Search results

  1. lslisa

    OpenLiteSpeed v1.8.2 Now Available

    Announcing: OpenLiteSpeed v1.8.2 In this release: block hacking attempts, support QUIC stream priority, improve Ruby application compatibility, bug fixes, and more! RELEASE LOG: [Security] Block "litespeed_role" cookie used for hacking LSCWP. [Improvement] Move OSCP cache, status and rtreport...
  2. lslisa

    OpenLiteSpeed v1.8.1 Now Available

    Announcing: OpenLiteSpeed v1.8.1 In this release: Proxy chunked encoding support, bug fixes. RELEASE LOG: [Security] Fix chunked encoding + proxy related issues. [New Feature] Add request body chunked encoding support for proxy backends. [Bug Fix] Fix excessive cache misses caused by cookie...
  3. lslisa

    OpenLiteSpeed v1.8 Now Available

    Announcing: OpenLiteSpeed v1.8 In this release: Namespace containers, async I/O, QUIC v2, hCAPTCHA, and more! RELEASE LOG: [New Feature] Linux Namespace container for resource isolation. [New Feature] Asynchronous I/O via iouring, linux AIO and posix AIO. [New Feature] Update HTTP3 with the...
  4. lslisa

    OpenLiteSpeed v1.7.19 Now Available

    Announcing: OpenLiteSpeed v1.7.19 In this release: security updates, bug fixes, and more! RELEASE LOG: [Security] More strict header validations [Security] Detect HTTP/2 repaid reset attack and disable HTTP/2 for attacking IP. [Improve] Update libmodsecurity to 3.0.11 [Bug Fix] Fix a HTTP/3...
  5. lslisa

    OpenLiteSpeed is NOT vulnerable to Rapid Reset

    The details about the recent HTTP/2 CVE, and why you can rest easy with LiteSpeed Enterprise Web Server, LiteSpeed Web ADC, and OpenLiteSpeed: https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/
  6. lslisa

    OpenLiteSpeed v1.7.18 Now Available

    Announcing: OpenLiteSpeed v1.7.18 In this release: security updates, and more! RELEASE LOG: [Security] Apply more strict request header validation. [Security] Update libmodsecurity to 3.10 [Tuning] Lift default memory limit for external application. [Improvement] add private cache session...
  7. lslisa

    OpenLiteSpeed v1.7.17 Now Available

    Announcing: OpenLiteSpeed v1.7.17 In this release: ARM aarch64 support, bug fixes, and more! RELEASE LOG: [Security] Address request header smuggling over HTTP/2 and HTTP/3 [New Feature] Add support for ARM aarch64 platform. [Bug Fix] Update lsquic to v3.2.0 [Bug Fix] Update libmodsecurity to...
  8. lslisa

    Web Server Vulnerabilities

    Please read our new blog post at https://blog.litespeedtech.com/2022/11/14/cve-2022-0072-cve-2022-0073-and-cve-2022-0074/ for information about the CVE-2022-0072, CVE-2022-0073, and CVE-2022-0074 web server vulnerabilities. Learn who is impacted and what you should do to protect your systems.
  9. lslisa

    OpenLiteSpeed v1.7.16 Now Available

    Announcing: OpenLiteSpeed v1.7.16 In this release: Improvements, bug fixes. RELEASE LOG: [Security] Address a few crashes and memory leaks in HTTP/3 implementation. [Improvement] Add support for vhost strict ownership validation. [Improvement] Add pagination for long pages generated by auto...
  10. lslisa

    OpenLiteSpeed v1.7.15 Now Available

    Announcing: OpenLiteSpeed v1.7.15 This release consists of bug fixes and more. RELEASE LOG: [Security] Fix a dynamic linking security issue, reported by RACK911. [Bug Fix] Correct a few minor cache engine issues. [Bug Fix] "Force Strict Ownership" feature now works as expected. [Bug Fix]...
  11. lslisa

    OpenLiteSpeed v1.7.14 Now Available

    Announcing: OpenLiteSpeed v1.7.14 This release consists of bug fixes. RELEASE LOG: [Bug Fix] Update libmodsecurity from v3.0.4 to v3.0.5. [Bug Fix] Address a crash in handling range requests to files without a suffix (introduced in OLS v1.7.12). [Bug Fix] Address a corner case that breaks POST...
  12. lslisa

    OpenLiteSpeed v1.7.13 Now Available

    Announcing: OpenLiteSpeed v1.7.13 In this release: auto whitelist for QUIC.cloud and Cloudflare IPs, bug fixes, and more! RELEASE LOG: [New Feature] Auto whitelist QUIC.cloud and Cloudflare IPs. [New Feature] Auto whitelist local IP. [Bug Fix] Address random 500 responses when serving cached...
  13. lslisa

    OpenLiteSpeed v1.7.12 Now Available

    Announcing: OpenLiteSpeed v1.7.12 In this release: new features for blocking botnets, and more! RELEASE LOG: [Improvement] Update lsquic to v3.0.2 to address a chrome HTTP/3 connection timeout issue for long-running scripts. [New Feature] Add support for "blockbot" environment variables to...
  14. lslisa

    OpenLiteSpeed v1.7.11 Now Available

    Announcing: OpenLiteSpeed v1.7.11 In this release: HTTP/3 v1, bug fixes, and more! RELEASE LOG: [Feature] HTTP/3 version 1 is now available. [Feature] Compression for rotated error log is now available. [Bug Fix] More solid SO_REUSEPORT implementation. [Bug Fix] A few random crashes have been...
  15. lslisa

    OpenLiteSpeed v1.7.10 Now Available

    Announcing: OpenLiteSpeed v1.7.10 In this release: zero downtime graceful restart, bug fixes, and more! RELEASE LOG: [New Feature] Zero downtime graceful restart. [New Feature] Allow Proxy External Apps to proxy to Unix Domain Sockets. [Bug Fix] Properly adjust SO_REUSEPORT shards based on...
  16. lslisa

    OpenLiteSpeed v1.6.21 Now Available

    Announcing: OpenLiteSpeed v1.6.21 In this release: zero downtime graceful restart, bug fixes, and more! RELEASE LOG: [New Feature] Zero downtime graceful restart. [New Feature] Allow Proxy External Apps to proxy to Unix Domain Sockets. [Bug fix] Address random crashing in Layer4 handler...
  17. lslisa

    Is the slack group dead?

    Please use https://www.litespeedtech.com/slack
  18. lslisa

    OpenLiteSpeed v1.7.8 Now Available

    Announcing: OpenLiteSpeed v1.7.8 In this release: improvements and bug fixes. RELEASE LOG: [Improvement] Address Sanitizer build now works properly. [Improvement] Better debug logging. [Bug Fix] Address memory leaks in cache engine, server configuration, and other components. [Bug Fix]...
  19. lslisa

    OpenLiteSpeed v1.6.19 Now Available

    Announcing: OpenLiteSpeed v1.6.19 In this release: improvements and bug fixes. RELEASE LOG: [Improvement] Address Sanitizer build now works properly. [Improvement] Better debug logging. [Bug Fix] Address memory leaks in cache engine, server configuration, and other components. [Bug Fix]...
  20. lslisa

    OpenLiteSpeed v1.7.7 Now Available

    Announcing: OpenLiteSpeed v1.7.7 In this release: tuning, bug fixes, and more! RELEASE LOG: Core [Tuning] Some internal cookies are now excluded by the cache module. [Tuning] Update HttpVHost::addPythonApp() to allow 4 ENV values (PYTHONPATH, LSAPI_STDERR_LOG, LSAPI_CHILDREN...
Top