewriteOption inherit"​ corner case. 
 +  [Bug Fix] Address duplicate unique ID field in mod_security audit log. 
 +  [Bug Fix] Address a python application frequent restart issue. 
 +  [Bug Fix] Address a python application upload hang issue. 
 +  [Bug Fix] Fix SecRemoteRules certificate verification failure. 
 +  [Bug Fix] Fix broken sub-directory password protection configuration for Plesk WordPress toolkit. 
 +  [Bug Fix] Address an issue switching apache/lsws systemd unit file for Plesk. 
 +  [Bug Fix] Address an issue with Plesk watchdog monitoring httpd service.
  
-  ​[Major New Feature] ​Dynamic virtual hosting ​through ​rewrite rules+===== Version 6.1 ===== 
-  [Improvement] ​Improved HTTP/2 performance+=== Build 6 === 
-  [Bug Fix] All applicable bug fixes from the 5.3 branch+  [Bug Fix] Adjust unix domain socket address length for PHP suEXEC handler. 
-  [Bug Fix] Fixed a few server crash bugs.+=== Build 5 === 
 +  [Bug Fix] Address a python application upload hanging issue. 
 +  [Bug Fix] Fix SecRemoteRules certificate verification failure. 
 +  [Bug Fix] Fix broken sub-directory password protection configuration for Plesk WordPress toolkit. 
 +=== Build 4 === 
 +  [Bug Fix] Address a crash when handling .htaccess updates. 
 +=== Build 3 === 
 +  [Bug Fix] Address an issue switching apache/lsws systemd unit file for Plesk.  
 +  [Bug Fix] Address an issue with Plesk watchdog monitoring httpd service. 
 +=== Build 2 === 
 +  [Improvement] ARM64 (aarch64) package is now available. 
 +  [Improvement] Update WebAdmin Console login to use BCRYPT password hash. 
 +  [Bug Fix] Update php3_mode and php4_mode for DirectAdmin panel in script cp_switch_lsws.sh. 
 +=== Build 1 === 
 +  [Improvement] Add support for "​Require local" configuration directive. 
 +  [Bug Fix] Avoid blocking on socket read for internal fetcher. 
 +  [Bug Fix] Address broken "​RewriteOption inherit"​ corner case. 
 +  [Bug Fix] Update lsquic to v3.3.1 to address a corner case hang caused by flow control congestion.  
 +=== Build 0 === 
 +  ​[New Feature] ​Add PROXY protocol support. 
 +  [New Feature] Add custom response status code support. 
 +  [New Feature] Apply OOMScoreAdjust for lsws service to avoid being OOM killed. 
 +  [New Feature] Trigger reCAPTCHA ​through ​mod_security engine via an environment variable
 +  [Improvement] ​Inherit .htaccess belonging to parent context. 
 +  [Improvement] Make SSI environment available to included CGIs/scripts. 
 +  [Improvement] Add conditional access logging using Expression. 
 +  [Improvement] Configurable reCAPTCHA timeout. 
 +  [Improvement] Add "​DisableForwardedIpBan"​ Apache style configuration directive to avoid blocking IPs forwarded by front-end proxies. 
 +  [Improvement] Enhance '​disableCgiOverride'​ to cover options +ExecCGI and +Include. 
 +  [Improvement] Add Apache style configurations "​LogKeepDays"​ and "​LogCompressArchive"​. 
 +  [Improvement] Escape multiline STDERR messages. 
 +  [Improvement] Detect update failures in lsup.sh. 
 +  [Improvement] Improve WebAdmin Console realtime stats with a new JavaScript library
 +  [Bug Fix] Set "​HOME"​ environment for CGI/​External apps when possible. 
 +  [Bug Fix] Fix connection timeout false-positives for active HTTP3 connections
 +  [Bug Fix] Fix domain limited licensing for Plesk servers. 
 +  [Bug Fix] Update lsquic to v3.3.0 .  
 +  [Tuning] Disable TLSv1.1 by default.
  
-=== RC1 Build ===+===== Version 6.1RC3 ===== 
 +=== Build === 
 +  [New Feature] Add custom response status code support. 
 +  [New Feature] Apply OOMScoreAdjust for lsws service to avoid having the server killed when low on memory. 
 +  [Improvement] Escape multiline STDERR messages.  
 +  [Improvement] Add "​DisableForwardedIpBan"​ Apache style configuration directive to avoid blocking IPs forwarded by front-end proxies. 
 +  [Bug Fix] Address a few corner cases in HTTP/3 implementation. ​  
 +  [Bug Fix] Address an HTTP/2 decoder bug.  
 +  [Bug Fix] Include all bug fixes applied to 6.0.12 stable releases.
  
-  ​[Bug Fix] Fixed a bug causing the default error page to hang on some HTTP/2 connections+===== Version 6.1RC2 ===== 
-  [Bug Fix] Fixed a bug that causing some HTTPS connections ​to hang+=== Build 0 === 
-  [Bug Fix] Fixed an infinite recursion bug that caused a stack overflow when triggered.+  [New Feature] PROXY protocol support. 
 +  [Improvement] Make SSI environment available to included CGIs/​scripts. 
 +  [Improvement] Enhance '​disableCgiOverride'​ to cover options +ExecCGI and +Include.  
 +  [Improvement] Better handling of content-type with charset. 
 +  [Improvement] Add "​x-frame-options"​ header for reCAPTCHA page. 
 +  ​[Bug Fix] Inherit .htaccess belonging ​to parent context. 
 +  [Bug Fix] Address bad target URL with native proxy configuration for '/' context.  
 +  [Bug Fix] Avoid installing Ruby Rack 3.0 gem to avoid compatibility issues.  
 +  [Bug Fix] Avoid using IPv6 mapped IPv4 addresses for HTTP/3 connections.  
 +  [Bug Fix] Address memory leak in QUIC SHM
  
-=== RC1 Build 1 ===+===== Version 6.1RC1 ===== 
 +=== Build 1 === 
 +  [New Feature] Add "​LSPHP_ProcessGroup unmanaged"​ mode to support php-fpm like services for Apache vhost. 
 +  [Bug Fix] Address an HTTP/2 header value compliance corner case that caused broken curl HTTP/2 connections. 
 +  [Improvement] Add support for alt-python 3.10. 
 +  [Bug Fix] Address HTTP/3 corner cases with lsquic v3.1.4 update. 
 +=== Build 0 === 
 +  [New Feature] Trigger reCAPTCHA through mod_security engine via an environment variable. 
 +  [Improvement] Add parent context .htaccess inheritance. 
 +  [Improvement] Add conditional access logging using Expression. 
 +  [Improvement] Configurable reCAPTCHA timeout. 
 +  [Improvement] Add "​LogKeepDays",​ "​LogCompressArchive"​ Apache style configurations. 
 +  [Tuning] Disable TLSv1.1 by default. 
 +  [Bug Fix] Set "​HOME"​ environment for CGI/​External apps when possible. 
 +  [Bug Fix] Update lsquic to the latest v3.1.2 release. 
 +  [Bug Fix] Include all bug fixes applied to 6.0.12 stable releases.
  
-  ​[Bug fix] QUIC Transport ​fix+===== Version 6.0.12 ===== 
 +=== Build 13 === 
 +  ​[Bug FixDetect and ignore truncated log file path for DirectAdmin. 
 +  [Bug Fix] Fix broken server switching script for cPanel + Ubuntu. 
 +  [Bug Fix] Do not count Plesk internal Virtual Hosts against license domain limit. 
 +  [Bug Fix] Fix broken connection timeout for HTTP/3 connections. 
 +=== Build 12 === 
 +  [Bug Fix] Address default charset issue for static files. (Introduced in v6.0.12 build 4) 
 +  [Bug Fix] Address a mod_security corner case.  
 +=== Build 11 === 
 +  [Improvement] Add support for PHP 8.2 handler auto-detection. 
 +  [Bug Fix] Address broken lowercase transformation for certain mod_security variables. 
 +=== Build 10 === 
 +  [Bug Fix] Properly handle "​%{local}p"​ access log format. 
 +  [Bug Fix] Handle white spaces when detecting existing header values. 
 +  [Bug Fix] Fix broken "​Trusted"​ IP configuration in .htaccess. 
 +  [Improvement] Add "​x-frame-options"​ header for reCAPTCHA page. 
 +  [Improvement] Make SSI environment available to included CGIs/​scripts. 
 +  [Bug Fix] Address crash in parsing bad rewrite map data. 
 +  [Bug Fix] Address memory leak in QUIC SHM.  
 +=== Build 9 === 
 +  [Bug Fix] Address a response header bug introduced in build 8 that causes errors serving from cached page. 
 +=== Build 8 === 
 +  [Bug Fix] Address malformed HTTP/1.1 response header caused by header value modification operations introduced in build 7. 
 +  [Bug Fix] Address bad target URL with native proxy configuration for '/'​ context. 
 +  [Bug Fix] Avoid installing Ruby Rack 3.0 gem (compatibility issues). 
 +  [Bug Fix] Avoid using IPv6 mapped IPv4 addresses for HTTP/3 connections.  
 +=== Build 7 === 
 +  [Bug Fix]  Address an HTTP/2 header value compliance corner case that caused broken curl HTTP/2 connections.  
 +=== Build 6 === 
 +  [Improvement] Add support for alt-python 3.10 . 
 +  [Bug Fix] Address HTTP/3 corner cases with lsquic v3.1.4 update. 
 +  [Bug Fix] Limit the size of unix domain socket address for PHP suEXEC handler. 
 +  [Bug Fix] Address a minor display issue in WebAdmin. 
 +=== Build 5 === 
 +  [Bug Fix] Address a regression in SHM operations that caused random crashes, introduced in build 4. 
 +=== Build 4 === 
 +  [Bug Fix] Minor corner case fixes in HTTP/3 protocol implementation. 
 +  [Bug Fix] Address bug in "​AddDefaultCharset"​ support for all "​text/​*"​ MIME types. 
 +  [Bug Fix] More strict header filtering for HPACK/QPACK encoding to avoid protocol violations. 
 +  [Tuning] Disable TLSv1.1 by default. 
 +=== Build 3 === 
 +  [Bug Fix] Address a random crash bug. 
 +  [Bug Fix] Address an auto index permissions issue for Redis mass vhosting. 
 +  [Tuning] No longer enable SPDY protocol by default. 
 +  [Bug Fix] Apply a minor fix to HTTP/3 protocol. 
 +=== Build 2 === 
 +  [New Feature] Adjust external app OOM score via LS_OOM_SCORE_ADJ environment configuration. 
 +  [Bug Fix] Address a random crash in mod_security engine. 
 +  [Bug Fix] Address an SSL error handling problem to avoid high CPU usage. 
 +=== Build 1 === 
 +  [Bug Fix] Address a chunked encoding parser bug that could cause an infinite loop. 
 +  [Bug Fix] Address a bug when processing delayed request bodies that could cause random crashes. 
 +  [Bug Fix] Address a suEXEC bug with native vhost configurations. 
 +  [Bug Fix] Update mod_security JSON audit log to include required data for imunify360 log parser. 
 +  [Tuning] Update log messages for bot detection to avoid confusion. 
 +=== Build 0 === 
 +  [Security] Address a few crashes and memory leaks in HTTP/3 implementation. 
 +  [Security] Add more strict virtual host name validation in WebAdmin to address a potential XSS vulnerability. 
 +  [Improvement] Add server level control to return 404 or 403 when directory auto-index is disabled. 
 +  [Improvement] Better stale cache purge handling. 
 +  [Improvement] Add pagination for long auto indexed pages. 
 +  [Improvement] Support following ErrorDocument customizations in .htaccess for early stage internal errors. 
 +  [Tuning] Enable suEXEC for PHP 8.1 by default. 
 +  [Tuning] Do not enable cPanel HTTP server monitoring in update script. 
 +  [Tuning] Adjust internal shell scripts for better ubuntu compatibility. 
 +  [Bug Fix] Address broken alt-python application caused by the new way virtualenv was built. 
 +  [Bug Fix] Address broken vhost level mod_security configuration. 
 +  [Bug Fix] Address random crashes in mod_security engine. 
 +  [Bug Fix] Address a rare multi-threaded mod_security engine race condition. 
 +  [Bug Fix] Add more validation checks to avoid accidentally killing system process when stopping detached external application processes. 
 +  [Bug Fix] Improve auto index script to avoid calling function ini_set(). 
 +  [Bug Fix] Address crashes in ESI/SSI engine. 
 +  [Bug Fix] Address POST cache issues. 
 +  [Bug Fix] Block request header "​transfer-encoding:​ chunked"​ for HTTP/2 and HTTP/3. 
 +  [Bug Fix] Enforce HTTP authentication for OPTIONS requests.
  
-=== RC1 Build 0 ===+===== Version 6.0.11 ===== 
 +=== Build 9 === 
 +  [Security] Address a crash in HTTP/3 implementation. 
 +  [Improvement] Add server level control to return 404 or 403 when directory auto-index is disabled. 
 +  [Bug Fix] A few minor fixes to HTTP/3 implementation. 
 +  [Bug Fix] Address a bug in SSI engine that caused random crashes. 
 +  [Bug Fix] Address broken alt-python 2.7 applications. 
 +=== Build 8 === 
 +  [Bug Fix] Address broken alt-python application caused by the new way virtualenv was built. 
 +  [Bug Fix] Address broken vhost level mod_security configuration. 
 +  [Bug Fix] Add more validation checks to avoid accidentally killing system process when stopping detached external application processes. 
 +  [Bug Fix] Improve auto index script to avoid calling function ini_set(). 
 +  [Bug Fix] Address a rare multi-threaded mod_security engine race condition. 
 +  [Bug Fix] Address a crash in ESI/SSI engine. 
 +=== Build 7 === 
 +  [Bug Fix] Address broken alt-python application. 
 +  [Bug Fix] Address POST cache issues. 
 +  [Bug Fix] Block request header "​transfer-encoding:​ chunked"​ for HTTP/2 and HTTP/3. 
 +  [Bug Fix] Address an SSI engine crash. 
 +=== Build 6 === 
 +  [Improvement] Better stale cache purge handling. 
 +  [Improvement] Add pagination for long auto indexed pages. 
 +  [Bug Fix] Address a random crash in mod_security engine. 
 +  [Tuning] Do not enable cPanel HTTP server monitoring in update script. 
 +  [Tuning] Adjust internal shell scripts for better ubuntu compatibility.  
 +=== Build 5 === 
 +  [Bug Fix] Increase HTTP/3 max concurrent streams from 100 to 500 to work around a chrome bug. 
 +  [Bug Fix] Enforce HTTP authentication for OPTIONS requests. 
 +  [Bug Fix] Address a crash triggered by a debug log message. 
 +  [Misc] Update bundled lsws_whm_plugin_install.sh script and attempt to download the latest version of this script before use.  
 +=== Build 4 === 
 +  [Security] Add more strict virtual host name validation in WebAdmin to address a potential XSS vulnerability. 
 +  [New Feature] Add CloudLinux alt-python3.9 support. 
 +  [Bug fix] Address a python application server configuration issue. 
 +  [Bug fix] Address a "sub request timeout"​ crash. 
 +=== Build 3 === 
 +  [Bug Fix] Address a random crash when handling connection level timer events. 
 +  [Improvement] Support following ErrorDocument customizations in .htaccess for early stage internal errors. 
 +  [Tuning] Enable suEXEC for PHP 8.1 by default.  
 +=== Build 2 === 
 +  [New Feature] Add "​SecEngineHtaccessOverride on/​off"​ directive to allow/​disable turning on/off mod_security engine from .htaccess. Default to "​on"​. 
 +  [New Feature] Add "​ModSec19Compatible on/​off"​ directive to support mod_security 1.9 style configurations. Default to "​off"​. 
 +  [Bug Fix] Address a layer4 tunnel bug that was causing random crashes. 
 +  [Bug Fix] Address a random crash in handling connection level timer events.  
 +=== Build 1 === 
 +  [Bug Fix] Address a vhost level mod_security engine control corner case.  
 +=== Build 0 === 
 +  [New Feature] Add websocket proxy target support for rewrite rules. 
 +  [Improvement] Improve HTTP/2 upload throughput. 
 +  [Improvement] Improve HTTP/3 upload throughput. 
 +  [Bug Fix] Address HTTP/3 handshake failures. 
 +  [Bug Fix] Address an HTTP/1.1 request body chunk encoding corner case that caused unexpected 400 status for the next request made when over a keep-alive connection. 
 +  [Bug Fix] Throttle unnecessary lscache purges generated by LSCWP. 
 +  [Bug Fix] Improve cp_switch_ws.sh script compatibility with different shell interpreters. 
 +  [Bug Fix] Avoid caching incomplete/​broken homepages for more than 1 minute. 
 +  [Bug Fix] Address broken vhost level private cache lookup configuration.
  
 +===== Version 6.0.10 =====
 +=== Build 2 ===
 +  [Bug Fix] Address HTTP/3 handshake failures.
 +  [Bug Fix] Improve HTTP/2 upload throughput.
 +=== Build 1 ===
 +  [Bug Fix] Address an HTTP/3 throughput regression introduced in v6.0.10.
 +  [Bug Fix] Improve HTTP/2 upload throughput.
 +  [Bug Fix] Throttle unnecessary lscache purges generated by LSCWP.
 +  [Bug Fix] Improve cp_switch_ws.sh script compatibility with different shell interpreters.
 +  [Bug Fix] Avoid caching incomplete/​broken homepages for more than 1 minute.
 +  [Bug Fix] Address broken vhost level private cache lookup configuration.
 +=== Build 0 ===
 +  [Improvement] Optimize SSL and HTTP/2 read speeds.
 +  [Bug Fix] Address a few bandwidth throttling issues.
 +  [Bug Fix] Address high CPU usage for server worker processes.
 +  [Bug Fix] Address issues with ModSecurity logging and persistent variable handling.
 +  [Bug Fix] Address a few minor HTTP/3 corner cases.
 +  [Bug Fix] Convert chunked encoding request bodies for proxy backends.
 +  [Bug Fix] Address a Server Side Includes corner case that could sometimes truncate large files.
 +  [Bug Fix] Do not block client access if reCAPTCHA is not properly configured when using WP full protection.
 +
 +===== Version 6.0.9 =====
 +=== Build 3 ===
 +  [Bug Fix] Address a few minor HTTP/3 corner cases.
 +  [Bug Fix] Avoid unnecessary error log warnings (introduced in v6.0.8).
 +  [Bug Fix] Convert chunked encoding request bodies for proxy backends.
 +  [Bug Fix] Address a Server Side Includes corner case that could sometimes truncate large files.
 +  [Bug Fix] Do not block client access if reCAPTCHA is not properly configured when using WP full protection.
 +=== Build 2 ===
 +  [Bug Fix] Address "​cannot find installed module for python application"​ regression (introduced in v6.0.9).
 +=== Build 1 ===
 +  [Bug Fix] Address mod_security request body scan getting randomly skipped (introduced in v6.0.8).
 +=== Build 0 ===
 +  [Bug Fix] Address cache engine corner case that randomly disabled cache or ignored purge requests.
 +  [Bug Fix] Cache engine should no longer purge again when serving a cached page with purge headers.
 +  [Bug Fix] Properly pass environment variables for python applications configured via CloudLinux python selector.
 +  [Bug Fix] Update ea-ruby24 to ea-ruby27 for cPanel Ruby application manager.
 +  [Bug Fix] Address POST requests randomly hanging.
 +  [Bug Fix] "​%{CONTENT_TYPE}"​ is now properly supported in Apache expressions.
 +  [New Feature] Add support for '​LogRotationSize'​ Apache directive at the server level to control access log rotation.
 +
 +===== Version 6.0.8 =====
 +=== Build 3 ===
 +  [Bug Fix] Address SSI expression back reference crash.
 +  [Bug Fix] Avoid long disk I/O blocking for cache storage cleaning up.
 +  [Bug Fix] Tweak PHP handler mapping to only use alt-php handler when available.
 +  [Bug Fix] Address target URL behavior change for conditional redirects.
 +=== Build 2 ===
 +  [Bug Fix] Address POST requests randomly hanging.
 +  [Bug Fix] "​%{CONTENT_TYPE}"​ is now properly supported in Apache expressions.
 +  [New Feature] Add LogRotationSize Apache directive at the server level to control access log rotation.
 +=== Build 1 ===
 +  [Bug Fix]  Address a regression introduced in v6.0.8 that can cause random crashing.
 +=== Build 0 ===
 +  [Bug Fix] Address a mod_security corner case causing hanging worker processes.
 +  [Bug Fix] Disable mod_security engine for requests rewritten to ReCAPTCHA.
 +  [Bug Fix] Address an ESI encoding corruption bug that mainly affected Prestashop caching.
 +  [Improvement] Internal redirects now carry over "​Last-Modified"​ and "​Content-type"​ response headers set by scripts.
 +  [Improvement] Add "​ProxyAddHeaders on|off"​ support to avoid sending "​x-Forwarded-for"​ and "​x-forwarded-host"​ proxy headers.
 +  [Improvement] Add `CachePost on|off` support to allow POST cache configuration in Apache configuration files.
 +  [Improvement] Avoid an unintended delay when processing the first request for a newly started PHP worker group.
 +
 +===== Version 6.0.7 =====
 +=== Build 1 ===
 +  [Bug Fix] Address an ESI encoding corruption bug that mainly affected Prestashop caching.
 +=== Build 0 ===
 +  [Bug Fix] Address additional random crashes in asynchronous mod_security engine.
 +  [Bug Fix] Address an HTTP/3 sendfile corner case.
 +  [Bug Fix] Address a problem with custom error page for OPTIONS request method.
 +
 +===== Version 6.0.6 =====
 +=== Build 0 ===
 +  [Bug Fix] Address a few random crashes in asynchronous mod_security engine.
 +  [Bug Fix] Address random server hangs when AIO is in use
 +  [Improvement] Cleanup SSL OCSP data cache folder.
 +
 +===== Version 6.0.5 =====
 +=== Build 2 ===
 +  [Bug Fix]  Address a random crash introduced in v6.0.5 build 1.
 +=== Build 1 ===
 +  [Bug Fix]  Address random server hangs when AIO is in use.
 +=== Build 0 ===
 +  [Bug Fix] Address a random crash with asynchronous mod_security engine.
 +  [Bug Fix] Resolve a problem with sending truncated static files over HTTP/3 connections.
 +  [Bug Fix] Resolve a problem with purging by URL.
 +  [Bug Fix] Address a crash when handling decoded HTTP/2 headers.
 +
 +===== Version 6.0.4 =====
 +=== Build 0 ===
 +  [Bug Fix] Address a chrome HTTP/3 connection timeout issue for long running scripts.
 +  [Bug Fix] Address a multi-thread race condition in mod_security engine.
 +  [Bug Fix] Detect dead HTTP/2 connections during server cool-down.
 +  [Bug Fix] Improve request/​response header name validation to avoid HTTP/2 and HTTP/3 protocol violations.
 +
 +===== Version 6.0.3 =====
 +=== Build 0 ===
 +  [New Feature] Optionally enable UNIQUE_ID environment variable for Apache mod_unique_id compatibility.
 +  [New Feature] Add server variable REDIRECT_REQUEST_METHOD for better Apache compatibility.
 +  [Bug Fix] Address an infinite loop when processing conditional context expressions.
 +  [Bug Fix] Address crashes in mod_security engine, SSL session cache, and response header processing.
 +  [Bug Fix] Address LiteSpeed worker high CPU usage due to a malloc() spinlock dead lock.
 +  [Bug Fix] Better follow PassengerAppLogFile configuration for Python/Ruby applications.
 +  [Bug Fix] Follow server level compressible configuration for MIME types defined in .htaccess.
 +  [Bug Fix] Improve chunk encoded request body handling for PHP scripts.
 +  [Bug Fix] Minor tweaks to HTTP/3 protocol.
 +
 +===== Version 6.0.2 =====
 +=== Build 2 ===
 +  [Bug Fix] Address a crash in response header processing.
 +  [Bug Fix] Better follow PassengerAppLogFile configuration for Python/Ruby applications.
 +  [Bug Fix] Follow server level compressible configuration for MIME types defined in .htaccess.
 +  [Bug Fix] Improve chunk encoded request body handling for PHP scripts.
 +  [Bug Fix] Minor tweaks to HTTP/3 protocol.
 +=== Build 1 ===
 +  [Bug Fix] Address LiteSpeed worker high CPU usage due to a malloc() spinlock dead lock.
 +=== Build 0 ===
 +  [New Feature] Enable HTTP/3 v1 by default.
 +  [Improvement] Allow header customization for reCAPTCHA pages.
 +  [Bug Fix] Keep Firefox HTTP/3 connections alive for long running scripts.
 +  [Bug Fix] Fix Ubuntu Plesk Grafana integration.
 +  [Bug Fix] Conditional redirect configuration now works properly.
 +
 +===== Version 6.0.1 =====
 +=== Build 0 ===
 +  [New Feature] Add support for PassengerAppLogFile directive.
 +  [New Feature] Add support for access log TTFB format "​%^FB"​.
 +  [Bug Fix] Python applications now have a higher priority than directory index.
 +  [Bug Fix] Applied all bug fixes made through 6.0 build 12.
 +
 +===== Version 6.0 =====
 +=== Build 12 ===
 +  [Bug Fix] Address '​HTTP2_PROTOCOL_ERROR'​ bug introduced in v6.0 build 11
 +=== Build 11 ===
 +  [Bug Fix] Properly apply whitelist for Quic.cloud and Cloudflare IPs when server level ACL is blank.
 +  [Bug Fix] Address vhost level rewrite rule false positives.
 +  [Bug Fix] Perform stricter request header name validation.
 +  [Bug Fix] Use a more efficient HTTP/3 PLPMTUD implementation.
 +  [Bug Fix] Correct a cPanel NodeJS application configuration problem.
 +  [Bug Fix] Disable INFO level logging about "​Pending MODSEC operation"​.
 +  [Bug Fix] Avoid converting response header name to lower case for HTTP/1.1.
 +  [Bug Fix] Address a few random crashes.
 +=== Build 10 ===
 +  [Bug Fix] Fix compression cache corruption regression introduced in build 9.
 +  [Bug Fix] Address DirectAdmin default PHP handler issue.
 +=== Build 9 ===
 +  [Bug Fix] Address a regression in cgi-bin handling introduced in 6.0 build 7.
 +  [Bug Fix] Allow ProxyPreserveHost configuration in <​Location>​ context.
 +  [Bug Fix] Address a stack overflow in handling certain SSI expressions.
 +  [Bug Fix] Add missing "​message"​ entry in mod_secuirty json audit log.
 +  [Bug Fix] Address a false positive in handling mod_security remote rule.
 +  [Bug Fix] Address HTTP/3 DLPMTUD false positives. ​
 +=== Build 8 ===
 +  [Improvement] Make ProxyPass work exactly as it does in Apache.
 +  [Bug Fix] Address another corner case causing broken Java AJP connections.
 +  [Bug Fix] Address broken FastCGI backend.
 +  [Bug Fix] Properly handle multiple Content-Type response headers.
 +  [Bug Fix] Address a thread safety issue with mod_security engine.
 +=== Build 7 ===
 +  [Bug fix] Address a corner case that was causing broken Java AJP connections.
 +  [Bug fix] Address an HPACK dynamic table memory usage problem. ​
 +=== Build 6 ===
 +  [Bug Fix] Address a crash caused by HTTP/3 server push (introduced in 6.0 build 5).
 +  [Bug Fix] Address a crash in cache engine.
 +  [Bug Fix] Address high CPU usage when QUIC transport is unable to send pending packets.
 +=== Build 5 ===
 +  [Bug Fix] Address a corner case that caused a truncated proxy response.
 +  [Bug Fix] Address a random crash.
 +  [Bug Fix] Increase rewrite engine match limit to avoid unexpected mismatch.
 +  [Bug Fix] Follow HTTP/3 specification more strictly.
 +=== Build 4 ===
 +  [Bug Fix] Address a server crash when loading an outdated SSL certificate.
 +  [Bug Fix] Fix a bad response due to a false positive in mod_security engine.
 +  [Bug Fix] Address a corner case in HTTP/3 that causes high CPU usage.
 +  [Bug Fix] Fix a random failure loading a CA bundle file for SSL certificate configuration.
 +=== Build 3 ===
 +  [Bug Fix] Address broken process resource limits for external applications.
 +  [Bug Fix] Address broken gQUIC handshake after SSL certificate updates.
 +=== Build 2 ===
 +  [Bug Fix] Correct broken cPanel redirects for /​(cpanel|webmail|whm).
 +  [Bug Fix] Correct broken virtual host level reCAPTCHA sensitivity trigger.
 +  [Bug Fix] Address random crashing when proxying to a '​wss://'​ backend.
 +  [Bug Fix] Address a deadlock in asynchronous DNS event handling.
 +=== Build 1 ===
 +  [Security] Fix a bug that allowed bypassing of built-in blocked URLs.  ​
 +=== Build 0 ===
 +  [New Feature] HTTP/3 v1 support with with DPLPMTUD, Adaptive congestion control, Delayed ACK, and zero-copy packetization.
 +  [New Feature] Asynchronous mod_security engine.
 +  [New Feature] Cache engine POST request caching capability.
 +  [New Feature] Dynamic DNS lookup for external application backends.
 +  [New Feature] Support for Apache 2.4 conditional contexts '<​If>',​ '<​Ifelse>',​ and '<​Else>'​.
 +  [New Feature] Bubblewrap isolated CGI/PHP execution environments.
 +  [New Feature] Cgroup resource throttling for CGI/PHP.
 +  [New Feature] Support for secure websocket backend (wss://).
 +  [New Feature] Auto whitelist QUIC.cloud IPs.
 +  [Improvement] Better out-of-box compatibility with Apache ProxyPass directive.
 +  [Improvement] ModSecurity scan response body support.
 +  [Improvement] ModSecurity persistent collection SHM storage.
 +  [Improvement] ModSecurity JSON audit log.
 +  [Improvement] Revamp of SSL Multi-Cert support.
 +  [Bug Fix] All applicable bug fixes from 5.4.X releases.
 +
 +===== Version 6.0RC3 =====
 +=== Build 0 ===
 +  [New Feature] Support external application configuration using domain name for target address.
 +  [New Feature] HTTP/3 draft 32 support.
 +  [New Feature] Support for secure websocket backend (wss://).
 +  [Major Improvement] Better Apache ProxyPass compatibility with any target domain/IP, without the need to explicitly create an external application.
 +  [Major Improvement] HTTP/3 Delayed ACK extension has been enabled to improve performance.
 +  [Improvement] Better support for various ModSecurity variables.
 +  [Improvement] Fix various HTTP/3 congestion control corner cases to maximize throughput.
 +
 +===== Version 6.0RC2 =====
 +=== Build 0 ===
 +  [New Feature] ModSecurity scan response body support.
 +  [New Feature] HTTP/3 draft 31 support.
 +  [Major Improvement] Improve HTTP/3 throughput with DPLPMTUD, Adaptive congestion control, and zero-copy packetization.
 +  [Major Improvement] ModSecurity persistent collection SHM storage.
 +  [Major Improvement] Revamp of SSL Multi-Cert support.
 +
 +===== Version 6.0RC1 =====
 +=== Build 0 ===
 +  [Major New Feature] Apache 2.4 conditional context <If> <​Ifelse>​ <​Else>​ support.
 +  [Major New Feature] Asynchronous mod_security engine.
 +  [Major New Feature] Bubblewrap isolated CGI/PHP execution environments.
 +  [New Feature] HTTP/3 draft 29 support.
 +  [Major Enhancement] HTTP/2 has gone through a major rewrite with more efficient header handling.
 +  [Enhancement] Added ModSecurity JSON audit log.
 +
 +===== Version 5.4.12 =====
 +=== Build 8 ===
 +  [Bug Fix] Properly apply whitelist for Quic.cloud and Cloudflare IPs when server level ACL is blank.
 +  [Bug Fix] Address vhost level rewrite rule false positives.
 +  [Bug Fix] Correct a cPanel NodeJS application configuration problem.
 +  [Bug Fix]  Fix Ubuntu Plesk Grafana integration.
 +=== Build 7 ===
 +  [Bug Fix] Address a native pipe logger configuration failure.
 +=== Build 6 ===
 +  [Bug Fix] Increase rewrite engine match limit to avoid unexpected mismatch.
 +=== Build 4 ===
 +  [Bug Fix] Address broken virtual host level reCAPTCHA sensitivity trigger.  ​
 +=== Build 3 ===
 +  [Security] Fix a bug that allowed bypassing of built-in blocked URLs.  ​
 +=== Build 2 ===
 +  [Bug Fix]  Correct problematic PCRE flag causing false positives in mod_security.
 +=== Build 1 ===
 +  [Bug Fix] Address external application command sanitizer blocking some PHP binary paths.
 +=== Build 0 ===
 +  [Security] Fix a bug that allowed bypassing of built-in blocked URLs.
 +  [Security] Block improperly configured user/group and commands for external apps.
 +  [Feature] Auto white list QUIC.cloud IPs.
 +  [Bug Fix] Address content corruption for ESI includes.
 +  [Bug Fix] Improve ESI parser to handle improperly escaped ESI directives.
 +  [Bug Fix] Add SSL OCSP stapling for redis dynamic vhosts.
 +  [Bug Fix] Address a random crash in Layer 4 forwarding to websocket backends.
 +  [Bug Fix] cPanel webmail proxy domain email attachment uploads no longer hang.
 +  [Bug Fix] Update wsgi-lsapi to v1.9 to address a unicode encoding problem for Django applications.
 +  [Bug Fix] Improve NodeJS application compatibility.
 +  [Bug Fix] Start Ruby applications through a login bash shell to apply the necessary shell environment variables.
 +  [Bug Fix] Improve mod_security variables handling.
 +  [Bug Fix] Improve reCAPTCHA verification protection.
 +  ​
 +===== Version 5.4.11 =====
 +=== Build 9 ===
 +  [Security] Fix a bug that allowed bypassing of built-in blocked URLs.
 +  [Bug Fix] Address a random crash in Layer 4 forwarding to websocket backends.
 +  [Bug Fix] Address content corruption for ESI includes.
 +  [Bug Fix] Apply vhost request rate throttling override when the bandwidth throttling is off.
 +  [Bug Fix] Add SSL OCSP stapling for redis dynamic vhosts.
 +  [Bug Fix] Persistent warning about lsws systemd unit file has been changed in Plesk environments.
 +  [Bug Fix] Make "​AddDefaultCharset"​ work for javscript and json response.
 +  [Tuning] Finetune vhost reCAPTCHA sensitivity.
 +=== Build 8 ===
 +  [Bug Fix] cPanel webmail proxy domain email attachment uploads no longer hang.
 +  [Bug Fix] Update wsgi-lsapi to v1.9 to address a unicode encoding problem for Django applications.
 +  [Bug Fix] Update bundled WHM plugin to v4.1.3.1.
 +  [Debug] Improve private PURGE debug log messages with private cookie values.
 +=== Build 7 ===
 +  [Security] Block improperly configured user/group and commands for external apps.
 +  [Bug Fix] Improve ESI parser to handle improperly escaped ESI directives.
 +  [Bug Fix] Fix NodeJS application helper script which may call undefined function.
 +  [Bug Fix] Avoid race condition when multiple workers try to start a detached external application.
 +=== Build 6 ===
 +  [Bug Fix] Properly support REQUEST_COOKIES collection in mod_security engine.
 +  [Bug Fix] Mod_security @rx operator now properly matches multi-line input.
 +  [Bug Fix] Improve NodeJS application compatibility.
 +  [Bug Fix] Start Ruby applications through a login bash shell to apply the necessary shell environment variables.
 +  [Bug Fix] Update ruby-lsapi gem to 5.2 for alt-ruby and Plesk ruby installations.
 +=== Build 5 ===
 +  [Bug Fix] Use long delay for access logging when AIO logging is enabled.
 +  [Bug Fix] Only throttle POST requests to wp-login.php for WordPress brute force protection.
 +  [Bug Fix] Log the correct value for the GEOIP environment variable in log message for a mod_security hit.
 +  [Bug Fix] Corner case that caused chunked input streams to hang (introduced in 5.4.11 build 3.) has been fixed.
 +  [Improvement] Allow the unsetting of non-indexed requested headers via the "​RequestHeader unset ..." directive.
 +=== Build 4 ===
 +  [Bug Fix] A timing issue with SSL ticket key rotation that causes brief SSL connection errors.
 +=== Build 3 ===
 +  [Bug Fix] Rewrite rule triggered reCAPTCHA causing rare server hang.
 +  [Bug Fix] Chunk decoding hanging issue for request body.
 +  [Bug Fix] Response header count limit raise to 64K.
 +  [Bug Fix] Client info cache reference counting issue.
 +  [Tuning] Default timeout for SSL session ticket set to 1 hour.
 +  [Tuning] Default umask set to 022.
 +=== Build 2 ===
 +  [Bug Fix] Matched Apache ModSecurity behavior by logging hits with "​pass"​ action to error log.
 +  [Bug Fix] Fixed NodeJS application directory index for static content.
 +  [Bug Fix] Improved lsquic busy loop detection to avoid false positives.
 +  [Bug Fix] Log and auto correct the issue where Python application switches the directory for serving static content.
 +=== Build 1 ===
 +  [Bug Fix] Handle stream RESET in a timely manner for HTTP/3 and QUIC connections.
 +  [Bug Fix] Automatically add local IPv4 and IPv6 addresses to trusted IP list.
 +=== Build 0 ===
 +  [New Feature] Support for Apache configuration directive '​AuthMerging'​.
 +  [Improvement] Support for RewriteCond operators added by Apache 2.4 which includes '>​='​ , '<​=',​ '​-eq'​ , '​-ge'​ , '​-gt',​ '​-le'​ , '​-lt',​ '​-ne',​ '​-h',​ '​-L',​ and '​-x'​.
 +  [Improvement] Update bundled WHM Plugin to v4.1.3 (bundled w/ cPanel plugin v2.1.2).
 +  [Bug Fix] Do not load .htaccess from parent directories beyond document root when AllowOverride is disabled for those parent directories in Apache configuration.
 +  [Bug Fix] Address a crash in ESI sub requests.
 +  [Bug Fix] Avoid restoring older system file backups if a switch back to Apache has been performed.
 +  [Bug Fix] Avoid throttling or blocking local IP.
 +  [Bug Fix] Address occasional slow down caused by long delays added by CUBIC congestion control for HTTP/3 (QUIC).
 +  [Bug Fix] CloudLinux App config now follow max connections configured in LSWS native App config.
 +  [Bug Fix] Properly apply environment variable configuration for CloudLinux Node selector.
 +  [Bug Fix] Address a false positive that was blocking IPs due to "too many new SSL connections"​.
 +  [Bug Fix] Plesk webstats page now works properly.
 +
 +===== Version 5.4.10 =====
 +=== Build 4 ===
 +  [Bug Fix] Do not load .htaccess from parent directories beyond document root when AllowOverride is disabled for those parent directories in Apache configuration.
 +  [Bug Fix] Address a crash in ESI sub request.
 +  [Bug Fix] Avoid restoring older system file backups if a switch back to Apache has been performed.
 +  [Bug Fix] Avoid throttling or blocking local IP.
 +=== Build 1 ===
 +  [Bug Fix] Allow default PHP handler to follow explicit configurations for DirectAdmin.
 +=== Build 0 ===
 +  [New Feature] Add ForceSecureCookie configuration directive to enforce "​secure"​ and "​SameSite"​ cookie attributes. This directive can be set in an Apache config file at the server or vhost level, or in the document root directory'​s .htaccess file.
 +  [New Feature] Allow LiteSpeed Cache for WordPress plugin to use ESI combine sub-requests to improve ESI performance.
 +  [New Feature] Update cPanel plugin to automatically apply new ECC certificates generated through the plugin.
 +  [Improvement] Apply Expires header to a partial response for a range request.
 +  [Improvement] Improve PHP default handler for DirectAdmin.
 +  [Improvement] Update bundled WHM plugin to v4.1.2 with improved WP cache scan logic.
 +  [Bug Fix] Avoid stapling expired OCSP responses.
 +  [Bug Fix] Properly apply URL encoding for Location URL generated by a rewrite rule.
 +  [Bug Fix] HTTP3/IETF QUIC: close immediately if crypto session can't be initialized.
 +  [Bug Fix] Close down HTTP3/QUIC streams reset by peer in a timely manner.
 +  [Bug Fix] Normalize IPv6 addresses to properly reuse existing listener sockets.
 +  [Bug Fix] Update Python application handler internal URL to avoid being blocked when .py suffix is blocked.
 +  [Bug Fix] Apply header operations for pages generated by python/​nodejs applications.
 +  [Bug Fix] Properly detect HTTP/2 GREASE frame and GREASE settings entry, avoiding protocol errors.
 +  [Bug Fix] Avoid releasing cache objects too early.
 +  [Bug Fix] Address a rare crash in ESI parser.
 +  [Bug Fix] Force apply ACL configuration changes when client access level is cached in SHM.
 +  [Bug Fix] Reset per client concurrent connection counter stored in SHM when server restarts.
 +  [Bug Fix] For directory auto index, avoid a blank file name when special characters are in the name.
 +  [Tuning] Automatically detect and neutralize bad rewrite rules that cause looping proxy to the same server.
 +  [Tuning] Install alt-python38 wsgi-lsapi binary from source if rpm package is not available.
 +  [Tuning] Add PHP 8.0 auto detection.
 +
 +===== Version 5.4.9 =====
 +=== Build 4 ===
 +  [Improvement] Improve PHP default handler for DirectAdmin.
 +  [Bug Fix] Avoid stapling expired OCSP responses.
 +  [Bug Fix] HTTP3/IETF QUIC: close immediately if crypto session can't be initialized.
 +  [Bug Fix] Address a rare/random crash.
 +=== Build 3 ===
 +  [New Feature] Allow LiteSpeed Cache for WordPress plugin to use ESI combine sub-requests to improve ESI performance.
 +  [New Feature] Update cPanel plugin to automatically apply new ECC certificates generated through the plugin.
 +  [Bug Fix] Normalize IPv6 address to properly reuse existing listener sockets.
 +  [Bug Fix] Close down HTTP3/QUIC streams reset by peer in timely manner. ​
 +=== Build 2 ===
 +  [New Feature] New ForceSecureCookie configuration directive to enforce "​secure"​ and "​SameSite"​ cookie attributes. This directive can be set in an Apache config file at the server or vhost level, or in the document root directory'​s .htaccess file.
 +  [Bug Fix] Apply header operations for pages generated by python/​nodejs applications.
 +  [Bug Fix] Properly detect HTTP/2 GREASE frame and GREASE settings entry, avoiding protocol errors.
 +  [Tuning] Automatically detect and neutralize bad rewrite rules that cause looping proxy to the same server.
 +  [Tuning] Install alt-python38 wsgi-lsapi binary from source if rpm package is not available.
 +  [Bug Fix] Avoid releasing cache objects too early.
 +  [Bug Fix] Address a rare crash in ESI parser. ​
 +=== Build 1 ===
 +  [Feature] Apply Expires header to a partial response for a range request.
 +  [Bugfix] Force apply ACL configuration changes when client access level is cached in SHM.
 +  [Bugfix] For directory auto index, avoid a blank file name when special characters are in the name.
 +=== Build 0 ===
 +  [New Feature] WHM plugin 4.1 with Let's Encrypt ECC certificate support. QUIC.cloud integration with SSL certificates synchronization.
 +  [New Feature] Automatic CloudFlare CDN IP detection.
 +  [New Feature] Support for bcrypt password hash for HTTP authentication.
 +  [Improvement] PHP version detection for cPanel FCGId PHP handler.
 +
 +===== Version 5.4.8 =====
 +=== Build 5 ===
 +  [Bug fix] Properly pass CHUNK encoded request body to script handler to address random file upload failure.
 +  [Bug fix] Addressed graceful restart failure when the server has many IPs in use and is forced to create listeners for individual IP.
 +=== Build 4 ===
 +  [New Feature] Control whether to wait for the full request body or not before passing requests to the request handler with new environment variable "​wait-req-full-body"​. (Waiting allows the request handler to see the full request body immediately)
 +  [Tuning] Increase reCAPTCHA verified status timeout from 1-hour to 1-day.
 +  [Tuning] Increase .htaccess processing time limit from 500ms to 2.5sec to allow for the processing of larger .htaccess files.
 +=== Build 3 ===
 +  [Bug Fix] LiteMage cache object count is now more accurate.
 +  [Bug Fix] Address a few compatibility issues with Plesk admin console proxy through regular HTTPS access.
 +  [Bug Fix] Cache statistics access through IPv6.
 +  [Improvement] Protect WebAdmin listener port from duplicate regular listener configuration.
 +  [Improvement] Add Plesk git integration support.
 +=== Build 2 ===
 +  [Bug Fix] Address 404 error for reCAPTCHA verification.
 +  [Bug Fix] '​SetEnv'​ directive is now properly applied inside <​Files>​ or <​FilesMatch>​ contexts. ​
 +=== Build 1 ===
 +  [Bug Fix] Correct DirectAdmin PHP handler detection when "​DirectAdmin"​ panel is selected under "​PHP"​ config tab.
 +  [Bug Fix] WebSocket ProxyPass configuration now works correctly inside the <​Location>​ context.
 +  [Bug Fix] Match Apache'​s Redirect behavior by discarding original query string if target URL has query string set.
 +=== Build 0 ===
 +  [New Feature] Add the ability to load an extra ECC certificate for an Apache virtual host when multi-cert support is enabled.
 +  [New Feature] Apply header modification configurations in .htaccess to dynamic responses for CloudLinux Python/​Ruby/​NodeJS selector application.
 +  [New Feature] Update client IP using request header "​X-Real-IP"​.
 +  [New Feature] Use Client IP in Header can now be set to use the last IP listed in the X-Forwarded-For header for servers behind AWS ELB.
 +  [Security] Block '​LD_*'​ environment variable overriding from .htaccess.
 +  [Improvement] New Ruby 2.0+ compatible RackRunner script for ruby-lsapi 5.0.
 +  [Improvement] Separate IPv4 and IPv6 virtual hosts now share cached pages for the same domain.
 +  [Improvement] Update WHM plugin to v4.0 (drops support for EasyApache 3).
 +  [Improvement] Make reCAPATCHA compatible with WordPress password protected pages.
 +  [Bug Fix] Invisible reCAPTCHA now works properly with IE 11 browser.
 +  [Bug Fix] Correct Magento LiteMage2 cache object statistics.
 +  [Bug Fix] Address an AJPv13 hanging bug.
 +  [Bug Fix] Enabling bandwidth throttling no longer causes rare HTTP/2 response hangs.
 +  [Bug Fix] Properly apply UMASK configuration for external applications.
 +  [Bug Fix] Fix a problem with Plesk log rotation when LSWS overrode Apache'​s rc script with a symbolic link.
 +  [Bug Fix] NodeJS default being not properly set in httpd_config.xml no longer causes crashing.
 +  [Bug Fix] Address cp_switch_ws.sh issues when switching back to Apache.
 +
 +===== Version 5.4.7 =====
 +=== Build 9 ===
 +  [Bug Fix] Correct a SHM memory allocation issue.
 +  [Bug Fix] Address a URL handling regression introduced in build 7 that affected NextCloud WebDAV clients.
 +=== Build 8 ===
 +  [New Feature] Use Client IP in Header can now be set to use the last IP listed in the X-Forwarded-For header for servers behind AWS ELB.
 +  [Bug Fix] Address cp_switch_ws.sh issues when switching back to Apache.
 +  [Bug Fix] Invisible reCAPTCHA now works properly with IE 11 browser.
 +  [Bug Fix] Correct a crash bug in cache engine.
 +  [Tuning] Separate IPv4 and IPv6 virtual hosts now share cached pages for the same domain.
 +=== Build 7 ===
 +  [New Feature] For CloudLinux Python/​Ruby/​NodeJS selector application,​ applies header modification configuration in .htaccess to dynamic response.
 +  [Bug Fix] A mod_security engine bug that causes random crash.
 +  [Bug Fix] A bug in access log format validation.
 +=== Build 6 ===
 +  [Bug Fix] Fixed Plesk log rotation issue when LSWS override Apache rc script with symbolic link. 
 +  [Bug Fix] Fixed a crash when NodeJS default was not properly set in httpd_config.xml. ​
 +=== Build 5 ===
 +  [Security] Blocks overriding LD_PRELOAD environment variable from .htaccess.
 +  [Bug Fix] Fixed a corner case that causes hanging HTTP/2 response when bandwidth throttling is enabled. ​
 +  [Bug Fix] Properly apply UMASK configuration for external application. ​
 +=== Build 4 ===
 +  [New Feature] Added the ability to load extra ECC certificate for Apache virtual host when multi-cert support is enabled.
 +  [Improvement] New Ruby 2.0+ compatible RackRunner script for ruby-lsapi 5.0. 
 +  [Tuning] Disable cache if a request is blocked by mod_security.
 +  [Bug Fix] Minor bug fixes in cache engine. ​
 +  [Bug Fix] Minor bug fix in mod_security engine.
 +=== Build 3 ===
 +  [Bug Fix] Fixed an HTTP/2 protocol bug encountered when a PHP page failed without sending back a response header.
 +  [Bug Fix] Fixed an internal memory management bug that caused random crashing.
 +=== Build 2 ===
 +  [Bug Fix] Fixed an AJPv13 protocol bug that caused requests containing a request body to hang.
 +  [Tuning] Improved reCAPATCHA verification to make it compatible with WordPress password protected pages.
 +=== Build 0 ===
 +  [Security] Fixed a symbolic link attack in directory auto index script. Thank you KnownHost for the bug report. (CloudLinux user is not affected.)
 +  [New Feature] Added strict suEXEC and ownership checking on scripts.
 +  [New Feature] Added ability to configure static/​dynamic request per second limit for Apache ghost.
 +  [Bug Fix] Fixed reCAPTCHA triggering for the first access of an allowed robot.
 +  [Bug Fix] Added "​Cache-Control:​ no-cache"​ to reCAPTCHA verification page to disallow CDN/proxy cache.
 +  [Bug fix] Fixed delayed .htaccess loading.
 +  [Bug fix] Fixed a delayed server response bug with HTTP/2.
 +  [Bug fix] Fixed a NodeJS websocket backend configuration bug.
 +  [Bug fix] Shared lib for lscmctl script is now updated on server install/​update.
 +  [Tuning] Prevent ports 443 and 80 from being used as WebAdmin listener port.
 +  [Tuning] Avoid triggering 503 errors when cPanel backend services (cpcontacts,​ webdisk, ...) are unavailable.
 +  [Tuning] Automatically update /​proc/​sys/​net/​core/​somaxconn to 1024 whenever server performs a fresh startup.
 +  [Tuning] Added after=lve_namespaces.service to systemd unit file.
 +
 +===== Version 5.4.6 =====
 +=== Build 5 ===
 +  [Bug Fix] Fixed a bug that reCAPTCHA was shown for the first access of an allowed robot.
 +  [Bug Fix] Added "​Cache-Control:​ no-cache"​ for reCAPTCHA verify page to disallow CDN/proxy cache. ​
 +=== Build 4 ===
 +  [Bug Fix] Minimize interference with mandatory rewrite processing when bypassing favicon URL rewrite.
 +  [Tuning] Avoid triggering 503 errors when cPanel backend services (cpcontacts,​ webdisk, ...) are unavailable.
 +=== Build 3 ===
 +  [Bug Fix] Use request header value for RBL lookups.
 +  [Bug Fix] Fixed a configuration parser crash.
 +  [Bug Fix] Fixed HTTP/3 ALPN string to properly advertise h3-27.
 +  [Tuning] Automatically update /​proc/​sys/​net/​core/​somaxconn to 1024, when server performs a fresh startup.
 +  [Tuning] Avoid adjusting external application process priority based on server'​s priority.
 +=== Build 2 ===
 +  [New Feature] Added strict suEXEC and ownership checks for scripts.
 +  [New Feature] Added ability to configure static/​dynamic request per second limit for Apache vhost.
 +  [Tuning] Added after=lve_namespaces.service to systemd unit file.
 +  [Bug Fix] Fixed a bug when switching vhost log file.
 +  [Bug Fix] Fixed an HTTP/3 timestamp/​ACK ping-pong bug.
 +  [Bug Fix] Fixed a bug causing extra delay when response has content length = 0.
 +=== Build 1 ===
 +  [Bug fix] Fixed a bug causing delayed .htaccess loading.
 +  [Bug fix] Fixed an HTTP/2 bug that sometimes delayed server response.
 +  [Bug fix] Fixed a bug in NodeJS websocket backend configuration.
 +  [Bug fix] Shared lib for lscmctl is now updated on server install/​update.
 +  [Tuning] Prevent ports 443 and 80 for use as a WebAdmin listener.
 +=== Build 0 ===
 +  [New Feature] Updated HTTP/3 support to include h3-27.
 +  [Bug Fix] Fixed a bug that caused ProxyPass ws:// target to stop working for certain configuration combination.
 +  [Bug Fix] Fixed a bug in HTTP/2 handling mismatched response content-length and actual reponse body size.
 +  [Bug Fix] Fixed a false positive that triggered ACL denied for Plesk.
 +  [Bug Fix] Fixed a regression that broke /​tmp/​lshttpd/​swap auto cleanup.
 +  [Bug Fix] Fixed a false positive when handling ModSecrurity SecRemoteRule.
 +  [Bug Fix] Fixed a crash in ModSecurity using libinjection.
 +  [Tuning] Set mod_security RBL DNS cache to 60 seconds.
 +  [Tuning] Disable TLSv1.1 by default.
 +  [Tuning] Enable SSL session tickets by default.
 +  [Tuning] No longer add ECDHE-RSA-AES128-SHA cipher automatically.
 +
 +===== Version 5.4.5 =====
 +=== Build 3 ===
 +  [Bug Fix] Fixed a false positive that triggered ACL denied for Plesk.
 +  [Bug Fix] Fixed a regression that broke /​tmp/​lshttpd/​swap auto cleanup.
 +  [Bug Fix] Fixed a false positive when handling ModSecrurity SecRemoteRule.
 +  [Bug Fix] Fixed a crash in ModSecurity using libinjection.
 +  [Tuning] No longer add ECDHE-RSA-AES128-SHA cipher automatically.
 +=== Build 2 ===
 +  [Bug Fix] Minor ModSecurity compatibility fixes.
 +  [Bug Fix] Prevent WebAdmin Console 503 error on centos8 by installing libnsl package automatically.
 +  [Bug Fix] Minor bug fixes in HTTP/3 (QUIC) engine.
 +  [Tuning] Added add "​SameSite=Strict"​ attribute to ls_smartpush cookie.
 +  [Tuning] Update cp_switch_ws.sh script to work independently of any installed control panel plugins.
 +  [Bug Fix] Update uninstall.sh script to work properly when a control panel plugin is not installed.
 +  [Tuning] Downgraded some modsec log messages from "​error"​ to "​warning"​.
 +  [Bug Fix] Fixed a rewrite engine compatibility regression introduced in v5.4.4.
 +=== Build 1 ===
 +  [Bug Fix] mod_security @validateUrlEncoding operator has been turned off to avoid unnecessary false positives.
 +  [Bug Fix] Fixed a cache engine bug that broke the "​Respect Cacheable"​ feature.
 +  [Bug Fix] Fixed a crash bug when detecting server startup time.
 +  [Tuning] Made HTML pages generated by the auto index script responsive.
 +  [Tuning] Hid confusing required/​restricted permission mask configurations in WebAdmin Console.
 +=== Build 0 ===
 +  [New Feature] Added support for IETF HTTP/3 draft 25 (h3-25).
 +  [New Feature] Populate GEOIP_COUNTRY_CODE environment variable using IP2Location database.
 +  [New Feature] Added full Captcha protection for WordPress login page.
 +  [New Feature] Optionally skip rewrite processing for Let's Encrypt verification requests.
 +  [New Feature] Automatically patch Set-Cookie with '​secure'​ flag when served over HTTPS.
 +  [Improvement] Added '​cssDecode'​ and '​utf8toUnicode'​ transformations to ModSecurity engine.
 +  [Improvement] Added support for '​REQUEST_SCHEME'​ request variable.
 +  [Improvement] Added '​-vb'​ command line option to print out version and build number.
 +  [Update] Updated WHM plugin to v3.3.7.
 +  [Bug Fix] Fixed websockets hanging on upgrade.
 +  [Bug Fix] Fixed a WebAdmin Console socket address validation bug.
 +  [Bug Fix] Fixed .htaccess configuration changes failing to apply for Python/​Ruby/​NodeJS applications.
 +  [Bug Fix] Environment variable names are no longer converted to uppercase for Apache SetEnv directive.
 +  [Bug Fix] Fixed a NodeJS wrapper script bug that failed to handle startup files with absolute paths.
 +  [Bug Fix] External application process startup time is now reliably detected.
 +  [Bug Fix] Fixed a minor regression with AHO string search.
 +  [Bug Fix] Fixed a bug using wrong log ID in error log. 
 +
 +===== Version 5.4.4 =====
 +=== Build 8 ===
 +  [Bug Fix] In cPanel environment,​ disable rewrite bypass for Let's Encrypt verification requests if dedicate rewrite rule for '​acme-challenge'​ detected.
 +=== Build 7 ===
 +  [Bug Fix] Fixed a random crash that occurred during SSL handshakes.
 +  [Bug Fix] Fixed a bug that rarely cased CPU usage to climb to 99% when shutting down SSL connections.
 +=== Build 6 ===
 +  [Bug Fix] Fixed a NodeJS wrapper script bug that failed to handle startup files with absolute paths.
 +  [Bug Fix] Fixed a random reCAPTCHA verification failure with status code 500.
 +  [Bug Fix] External application process startup time is now reliably detected.
 +  [Bug Fix] Fixed a minor regression with AHO string search.
 +=== Build 5 ===
 +  [New Feature] Automatically patch Set-Cookie with '​secure'​ flag when served over HTTPS.
 +  [Bug Fix] Fixed a regression in Python/​Ruby/​NodeJS application '​tmp/​restart.txt'​ marker file handling.
 +  [Bug Fix] Fixed a WebAdmin Console socket address validation bug.
 +  [Bug Fix] Fixed a corner case to load trusted IP configured in document root .htaccess before reCAPTCHA verification. ​
 +=== Build 4 ===
 +  [New Feature] Skip rewrite processing for Let's Encrypt verification requests.
 +  [Bug Fix] Fixed websockets hanging on upgrade.
 +  [Bug Fix] Fixed a WebAdmin Console socket address validation bug.
 +  [Bug Fix] Fixed .htaccess configuration changes failing to apply for Python/​Ruby/​NodeJS applications.
 +  [Bug Fix] Environment variable names are no longer converted to uppercase for Apache SetEnv directive.
 +=== Build 3 ===
 +  [New Feature] Added full Captcha protection for WordPress login page.
 +  [Bug Fix] Fixed a connection hang regression introduced in v5.4.4 build 2.
 +=== Build 2 ===
 +  [New Feature] Populate GEOIP_COUNTRY_CODE environment variable using IP2Location database.
 +  [Bug Fix] Minor bug fixes to ModSecurity engine.
 +=== Build 1 ===
 +  [Improvement] Fine tuned HTTP/3 and QUIC engine performance.
 +  [Improvement] Added '​cssDecode'​ and '​utf8toUnicode'​ transformations to ModSecurity engine.
 +  [Improvement] Added '​ctl:​debugLogLevel'​ support to ModSecurity engine.
 +  [Improvement] Added support for '​REQUEST_SCHEME'​ request variable.
 +  [Improvement] Added '​-vb'​ command line option to print out version and build number.
 +  [Update] Updated WHM plugin to v3.3.6.
 +  [Bug Fix] Minor bug fixes in ModSecurity engine.
 +=== Build 0 ===
 +  [New Feature] Added support for Google QUIC Q050. 
 +  [Security] Improved WebAdmin Console security by strictly checking request URLs. 
 +  [Bug Fix] Fixed a bug that caused HTTPS connections to stall when bandwidth throttling was enabled. ​
 +  [Bug Fix] Fixed an ESI/​Litemage output corruption bug. 
 +  [Bug Fix] Fixed a bug in AIO logging that caused the access log to stop working. ​
 +  [Bug Fix] Fixed a bug causing 100% CPU usage for FreeBSD. ​
 +  [Bug Fix] Removed an unnecessary CloudLinux CageFS mount point for "/​tmp/​lshttpd"​. ​
 +  [Bug Fix] Fixed a crash caused by memory mapped files being truncated.
 +
 +===== Version 5.4.3 =====
 +=== Build 5 ===
 +  [Bug Fix] Fixed a regression for mod_security request parser introduced in 5.4.3 build 4.
 +  [Bug Fix] Fixed a crash due to memory mapped file being truncated. ​
 +=== Build 4 ===
 +  [Security] Improved WebAdmin console security by strictly checking request URL. 
 +  [Bug Fix] Fixed a regression for FastCGI protocol support, introduced in 5.4.3 build 0.
 +  [Bug Fix] There are minor bug fixes for mod_security engine. ​
 +=== Build 3 ===
 +  [Bug Fix] Fixed a mutex dead-lock regression introduced in build 2 for AIO logging.
 +=== Build 2 ===
 +  [Bug Fix] Fixed a bug in AIO logging that caused access log stop working.
 +  [Bug Fix] Fixed a bug caused 100% CPU usage for FreeBSD.
 +  [Bug Fix] Removed an unnecessary CloudLinux CageFS mount point for "/​tmp/​lshttpd"​.
 +=== Build 1 ===
 +  [Bug Fix] Fixed a bug that caused HTTPS connections to stall when bandwidth throttling was enabled.
 +  [Bug Fix] Fixed an ESI/​Litemage output corruption bug.
 +  [Tuning] Fine tuned keepalive timeout for detached PHP processes to reduce the number of idle PHP processes.
 +=== Build 0 ===
 +  [New Feature] Websocket backend support via the "​ProxyPass"​ directive. ​
 +  [Enhancement] Improved WordPress brute force protection when facing large botnet attacks.
 +  [Tuning] Updated HTTP/3 QUIC engine default congestion control method to CUBIC for better performance in good network conditions.
 +  [Update] Updated WHM plugin to v3.3.5 (includes support for displaying "​critical alerts"​).
 +  [Bug Fix] Fixed a few bugs in HTTP/3 QUIC engine.
 +  [Bug Fix] Fixed a bug in PID verification that failed to stop processes for detached applications.
 +  [Bug Fix] Fixed a bug in modsecurity engine where LOGGING phase processing was bypassed if a client was using a QUIC connection. ​
 +  [Bug Fix] Properly count 3 character second level domains against license domain limit.
 +  [Bug Fix] Properly parse IPv6 mapped IPv4 addresses in request header.
 +  [Bug Fix] Fixed missing "​REMOTE_USER"​ request environment variable when HTTP authentication is used.
 +  [Bug Fix] Fixed a problem with utf-8 characters in request URLs for Python applications.
 +  [Bug Fix] Improved lock contention handling when detached mode PHP processes are started concurrently by multiple server worker processes.
 +  [Bug Fix] Fixed an ESI sub-request bug that could stall proxy to backend communication.
 +  [Bug Fix] Fixed a DirectAdmin userdir bug.
 +
 +===== Version 5.4.2 =====
 +=== Build 7 ===
 +  [Bug Fix] Fixed an HTTP/3 QUIC engine bug introduced in build 6 that could cause action connections to close at random.
 +  [Tuning] Updated HTTP/3 QUIC engine default congestion control method to CUBIC for better performance in good network conditions.
 +  [Tuning] Lowered WordpressProtect minimum limit from 5 to 2 to better pairing with reCAPTCHA verification.
 +=== Build 6 ===
 +  [Bug Fix] Fixed a few minor HTTP/3 and QUIC engine bugs.
 +  [Bug Fix] Fixed an HTTPS bug that caused a busy loop in FreeBSD.
 +  [Bug Fix] Properly count 3 character second level domains against license domain limit. ​
 +  [Bug Fix] Properly parse IPv6 mapped IPv4 addresses in request header.
 +  [Bug Fix] Fixed missing "​REMOTE_USER"​ request environment variable when HTTP authentication is used.
 +=== Build 5 ===
 +  [Bug Fix] Fixed a bug that caused excessive buffering for HTTP/2 connection.
 +  [Bug Fix] Fixed a bug in QUIC, HTTP/3 engine that caused large file downloads to stall. ​
 +  [Bug Fix] Fixed a bug that caused random 404 error. ​
 +=== Build 4 ===
 +  [Bug Fix] Improved HTTP/3 draft 24 inter-operability with other HTTP/3 clients. ​
 +  [Bug Fix] Improved lock contention handling when detached mode PHP processes are started concurrently by multiple server worker processes.
 +  [Bug Fix] Fixed missing environment problem for Python applications.
 +  [Bug Fix] Fixed a problem with utf-8 characters in request URLs for Python applications. ​
 +  [Bug Fix] Fixed a rare HTTP/2 connection stalling problem.
 +=== Build 3 ===
 +  [Bug Fix] Fixed a bug in mod_security engine @validateUrlEncoding operator resulting in false positives.
 +  [Bug Fix] Fixed a compatibility issue with Plesk'​s autodiscover feature.
 +  [Bug Fix] Fixed a random 404 error for NodeJS applications.
 +=== Build 2 ===
 +  [Enhancement] Improved Wordpress brute force protection when facing large botnet attacks. ​
 +  [Bugfix] Fixed HTTP/3 handshake failures when TLSv1.3 was not enabled by control panels.
 +  [Bugfix] Fixed an ESI sub-request bug that could stall proxy to backend communication.
 +  [Bugfix] Fixed a DirectAdmin userdir bug.
 +  [Bugfix] Fixed a Python application compatibility bug.
 +=== Build 1 ===
 +  [Bug Fix] Fixed a bug introduced in v5.4.2 build 0 where some mod_security rules could cause false positives.
 +  [Bug Fix] Fixed a bug that caused 503 errors when the configuration of python/​node/​ruby selector applications where updated.
 +  [Bug Fix] Minor bug fixes in QUIC and HTTP/3 engine.
 +=== Build 0 ===
 +  [New Feature] Updated QUIC implementation to support IETF HTTP/3 draft 23.
 +  [New Feature] BBR congestion control for QUIC and HTTP/​3. ​
 +  [New Feature] "​Require env XXXX" access control support.
 +  [New Feature] User/​Account level bandwidth throttling for Redis dynamic virtual hosting.
 +  [Improvement] Further HTTPS SSL layer performance tuning.
 +  [Improvement] Automatically restart running PHP processes when PHP binary changes are detected.
 +  [Improvement] Automatically convert ea-phpXX handler configuration into a phpXX handler when an ea-php handler is not available.
 +  [Improvement] Improved AIO access logging to minimize disk I/O.
 +  [Improvement] Avoid reCAPTCHA verification on AJAX requests to minimize false positives.
 +  [Improvement] Built-in error and reCAPTCHA verification pages are now responsive.
 +  [Improvement] Remove '​['​ '​]'​ enclosure for IPv6 addresses in the access log and request environment variable '​REMOTE_ADDR'​.
 +  [Improvement] Reduced memory usage to improve server scalability.
 +  [Improvement] Improved accuracy of server real-time statistics.
 +  [Improvement] Enable SSL SHM session cache for Apache HTTPS vhost when server level SSH session cache is enabled.
 +  [Improvement] Disable TLSv1.0 by default for better PCI compliance.
 +  [Improvement] Automatically disable HTTP/2, SPDY, and QUIC for CSF messenger vhosts on port 8887.
 +  [Improvement] Added "​SmartPush no-cookie"​ directive to disable cookies used for HTTP/2 and QUIC smart push.
 +  [Improvement] Added `lsws/​logs/​critical_alert` log file for writing common license errors that could cause LSWS to stop working.
 +  [Improvement] Improved compatibility with CloudLinux python selector.
 +  [Improvement] Improved modsecurity engine compatibility.
 +  [Improvement] Send "​Alt-Svc"​ header advertising QUIC and HTTP/3 support only once per connection.
 +  [Bug Fix] Fixed WordPress brute force protection bugs that were causing false positives and crashes.
 +  [Bug Fix] Fixed a bug causing HTTP/2 requests to stall under rare conditions.
 +  [Bug Fix] Fixed a bug causing broken non-keepalive HTTPS responses.
 +  [Bug Fix] Fixed a Layer4 tunnel bug that caused random crashes.
 +  [Bug Fix] Fixed Apache sometimes starting inside the lshttpd cgroup when switching from LSWS to Apache.
 +  [Bug Fix] Fixed all LSPHP processes not being stopped when switching from LSWS to Apache.
 +  [Bug Fix] Fixed an .htaccess cache bug that caused the server'​s default PHP handler to be used instead of configured per-vhost suEXEC handlers.
 +  [Bug Fix] Per Apache vhost PHP 7.4 handler now runs in suEXEC mode.
 +
 +===== Version 5.4.1 =====
 +=== Build 8 ===
 +  [Improvement] Improved python application configuration to allow swapping applications on the same URL. 
 +  [Bug Fix] Disable CRIU feature to avoid server downtime after a recent CloudLinux CRIU library update began causing lscgid to crash.
 +  [Bug Fix] Fixed a mod_security configuration bug that reordered some rules under certain conditions.
 +  [Bug Fix] Fixed a systemd warning under Plesk 18.0.
 +=== Build 7 ===
 +  [Improvement] Automatically disable HTTP/2, SPDY, and QUIC for CSF messenger vhost on port 8887.
 +  [Improvement] Added "​SmartPush no-cookie"​ directive to disable cookies used for HTTP/2 and QUIC smart push.
 +  [Improvement] Added `lsws/​logs/​critical_alert` log file for writing common licensing problems that could cause LSWS to stop working.
 +  [Bug Fix] Fixed a compatibility issue with CloudLinux python selector.
 +=== Build 6 ===
 +  [Bug Fix] Fixed a bug introduced in build 5 that caused the server to crash when "​require env xxxx" was used.
 +  [Bug Fix] Fixed QUIC support for FreeBSD.
 +  [Bug Fix] Changed "​Accept-Encoding"​ value to be case insensitive.
 +  [Improvement] Use '​pkill'​ instead of '​killall'​ in various scripts to minimize dependencies on installed system packages.
 +  [Improvement] Update "​Alt-Svc"​ string for gQUIC advertising.
 +=== Build 5 ===
 +  [FEATURE] Enable SSL SHM session cache for Apache HTTPS vhost when server level SSH session cache is enabled. ​
 +  [FEATURE] Added support for "​Require env XXXX" access control. ​
 +  [TUNING] Disable TLSv1.0 by default for better PCI compliance. ​
 +  [BUGFIX] Make statistics more accurate for requests processed . 
 +  [BUGFIX] Fixed a minor regression in 5.4 that performs redirect before rewrite when URL without a trailing slash pointing to a directory. ​
 +=== Build 4 ===
 +  [Improvement] Automatically restart running PHP processes after detecting PHP binary updates.
 +  [Improvement] Automatically converted ea-phpXX handler configuration to phpXX handler when ea-php handler is not available.
 +  [Improvement] Improved AIO access logging to minimize disk I/O.
 +  [Bug Fix] Close unused REUSEPORT socket.
 +  [Bug Fix] Make "​requests processed"​ counter more accurate in real-time report.
 +  [Bug Fix] Make per Apache vhost PHP 7.4 handler run in suEXEC mode.
 +  [Bug Fix] Fixed a bug reading CGI '​umask'​ configuration as an octal number.
 +=== Build 3 ===
 +  [Bug Fix] Fixed a .htaccess cache bug that caused the server'​s default PHP handler to be used instead of per-vhost suEXEC handlers.
 +  [Bug Fix] Fixed a WP brute force protection bug that occasionally caused 100% CPU usage.
 +  [Bug Fix] Fixed a divide by zero bug that was causing server crashes.
 +  [Bug Fix] Fixed a mod_security engine bug where `@geolookup` would not work properly with new MaxMind DB files.
 +  [Tuning] Reduced Brotli compression memory usage.
 +  [Tuning] Allow mapping www.TLD.com and TLD.com to different native virtual hosts.
 +=== Build 2 ===
 +  [New Feature] Added an option to allow generation of full real time status report, including idle virtual host and external app stats.
 +  [Bug Fix] Fixed an RBL compatibility issue with modsecurity rules from Imunify360.
 +  [Bug Fix] Fixed a Layer4 tunnel bug that caused random crashes.
 +  [Bug Fix] Fixed Apache sometimes starting inside the lshttpd cgroup when switching from LSWS to Apache.
 +  [Bug Fix] Fixed all LSPHP processes not being stopped when switching from LSWS to Apache.
 +  [Bug Fix] Fixed a QuicEngine bug that sometimes caused a server crash.
 +=== Build 1 ===
 +  [Improvement] Avoid reCAPTCHA verification on AJAX requests to minimize false positives.
 +  [Improvement] Make built-in error and reCAPTCHA verification pages responsive.
 +  [Improvement] Remove '​['​ '​]'​ enclosure for IPv6 addresses in the access log and request environment variable REMOTE_ADDR.
 +  [Bug Fix] Fixed a bug that caused HTTP/2 requests to stall under rare conditions.
 +  [Bug Fix] Fixed a bug that caused broken non-keepalive HTTPS responses.
 +  [Bug Fix] Fixed a bug that caused WordPress brute force protection false positive.
 +=== Build 0 ===
 +  [Security] Addressed recent HTTP/2 DoS advisories (https://​github.com/​Netflix/​security-bulletins/​blob/​master/​advisories/​third-party/​2019-002.md). Fixed CVE-2019-9516 ""​0-Length Headers Leak""​ vulnerability. Completely blocks unaffected attacks: ​ CVE-2019-9511 ""​Data Dribble"",​ CVE-2019-9512 ""​Ping Flood"",​ CVE-2019-9513 ""​Resource Loop"",​ CVE-2019-9514 ""​Reset Flood"",​ CVE-2019-9515 ""​Settings Flood"",​ CVE-2019-9517 ""​Internal Data Buffering"",​ and CVE-2019-9518 ""​Empty Frames Flood""​.
 +  [New Feature] Updated HTTP/3 support to Internet Draft 22.
 +  [New Feature] Smart server PUSH uses cookies to track pushed assets, avoiding pushing the same asset repeatedly.
 +  [Improvement] reCAPTCHA engine has been improved to reduce false positives. ​
 +  [Bug fix] Fixed a chunk encoding bug that could cause data corruption.
 +  [Bug Fix] Fixed a bug that could cause truncated response bodies to be transferred over non-keepalive HTTPS connections. This usually affects front-end CDN services.
 +  [Bug Fix] Fixed a regression that prevented Apache vhosts from using PHP daemon mode.
 +  [Bug Fix] Fixed a cache engine bug that failed to forward the `X-Litespeed-purge2` response header to front-end ADC cache engines. ​
 +  [Bug Fix] Fixed a bug that causes Python WSGI applications to fork child processes frequently.
 +
 +===== Version 5.4 =====
 +=== Build 3 ===
 +  [Bug Fix] Fixed a bug that could cause truncated response bodies to be transferred over non-keepalive HTTPS connections. This usually affects front-end CDN services.
 +=== Build 2 ===
 +  [New Feature] Updated HTTP/3 support to Internet Draft 22 .
 +  [New Feature] Smart server PUSH uses cookies to track pushed assets, avoiding pushing the same asset repeatedly.
 +  [Improvement] Re-enabled PHP graceful shutdown now that the PHP LiteSpeed SAPI 7.5 package is ready.
 +  [Improvement] Tuned reCAPTCHA verification to avoid requesting verification on image/​css/​js files.
 +  [Bug Fix] Minor bug fixes for 404 logging and some rare crashes.
 +=== Build 1 ===
 +  [Update] Updated cPanel/WHM plugins to v1.2.3.3 and v3.3.3.5 respectively.
 +  [Bug fix] Fixed a chunk encoding bug that could cause data corruption.
 +  [Bug fix] Fixed a bug with customized reCAPTCHA pages.
 +  [Bug fix] Fixed a QUIC engine bug that affected graceful restarts.
 +  [Bug fix] Fixed a BAN request method parsing bug.
 +=== Build 0 ===
 +  [Major Improvement] Massive HTTP/2 HTTPS performance boost (up to 5x faster than LSWS v5.3.x).
 +  [Major New Feature] Experimental HTTP/3 draft 20 support.
 +  [Major New Feature] Redis and rewrite based dynamic virtual hosting.
 +  [Major New Feature] Server level reCAPTCHA protection efficiently defends against layer-7 DDoS attacks of any size.
 +  [New Feature] Added support for Q046 in QUIC engine.
 +  [New Feature] HTTPS accelerator with direct dynamic TLS record packaging, improving both HTTPS throughput and TTFB without compromise.
 +  [New Feature] HTTPS handshake offloading, improving HTTPS handshake speed and avoiding clogging the server'​s main event loop. (No extra configuration required)
 +  [New Feature] SO_REUSEPORT support, improving multi-worker scalability for high traffic deployments.
 +  [New Feature] HTTPS certificate compression,​ reducing the size of HTTPS handshake exchange data.
 +  [Improvement] Improved HTTP/2 stream prioritization for a better user browsing experience.
 +
 +===== Version 5.4RC4 =====
 +=== Build 0 ===
 +  [New Feature] Support for SO_REUSEPORT for multi-worker license.
 +  [New Feature] HTTPS/QUIC handshake offloading.
 +  [New Feature] TLSv1.3 certificate compression.
 +  [New Feature] High Availability for Redis dynamic vhost setup.
 +  [New Feature] Support for Google QUIC 046.
 +  [New Feature] Experimental IETF QUIC draft-20.
 +
 +===== Version 5.4RC3 =====
 +=== Build 0 ===
 +  [Major New Feature] Dynamic Virtual Host configuration through REDIS backend.
 +  [Major Improvement] Greatly improved HTTP/2 performance -- up to 7x faster than previous implementations.
 +  [Bug fix] Improved QUIC engine performance and stability.
 +  [Bug fix] All bug fixes and enhancements on 5.3.x branch included.
 +
 +===== Version 5.4RC2 =====
 +=== Build 0 ===
 +  [Major New Feature] Dynamic virtual hosting through rewrite rules.
 +  [Improvement] Improved HTTP/2 performance.
 +  [New Feature] QUIC proxy backend support for backend communication through QUIC.
 +  [Bug fix] All applicable bug fixes from the 5.3 branch.
 +  [Bug fix] Fixed a few server crash bugs.
 +
 +===== Version 5.4RC1 =====
 +=== Build 0 ===
   [New Feature] Recaptcha verification for DDoS attack mitigation.   [New Feature] Recaptcha verification for DDoS attack mitigation.
   [New Feature] Support for Ruby/​Python/​Nodejs applications in native configuration.   [New Feature] Support for Ruby/​Python/​Nodejs applications in native configuration.
Line 34: Line 1169:
   [Major Improvement] Added LiteSpeed TLS Accelerator,​ maximizing HTTPS & HTTP/2 performance.   [Major Improvement] Added LiteSpeed TLS Accelerator,​ maximizing HTTPS & HTTP/2 performance.
   [Major Improvement] HTTP/2 performance has been improved with a better header compression/​decompression work flow.   [Major Improvement] HTTP/2 performance has been improved with a better header compression/​decompression work flow.
-  [Bug Fix] All bug fixes from LSWS 5.3.5 incremental builds included.+  [Bug fix] All bug fixes from LSWS 5.3.5 incremental builds included.
  
 +===== Version 5.3.8 =====
 +=== Build 6 ===
 +  [Update] Updated cPanel/WHM plugins v1.2.3.2 and v3.3.3.4 respectively.
 +  [Bug fix] Temporarily stop PHP processes with SIGKILL as a workaround for problems caused by clean shutdown logic added to PHP LiteSpeed SAPI v7.4.3.
 +  [Bug fix] Added websocket proxy support for cPanel and webmail subdomains in addition to WHM subdomains.
 +  [Bug fix] Fixed a QUIC engine bug and made QUIC more DoS attack resistant.
 +=== Build 5 ===
 +  [Bug Fix] Updated WHM plugin to v3.3.3.2 to fix a bug introduced in the previous version that caused most plugin actions to result in a PHP fatal error.
 +  [Bug Fix] To avoid server crash, PCLMUL will be disabled in the zlib library if the server CPU does not support PCLMUL instructions.
 +=== Build 4 ===
 +  [New feature] Web Cache Manager CLI support for DirectAdmin.
 +  [Bug fix] Fixed websocket proxy from https to ws:// backend; made WHM terminal work properly through proxy.
 +  [Bug fix] Improved compatibility with Apache; "​Require ip xxx" can bypass HTTP authentication.
 +  [Bug fix] Added support for "​AddEncoding br ..." to avoid double compression.
 +  [Bug fix] Updated WebAdmin code to avoid some E_STRICT warnings.
 +  [Bug fix] Fixed server PUSH parsing problem when '​Link'​ header contains multiple URLs.
 +=== Build 3 ===
 +  [Bug fix] Fixed an ACL bug occurring when environment variables are used in Allow/Deny configurations.
 +  [Bug fix] Fixed a request parser bug which caused the server to crash when a partition holding a temp file is out of space.
 +  [Bug fix] Fixed a cache engine bug that caused requests to certain URLs to hang.
 +=== Build 2 ===
 +  [Bug fix] Fixed a regression in PHP daemon mode that causes 503 errors.
 +=== Build 1 ===
 +  [Bug fix] Fixed an IP2Location configuration bug that could cause the server to crash during startup.
 +  [Bug fix] Fixed a bug with nested ESI subrequests that caused random crashes.
 +=== Build 0 ===
 +  [Security] Added built-in filter to block attempts at hacking LiteMage with crafted ESI requests.
 +  [New Feature] lscmctl script can now be used to install/​uninstall the LiteSpeed Web Cache Manager user-end plugin for cPanel. ​
 +  [New Feature] Recommend a plugin or broadcast a message to all discovered WordPress installations with the dash notify feature, available in both the lscmctl script and WHM plugin.
 +  [Improvement] Bundled WHM and user-end cPanel plugins have been updated to v3.3.1 and v1.2.0.2 respectively.
 +  [Improvement] Support request header sizes of up to 64K.
 +  [Improvement] Ignore <if> <​else>​ <​elseif>​ configuration contexts.
 +  [Improvement] Added support for Apache configuration directive ""​Require ip ...""​.
 +  [Improvement] Improved lsup.sh with stable release tier.
 +  [Improvement] Improved rc-inst.sh to install systemd unit file for Plesk + Debain/​Ubuntu.
 +  [Improvement] Improved NodeJS application compatibility and mod_passenger configuration handling.
 +  [Improvement] Added autoconfig for PHP 7.4.
 +  [Improvement] Improved compatibility with LSAPI 7.3 .
 +  [Improvement] Improved HPACK encoding performance.
 +  [Improvement] Cache engine now updates ""​X-LiteSpeed-Cache-Control max-age""​ value based on actual expire time when a front-end lscache proxy exists. ​
 +  [Improvement] Improved compatibility with Apache mod_security on variables REQUEST_BODY,​ REQUEST_FILENAME and LAST_UPDATE_TIME.
 +  [Improvement] Fixed PHP handler compatibility issues with Plesk'​s updated configuration template.
 +  [Improvement] Improved WordPress brute force detection IP logging.
 +  [Bug fix] Fixed an Apache SSL vhost SNI configuration bug.
 +  [Bug fix] Fixed a QuicEngine bug that could cause broken responses.
 +  [Bug fix] Fixed a cache + ESI engine bug that caused random server crashes.
 +  [Bug fix] Fixed rewrite engine infinite loop when rewrite map file is stored in an NFS mount.
 +  [Bug fix] Improved detached mode process manager to accurately stop detached processes when requested.
 +  [Bug Fix] Added User-Agent and Referer headers to server pushed requests to avoid failing possible checks in a user's custom configuration.
 +  [Bug Fix] Fixed FreeBSD 100% cpu usage for kqueue event loops when AIO logging is enabled.
 +  [Bug Fix] Fixed an SSL OCSP stapling bug.
 +  [Bug Fix] Fixed broken server restart when port offset had been set.
 +  [Bug Fix] Fixed a memory leak in the GeoIP module.
  
 ===== Version 5.3.7 ===== ===== Version 5.3.7 =====
 +=== Build 8 === 
 +  [Bug Fix] Fixed a cache + ESI bug that could cause random crashes. 
 +  [Bug Fix] Fixed a rewrite engine bug. 
 +  [Bug Fix] Fixed a memory leak in the GeoIP module. 
 +  [Bug Fix] Fixed a Plesk compatibility issue. 
 +=== Build 7 === 
 +  [Improvement] Better WordPress brute force detection IP logging. 
 +  [Improvement] Allow request header sizes greater than 32K. 
 +  [Improvement] Added PID to error log messages for worker processes. 
 +  [Bug fix] Fixed a Ruby selector regression introduced in v5.3.7 build 3. 
 +  [Bug fix] Fixed an SSL OCSP stapling bug. 
 +  [Bug Fix] Fixed broken server restart when port offset had been set. 
 +=== Build 6 === 
 +  [New Feature] Added the ability to install/​uninstall the LiteSpeed Web Cache Manager user-end plugin for cPanel using the lscmctl script. 
 +  [Improvement] Fixed PHP handler compatibility issues with Plesk'​s updated configuration template. 
 +  [Improvement] Improved LSAPI compatibility with LSAPI 7.3 . 
 +  [Improvement] Improved HPACK encoding performance. 
 +  [Improvement] Cache engine now updates X-LiteSpeed-Cache-Control max-age value based on actual expire time when a front-end lscache proxy exists. 
 +  [Improvement] Natively configured detached PHP process groups are now gracefully restarted.  
 +=== Build 5 === 
 +  [New Feature] Recommend a plugin or broadcast a message to all discovered WordPress installations with the dash notify feature available in the lscmctl script and WHM plugin. 
 +  [Improvement] Ignore <if> <​else>​ <​elseif>​ configuration contexts. 
 +  [Improvement] Added autoconfig for PHP 7.4. 
 +  [Update] Updated WHM plugin to v3.3 and user-end cPanel plugin to v1.2. 
 +  [Bug Fix] ESI engine bug fix. 
 +  [Bug Fix] Fixed freeBSD 100% cpu usage for kqueue event loops. 
 +  [Bug Fix] Fixed a detached mode process manager bug that accidentally killed other lshttpd worker processes. ​
 === Build 4 === === Build 4 ===
- 
   [Improvement] Improved lsup.sh with stable tier.   [Improvement] Improved lsup.sh with stable tier.
   [Improvement] Improved NodeJS application compatibility and mod_passenger configuration handling.   [Improvement] Improved NodeJS application compatibility and mod_passenger configuration handling.
Line 46: Line 1259:
   [Bug Fix] Added User-Agent and Referer headers to server pushed requests to avoid failing possible checks in a user's custom configuration.   [Bug Fix] Added User-Agent and Referer headers to server pushed requests to avoid failing possible checks in a user's custom configuration.
   [Bug Fix] Implemented mod_security REQUEST_BODY as a dedicate variable.   [Bug Fix] Implemented mod_security REQUEST_BODY as a dedicate variable.
- 
 === Build 3 === === Build 3 ===
- 
   [Improvement] Improved rc-inst.sh to install systemd unit file for Plesk + Debain/​Ubuntu.   [Improvement] Improved rc-inst.sh to install systemd unit file for Plesk + Debain/​Ubuntu.
   [Bug fix] Fixed an ESI engine memory management bug that caused random server crashes.   [Bug fix] Fixed an ESI engine memory management bug that caused random server crashes.
   [Bug fix] Fixed rewrite engine infinite loop when rewrite map file is stored in an NFS mount.   [Bug fix] Fixed rewrite engine infinite loop when rewrite map file is stored in an NFS mount.
- 
 === Build 2 === === Build 2 ===
- 
   [Bug Fix] Fixed a detached mode process manager bug introduced in build 1.   [Bug Fix] Fixed a detached mode process manager bug introduced in build 1.
- 
 === Build 1 === === Build 1 ===
- 
   [Security] Added built-in filter to block attempts to hack LitemMage with crafted ESI request.   [Security] Added built-in filter to block attempts to hack LitemMage with crafted ESI request.
   [Bug Fix] Fixed a detached mode process manager bug made killing other unrelated processes possible.   [Bug Fix] Fixed a detached mode process manager bug made killing other unrelated processes possible.
   [Bug Fix] Fixed an Apache SSL vhost SNI configuration bug.   [Bug Fix] Fixed an Apache SSL vhost SNI configuration bug.
   [Bug Fix] Fixed a QuicEngine bug that could cause broken responses.   [Bug Fix] Fixed a QuicEngine bug that could cause broken responses.
- 
 === Build 0 === === Build 0 ===
- 
   [Security] Fixed a XSS vulnerability in directory auto index script.   [Security] Fixed a XSS vulnerability in directory auto index script.
   [Improvement] Improved QUIC transport protocol performance and reliability.   [Improvement] Improved QUIC transport protocol performance and reliability.
Line 91: Line 1296:
  
 ===== Version 5.3.6 ===== ===== Version 5.3.6 =====
- 
 === Build 6 === === Build 6 ===
- 
   [Security] .rtreport no longer world readable.   [Security] .rtreport no longer world readable.
   [Improvement] Improved QUIC transport protocol performance and reliability.   [Improvement] Improved QUIC transport protocol performance and reliability.
Line 99: Line 1302:
   [Improvement] Made .rtreport symbolic links root owned to avoid LFD file warnings.   [Improvement] Made .rtreport symbolic links root owned to avoid LFD file warnings.
   [Bug Fix] Fixed inaccurate real-time statistics.   [Bug Fix] Fixed inaccurate real-time statistics.
- 
 === Build 5 === === Build 5 ===
- 
   [Update] Updated bundled WHM plugin to v3.2.0.3 and user-end cPanel plugin to v1.1.1.2.   [Update] Updated bundled WHM plugin to v3.2.0.3 and user-end cPanel plugin to v1.1.1.2.
   [Improvement] Improved lsup.sh script to check build number against latest build.   [Improvement] Improved lsup.sh script to check build number against latest build.
   [Bug Fix] Fixed systemd unit file lshttpd.service,​ by requiring network-online.target.   [Bug Fix] Fixed systemd unit file lshttpd.service,​ by requiring network-online.target.
   [Bug Fix] Allow xx.xx.xx.xx/​32 as valid IP in ACL configuration.   [Bug Fix] Allow xx.xx.xx.xx/​32 as valid IP in ACL configuration.
- 
 === Build 4 === === Build 4 ===
- 
   [Update] Updated bundled WHM plugin to v3.2.0.2 and user-end cPanel plugin to v1.1.1.1 to address an integration issue with the recent LSCWP v2.9.3.   [Update] Updated bundled WHM plugin to v3.2.0.2 and user-end cPanel plugin to v1.1.1.1 to address an integration issue with the recent LSCWP v2.9.3.
   [Bug Fix] Fixed a mod_security engine bug that was mistakenly skipping some rules for POST requests.   [Bug Fix] Fixed a mod_security engine bug that was mistakenly skipping some rules for POST requests.
   [Bug Fix] Fixed an ESI engine bug that broke detection for looping includes, causing the server to run out of memory.   [Bug Fix] Fixed an ESI engine bug that broke detection for looping includes, causing the server to run out of memory.
   [Bug Fix] Increased logging for detach mode process manager. A forced lock release will now occur if a dead lock is detected when starting detach mode processes.   [Bug Fix] Increased logging for detach mode process manager. A forced lock release will now occur if a dead lock is detected when starting detach mode processes.
- 
 === Build 3 === === Build 3 ===
- 
   [Improvement] Improved ESI support for JSON responses.   [Improvement] Improved ESI support for JSON responses.
   [Bug fix] Fixed rewrite engine bug where target URLs containing "​../"​ could cause problems.   [Bug fix] Fixed rewrite engine bug where target URLs containing "​../"​ could cause problems.
   [Bug fix] Fixed an external loop redirect detection bug.   [Bug fix] Fixed an external loop redirect detection bug.
   [Bug Fix] Fixed a mod_security bug stopping response headers from being logged to the audit_log.   [Bug Fix] Fixed a mod_security bug stopping response headers from being logged to the audit_log.
- 
 === Build 2 === === Build 2 ===
- 
   [Bug Fix] Fixed a regression that broke the "​SetHandler"​ directive.   [Bug Fix] Fixed a regression that broke the "​SetHandler"​ directive.
   [Bug Fix] OCSP cache directory now properly adjusted in chroot environments.   [Bug Fix] OCSP cache directory now properly adjusted in chroot environments.
- 
 === Build 1 === === Build 1 ===
- 
   [Improvement] Improved default configuration for servers with heavy disk I/O wait.   [Improvement] Improved default configuration for servers with heavy disk I/O wait.
   [Bug Fix] Fixed a rewrite engine compatibility issue.   [Bug Fix] Fixed a rewrite engine compatibility issue.
   [Bug Fix] Fixed a regression in "​Redirect"​ directive handling.   [Bug Fix] Fixed a regression in "​Redirect"​ directive handling.
   [Bug Fix] Fixed a QUIC engine bug when handling extra long response headers.   [Bug Fix] Fixed a QUIC engine bug when handling extra long response headers.
- 
 === Build 0 === === Build 0 ===
- 
   [New Feature] lscmctl script can now be used to set custom server and virtual host cache roots with the '​setcacheroot'​ command.   [New Feature] lscmctl script can now be used to set custom server and virtual host cache roots with the '​setcacheroot'​ command.
   [Improvement] Added "​ProxyPass"/"​ProxyPassMatch"​ support for AJP backend.   [Improvement] Added "​ProxyPass"/"​ProxyPassMatch"​ support for AJP backend.
Line 152: Line 1343:
  
 ===== Version 5.3.5 ===== ===== Version 5.3.5 =====
- 
 === Build 9 === === Build 9 ===
- 
   [Bug Fix] Fixed a bug causing detached PHP processes to be stopped during graceful restarts.   [Bug Fix] Fixed a bug causing detached PHP processes to be stopped during graceful restarts.
- 
 === Build 8 === === Build 8 ===
- 
   [Bug Fix] Fixed an OCSP response verification bug (introduced in the previous build) that caused crashing.   [Bug Fix] Fixed an OCSP response verification bug (introduced in the previous build) that caused crashing.
   [Bugfix] Fixed a bug in processing GeoIP2 mmdb database. ​   [Bugfix] Fixed a bug in processing GeoIP2 mmdb database. ​
   [Bugfix] Fixed a bug introduced in 5.3.5 build 5 that breaks cPanel/WHM redirect to closest matched domain feature.   [Bugfix] Fixed a bug introduced in 5.3.5 build 5 that breaks cPanel/WHM redirect to closest matched domain feature.
- 
 === Build 7 === === Build 7 ===
- 
   [Enhancement] Added extra validation on OCSP response to avoid outdated response for newly renewed certificate. ​   [Enhancement] Added extra validation on OCSP response to avoid outdated response for newly renewed certificate. ​
   [Integration] Made LSWS compatible with Apache configuration generated by cPanel v78.   [Integration] Made LSWS compatible with Apache configuration generated by cPanel v78.
   [Bug Fix] Fixed AddHandler directive behavior to be the same as AddType.   [Bug Fix] Fixed AddHandler directive behavior to be the same as AddType.
- 
 === Build 6 === === Build 6 ===
- 
   [New Feature] Added "​ProxyPass"/"​ProxyPassMatch"​ support for AJP backend.   [New Feature] Added "​ProxyPass"/"​ProxyPassMatch"​ support for AJP backend.
   [New Feature] Added support for "​IP:​port"​ in "​X-Forwarded-For"​ header.   [New Feature] Added support for "​IP:​port"​ in "​X-Forwarded-For"​ header.
Line 176: Line 1359:
   [Bug Fix] Applied a SecRemoteRules fix to avoid rule file corruption.   [Bug Fix] Applied a SecRemoteRules fix to avoid rule file corruption.
   [Bug Fix] Fixed a bug that could cause a blank response body for pre-compressed content.   [Bug Fix] Fixed a bug that could cause a blank response body for pre-compressed content.
- 
 === Build 5 === === Build 5 ===
- 
   [Update] Updated default welcome page content.   [Update] Updated default welcome page content.
   [Bug Fix] Fixed a SecRemoteRule handling bug.   [Bug Fix] Fixed a SecRemoteRule handling bug.
Line 184: Line 1365:
   [Bug Fix] Fixed an awstats integration bug that broke dynamic page generation mode.   [Bug Fix] Fixed an awstats integration bug that broke dynamic page generation mode.
   [Bug Fix] Fixed an infinite loop bug that occurred with badly configured contexts.   [Bug Fix] Fixed an infinite loop bug that occurred with badly configured contexts.
- 
 === Build 4 === === Build 4 ===
- 
   [Improvement] Reliably switch back to Apache when there is a LiteSpeed licensing problem.   [Improvement] Reliably switch back to Apache when there is a LiteSpeed licensing problem.
   [Improvement] Added back support for SecFilterEngine and SecFilterScanPOST directives for backward compatibility.   [Improvement] Added back support for SecFilterEngine and SecFilterScanPOST directives for backward compatibility.
   [Bug Fix] Stopped PHP error logging into error log when stderr.log is disabled.   [Bug Fix] Stopped PHP error logging into error log when stderr.log is disabled.
- 
 === Build 3 === === Build 3 ===
- 
   [Bug Fix] Fixed a bug that causes excessive requests to OSCP responder.   [Bug Fix] Fixed a bug that causes excessive requests to OSCP responder.
   [Bug Fix] Fixed a bug that failed to handle some types of Node.js selector configurations.   [Bug Fix] Fixed a bug that failed to handle some types of Node.js selector configurations.
   [Bug Fix] Fixed a bug that failed cPanel two factor authentication.   [Bug Fix] Fixed a bug that failed cPanel two factor authentication.
   [Bug Fix] Fixed a bug in LiteMage combined subrequest handling.   [Bug Fix] Fixed a bug in LiteMage combined subrequest handling.
- 
 === Build 0 === === Build 0 ===
- 
   [Improvement] Improvements to HTTP/2, QUIC, and rewrite engine.   [Improvement] Improvements to HTTP/2, QUIC, and rewrite engine.
   [Bug Fix] HTTP/2, QUIC, and rewrite engine bug fixes.   [Bug Fix] HTTP/2, QUIC, and rewrite engine bug fixes.
Line 206: Line 1381:
  
 ===== Version 5.3.4 ===== ===== Version 5.3.4 =====
- 
 === Build 8 === === Build 8 ===
- 
   [Bug Fix] Fixed a rewrite engine bug introduced in 5.3.4 build 7, which could cause ERR_SPDY_PROTOCOL_ERROR and redirect problems.   [Bug Fix] Fixed a rewrite engine bug introduced in 5.3.4 build 7, which could cause ERR_SPDY_PROTOCOL_ERROR and redirect problems.
- 
 === Build 7 === === Build 7 ===
- 
   [Improvement] Improved mod_rewrite compatibility.   [Improvement] Improved mod_rewrite compatibility.
   [Improvement] Improved QUIC engine by dynamically adjust batch size of outgoing packets.   [Improvement] Improved QUIC engine by dynamically adjust batch size of outgoing packets.
- 
 === Build 5 === === Build 5 ===
- 
   [Improvement] Improved PHP process abort feature to occur in a more timely manner.   [Improvement] Improved PHP process abort feature to occur in a more timely manner.
   [Bug Fix] Fixed an HTTP/2 engine bug that caused connections to reset under certain situations.   [Bug Fix] Fixed an HTTP/2 engine bug that caused connections to reset under certain situations.
- 
 === Build 4 === === Build 4 ===
- 
   [Improvement] Improved mod_security engine with UNIQUE_ID support.   [Improvement] Improved mod_security engine with UNIQUE_ID support.
   [Update] Disabled 503 auto fix by default.   [Update] Disabled 503 auto fix by default.
Line 229: Line 1396:
   [Bug Fix] Fixed incompatible behavior with Python selector support.   [Bug Fix] Fixed incompatible behavior with Python selector support.
   [Bug Fix] Fixed a license information display bug in WebAdmin Console.   [Bug Fix] Fixed a license information display bug in WebAdmin Console.
- 
 === Build 2 === === Build 2 ===
- 
   [Improvement] Improved compatibility for WebCache manager.   [Improvement] Improved compatibility for WebCache manager.
   [Bug Fix] This build include a fix for gQUIC v044 support   [Bug Fix] This build include a fix for gQUIC v044 support
- 
 === Build 1 === === Build 1 ===
- 
   [Improvement] Improved NODEJS support.   [Improvement] Improved NODEJS support.
   [Improvement] Detect curl + HTTP/2 combination and disable HTTP/2 for future access.   [Improvement] Detect curl + HTTP/2 combination and disable HTTP/2 for future access.
   [Update] Updated WHM plugin to v3.1.3.2 to address a compatibility issue with newer versions of the LSCWP plugin.   [Update] Updated WHM plugin to v3.1.3.2 to address a compatibility issue with newer versions of the LSCWP plugin.
   [Update] Updated cPanel user-end plugin to v1.0.2.1 to address a compatibility issue with newer versions of the LSCWP plugin.   [Update] Updated cPanel user-end plugin to v1.0.2.1 to address a compatibility issue with newer versions of the LSCWP plugin.
- 
 === Build 0 === === Build 0 ===
- 
   [MAJOR NEW FEATURE] Added support for Google QUIC v44.    [MAJOR NEW FEATURE] Added support for Google QUIC v44. 
   [NEW FEATURE] Improved Ruby/Python selector support and apply engine version changes on the fly.   [NEW FEATURE] Improved Ruby/Python selector support and apply engine version changes on the fly.
Line 258: Line 1419:
  
 ===== Version 5.3.3 ===== ===== Version 5.3.3 =====
- 
 === Build 3 === === Build 3 ===
- 
   [Bug Fix]  Fixed a mod_security engine bug that caused incorrect behavior with the comodo ruleset.   [Bug Fix]  Fixed a mod_security engine bug that caused incorrect behavior with the comodo ruleset.
- 
 === Build 2 === === Build 2 ===
- 
   [Bug Fix] Made adjustments to PHP handler configuration to fix broken PHP selector.   [Bug Fix] Made adjustments to PHP handler configuration to fix broken PHP selector.
   [Bug Fix] Fixed a memory leak in HTTP/2.   [Bug Fix] Fixed a memory leak in HTTP/2.
   [Bug Fix] Fixed a crash when parsing Apache configuration.   [Bug Fix] Fixed a crash when parsing Apache configuration.
- 
 === Build 0 === === Build 0 ===
- 
   [Bug Fix] Emergency release to ignore faulty rewrite rule introduced by cPanel   [Bug Fix] Emergency release to ignore faulty rewrite rule introduced by cPanel
  • Admin
  • Last modified: 2019/04/13 12:59
  • by Lucas Rolff