mod_security compatibility

lsws try to be compatible with latest mod_security 2.5(and above) + latest gotroot rules. lsws support most of them, and don’t want to miss any really important features/rules in real world and keeps updating based on our users’ feedback. However since the complexity and the always updating security rules, it’s not possible to be 100% compatible with apache in any time. This wiki will address the most current compatibility status.

Not Yet Support Features

scan response header/body.(Note: request header/body are supported)
scan attached files content in multi-part upload
PDF functions
lua
parsing XML

Reasons/Concerns not support them

the feature is less used
the feature may slow down litespeed considerably due to the single-thread event driven architecture
the rules for static files are skipped as it would unlikely cause any real security issue.

Tips and Tricks

http://www.litespeedtech.com/support/wiki/doku.php?id=litespeed_wiki:mod_security_tips_tricks