mod_security compatibility

lsws try to be compatible with latest mod_security 2.5(and above) + latest gotroot rules. lsws support most of them, and don't want to miss any really important features/rules in real world and keeps updating based on our users' feedback. However since the complexity and the always updating security rules, it's not possible to be 100% compatible with apache in any time. This wiki will address the most current compatibility status.

Not Yet Support Features

  • scan response header/body.(Note: request header/body are supported)
  • scan attached files content in multi-part upload
  • PDF functions
  • lua
  • parsing XML

Reasons/Concerns not support them

  • the feature is less used
  • the feature may slow down litespeed considerably due to the single-thread event driven architecture
  • the rules for static files are skipped as it would unlikely cause any real security issue.

Tips and Tricks

litespeed_wiki/mod_security_compatibility.txt · Last modified: 2013/03/01 18:55 (external edit)