LiteSpeed Web Server Release Log https://litespeedtech.com/images/logos/litespeed/litespeed-logo.png 2021-08-13 19:09:38 LiteSpeed Web Server is constantly updated with new features and bug fixes. This is a detailed list of changes, arranged by date and version number.

LiteSpeed Web Server
Release Log

Join the "LiteSpeed Edge Users" Google Group for cutting-edge build notifications, or see our wiki for detailed build information.

LiteSpeed Web Server (LSWS) is constantly updated with new features and bug fixes.

  • LSWS 6.0.8 (Stable)(08-13-2021) Bugfixes

    • BUGFIX Address a mod_security corner case causing hanging worker processes.
    • BUGFIX Disable mod_security engine for requests rewritten to ReCAPTCHA.
    • BUGFIX Address an ESI encoding corruption bug that mainly affected Prestashop caching.
    • IMPROVEMENT Internal redirects now carry over "Last-Modified" and "Content-type" response headers set by scripts.
    • IMPROVEMENT Add "ProxyAddHeaders on|off" support to avoid sending "x-Forwarded-for" and "x-forwarded-host" proxy headers.
    • IMPROVEMENT Add `CachePost on|off` support to allow POST cache configuration in Apache configuration files.
    • IMPROVEMENT Avoid an unintended delay when processing the first request for a newly started PHP worker group.

    LSWS 6.0.7(07-22-2021) Bugfixes

    • BUGFIX Address additional random crashes in asynchronous mod_security engine.
    • BUGFIX Address an HTTP/3 sendfile corner case.
    • BUGFIX Address a problem with custom error page for OPTIONS request method.

    LSWS 6.0.6(07-14-2021) Improvement & Bugfixes

    • IMPROVEMENT Cleanup SSL OCSP data cache folder.
    • BUGFIX Address a few random crashes in asynchronous mod_security engine.
    • BUGFIX Address random server hangs when AIO is in use.

    LSWS 6.0.5(07-07-2021) Bugfixes

    • BUGFIX Address a random crash with asynchronous mod_security engine.
    • BUGFIX Resolve a problem with sending truncated static files over HTTP/3 connections.
    • BUGFIX Resolve a problem with purging by URL.
    • BUGFIX Address a crash when handling decoded HTTP/2 headers.

    LSWS 6.0.4(06-30-2021) Bugfixes

    • BUGFIX Address a chrome HTTP/3 connection timeout issue for long running scripts.
    • BUGFIX Address a multi-thread race condition in mod_security engine.
    • BUGFIX Detect dead HTTP/2 connections during server cool-down.
    • BUGFIX Improve request/response header name validation to avoid HTTP/2 and HTTP/3 protocol violations.

    LSWS 6.0.3(06-23-2021) New Features & Bugfixes

    • NEW FEATURE Optionally enable UNIQUE_ID environment variable for Apache mod_unique_id compatibility.
    • NEW FEATURE Add server variable REDIRECT_REQUEST_METHOD for better Apache compatibility.
    • BUGFIX Address an infinite loop when processing conditional context expressions.
    • BUGFIX Address crashes in mod_security engine, SSL session cache, and response header processing.
    • BUGFIX Address LiteSpeed worker high CPU usage due to a malloc() spinlock dead lock.
    • BUGFIX Better follow PassengerAppLogFile configuration for Python/Ruby applications.
    • BUGFIX Follow server level compressible configuration for MIME types defined in .htaccess.
    • BUGFIX Improve chunk encoded request body handling for PHP scripts.
    • BUGFIX Minor tweaks to HTTP/3 protocol.

    LSWS 6.0.2(06-07-2021) New Feature, Improvement & Bugfixes

    • NEW FEATURE Enable HTTP/3 v1 by default.
    • IMPROVEMENT Allow header customization for reCAPTCHA pages.
    • BUGFIX Keep Firefox HTTP/3 connections alive for long running scripts.
    • BUGFIX Fix Ubuntu Plesk Grafana integration.
    • BUGFIX Conditional redirect configuration now works properly.

    LSWS 6.0.1(05-26-2021) New Features & Bugfix

    • NEW FEATURE Add support for PassengerAppLogFile directive.
    • NEW FEATURE Add support for access log TTFB format "%^FB".
    • BUGFIX Python applications now have a higher priority than directory index.
    • BUGFIX Applied all bug fixes made through 6.0 build 12.

    LSWS 6.0(03-25-2021) New Features, Improvements and Bugfix

    • NEW FEATURE HTTP/3 v1 support with with DPLPMTUD, Adaptive congestion control, Delayed ACK, and zero-copy packetization.
    • NEW FEATURE Asynchronous mod_security engine.
    • NEW FEATURE Cache engine POST request caching capability.
    • NEW FEATURE Dynamic DNS lookup for external application backends.
    • NEW FEATURE Support for Apache 2.4 conditional contexts '❬If❭', '❬Ifelse❭', and '❬Else❭'.
    • NEW FEATURE Bubblewrap isolated CGI/PHP execution environments.
    • NEW FEATURE Cgroup resource throttling for CGI/PHP.
    • NEW FEATURE Support for secure websocket backend (wss://).
    • NEW FEATURE Auto whitelist QUIC.cloud IPs.
    • IMPROVEMENT Better out-of-box compatibility with Apache ProxyPass directive.
    • IMPROVEMENT ModSecurity scan response body support.
    • IMPROVEMENT ModSecurity persistent collection SHM storage.
    • IMPROVEMENT ModSecurity JSON audit log.
    • IMPROVEMENT Revamp of SSL Multi-Cert support.
    • BUGFIX All applicable bug fixes from 5.4.X releases.

    LSWS 6.0 RC3(12-09-2020) New Features, Major Improvements, Improvements

    • NEW FEATURE Support external application configuration using domain name for target address.
    • NEW FEATURE HTTP/3 draft 32 support.
    • NEW FEATURE Support for secure websocket backend (wss://).
    • MAJOR IMPROVEMENT Better Apache ProxyPass compatibility with any target domain/IP, without the need to explicitly create an external application.
    • MAJOR IMPROVEMENT HTTP/3 Delayed ACK extension has been enabled to improve performance.
    • IMPROVEMENT Better support for various ModSecurity variables.
    • IMPROVEMENT Fix various HTTP/3 congestion control corner cases to maximize throughput.

    LSWS 6.0 RC2(10-15-2020) New Feature, Major Improvements

    • NEW FEATURE ModSecurity scan response body support.
    • NEW FEATURE HTTP/3 draft 31 support.
    • MAJOR IMPROVEMENT Improve HTTP/3 throughput with DPLPMTUD, Adaptive congestion control, and zero-copy packetization.
    • MAJOR IMPROVEMENT ModSecurity persistent collection SHM storage.
    • MAJOR IMPROVEMENT Revamp of SSL Multi-Cert support.

    LSWS 6.0 RC1(07-17-2020) Major New Features, New Feature, Major Improvements, Improvement

    • MAJOR NEW FEATURE Apache 2.4 conditional context <If> <Ifelse> <Else> support.
    • MAJOR NEW FEATURE Asynchronous mod_security engine.
    • MAJOR NEW FEATURE Bubblewrap isolated CGI/PHP execution environments.
    • NEW FEATURE HTTP/3 draft 29 support.
    • MAJOR IMPROVEMENT HTTP/2 has gone through a major rewrite with more efficient header handling.
    • IMPROVEMENT Added ModSecurity JSON audit log.
  • LSWS 5.4.12 (Stable)(03-22-2021) New Feature, Security & Bugfixs

    • NEW FEATURE Auto white list QUIC.cloud IPs.
    • SECURITY Fix a bug that allowed bypassing of built-in blocked URLs.
    • SECURITY Block improperly configured user/group and commands for external apps.
    • BUGFIX Address content corruption for ESI includes.
    • BUGFIX Improve ESI parser to handle improperly escaped ESI directives.
    • BUGFIX Add SSL OCSP stapling for redis dynamic vhosts.
    • BUGFIX Address a random crash in Layer 4 forwarding to websocket backends.
    • BUGFIX cPanel webmail proxy domain email attachment uploads no longer hang.
    • BUGFIX Update wsgi-lsapi to v1.9 to address a unicode encoding problem for Django applications.
    • BUGFIX Improve NodeJS application compatibility.
    • BUGFIX Start Ruby applications through a login bash shell to apply the necessary shell environment variables.
    • BUGFIX Improve mod_security variables handling.
    • BUGFIX Improve reCAPTCHA verification protection.

    LSWS 5.4.11(11-19-2020) New Feature, Improvements & Bugfixs

    • NEW FEATURE Support for Apache configuration directive 'AuthMerging'.
    • IMPROVEMENT Support for RewriteCond operators added by Apache 2.4 which includes '>=', '<=', '-eq' , '-ge' , '-gt', '-le' , '-lt', '-ne', '-h', '-L', and '-x'.
    • IMPROVEMENT Update bundled WHM Plugin to v4.1.3 (bundled w/ cPanel plugin v2.1.2).
    • BUGFIX Do not load .htaccess from parent directories beyond document root when AllowOverride is disabled for those parent directories in Apache configuration.
    • BUGFIX Address a crash in ESI sub requests.
    • BUGFIX Avoid restoring older system file backups if a switch back to Apache has been performed.
    • BUGFIX Avoid throttling or blocking local IP.
    • BUGFIX Address occasional slow down caused by long delays added by CUBIC congestion control for HTTP/3 (QUIC).
    • BUGFIX CloudLinux App config now follow max connections configured in LSWS native App config.
    • BUGFIX Properly apply environment variable configuration for CloudLinux Node selector.
    • BUGFIX Address a false positive that was blocking IPs due to "too many new SSL connections".
    • BUGFIX Plesk webstats page now works properly.

    LSWS 5.4.10(10-07-2020) New Features, Improvements, Tunings & Bugfixs

    • NEW FEATURE Add ForceSecureCookie configuration directive to enforce "secure" and "SameSite" cookie attributes. This directive can be set in an Apache config file at the server or vhost level, or in the document root directory's .htaccess file.
    • NEW FEATURE Allow LiteSpeed Cache for WordPress plugin to use ESI combine sub-requests to improve ESI performance.
    • NEW FEATURE Update cPanel plugin to automatically apply new ECC certificates generated through the plugin.
    • IMPROVEMENT Apply Expires header to a partial response for a range request.
    • IMPROVEMENT Improve PHP default handler for DirectAdmin.
    • IMPROVEMENT Update bundled WHM plugin to v4.1.2 with improved WP cache scan logic.
    • TUNING Automatically detect and neutralize bad rewrite rules that cause looping proxy to the same server.
    • TUNING Install alt-python38 wsgi-lsapi binary from source if rpm package is not available.
    • TUNING Add PHP 8.0 auto detection.
    • BUGFIX Avoid stapling expired OCSP responses.
    • BUGFIX Properly apply URL encoding for Location URL generated by a rewrite rule.
    • BUGFIX HTTP3/IETF QUIC: close immediately if crypto session can't be initialized.
    • BUGFIX Close down HTTP3/QUIC streams reset by peer in a timely manner.
    • BUGFIX Normalize IPv6 addresses to properly reuse existing listener sockets.
    • BUGFIX Update Python application handler internal URL to avoid being blocked when .py suffix is blocked.
    • BUGFIX Apply header operations for pages generated by python/nodejs applications.
    • BUGFIX Properly detect HTTP/2 GREASE frame and GREASE settings entry, avoiding protocol errors.
    • BUGFIX Avoid releasing cache objects too early.
    • BUGFIX Address a rare crash in ESI parser.
    • BUGFIX Force apply ACL configuration changes when client access level is cached in SHM.
    • BUGFIX Reset per client concurrent connection counter stored in SHM when server restarts.
    • BUGFIX For directory auto index, avoid a blank file name when special characters are in the name.

    LSWS 5.4.9(08-21-2020) New Features,Improvements

    • NEW FEATURE WHM plugin 4.1 with Let's Encrypt ECC certificate support. QUIC.cloud integration with SSL certificates synchronization.
    • NEW FEATURE Automatic CloudFlare CDN IP detection.
    • NEW FEATURE Support for bcrypt password hash for HTTP authentication.
    • IMPROVEMENT PHP version detection for cPanel FCGId PHP handler.

    LSWS 5.4.8(07-01-2020) New Features, Security, Improvements, Bug Fixes

    • NEW FEATURE Add the ability to load an extra ECC certificate for an Apache virtual host when multi-cert support is enabled.
    • NEW FEATURE Apply header modification configurations in .htaccess to dynamic responses for CloudLinux Python/Ruby/NodeJS selector application.
    • NEW FEATURE Update client IP using request header "X-Real-IP".
    • NEW FEATURE Use Client IP in Header can now be set to use the last IP listed in the X-Forwarded-For header for servers behind AWS ELB.
    • SECURITY Block 'LD_*' environment variable overriding from .htaccess.
    • IMPROVEMENT New Ruby 2.0+ compatible RackRunner script for ruby-lsapi 5.0.
    • IMPROVEMENT Separate IPv4 and IPv6 virtual hosts now share cached pages for the same domain.
    • IMPROVEMENT Update WHM plugin to v4.0 (drops support for EasyApache 3).
    • IMPROVEMENT Make reCAPTCHA compatible with WordPress password protected pages.
    • BUGFIX Invisible reCAPTCHA now works properly with IE 11 browser.
    • BUGFIX Correct Magento LiteMage2 cache object statistics.
    • BUGFIX Address an AJPv13 hanging bug.
    • BUGFIX Enabling bandwidth throttling no longer causes rare HTTP/2 response hangs.
    • BUGFIX Properly apply UMASK configuration for external applications.
    • BUGFIX Fix a problem with Plesk log rotation when LSWS overrode Apache's rc script with a symbolic link.
    • BUGFIX NodeJS default being not properly set in httpd_config.xml no longer causes crashing.
    • BUGFIX Address cp_switch_ws.sh issues when switching back to Apache.

    LSWS 5.4.7(04-17-2020) New Features, Security, Tunings, Bug Fixes

    • NEW FEATURE Added strict suEXEC and ownership checking on scripts.
    • NEW FEATURE Added ability to configure static/dynamic request per second limit for Apache vhost.
    • SECURITY Fixed a symbolic link attack in directory auto index script. Thank you KnownHost for the bug report. (CloudLinux user is not affected.)
    • TUNING Prevent ports 443 and 80 from being used as WebAdmin listener port.
    • TUNING Avoid triggering 503 errors when cPanel backend services (cpcontacts, webdisk, ...) are unavailable.
    • TUNING Automatically update /proc/sys/net/core/somaxconn to 1024 whenever server performs a fresh startup.
    • TUNING Added after=lve_namespaces.service to systemd unit file.
    • BUGFIX Fixed reCAPTCHA triggering for the first access of an allowed robot.
    • BUGFIX Added "Cache-Control: no-cache" to reCAPTCHA verification page to disallow CDN/proxy cache.
    • BUGFIX Fixed delayed .htaccess loading.
    • BUGFIX Fixed a delayed server response bug with HTTP/2.
    • BUGFIX Fixed a NodeJS websocket backend configuration bug.
    • BUGFIX Shared lib for lscmctl script is now updated on server install/update.

    LSWS 5.4.6(03-12-2020) New Features, Tunings, Bug Fixes

    • NEW FEATURE Updated HTTP/3 support to include h3-27.
    • TUNING Set mod_security RBL DNS cache to 60 seconds.
    • TUNING Disable TLSv1.1 by default.
    • TUNING Enable SSL session tickets by default.
    • TUNING No longer add ECDHE-RSA-AES128-SHA cipher automatically.
    • BUGFIX Fixed a bug that caused ProxyPass ws:// target to stop working for certain configuration combination.
    • BUGFIX Fixed a bug in HTTP/2 handling mismatched response content-length and actual reponse body size.
    • BUGFIX Fixed a false positive that triggered ACL denied for Plesk.
    • BUGFIX Fixed a regression that broke /tmp/lshttpd/swap auto cleanup.
    • BUGFIX Fixed a false positive when handling ModSecrurity SecRemoteRule.
    • BUGFIX Fixed a crash in ModSecurity using libinjection.

    LSWS 5.4.5(02-05-2020) Improvements, New Features, Updates, Bug Fixes

    • NEW FEATURE Added support for IETF HTTP/3 draft 25 (h3-25).
    • NEW FEATURE Populated GEOIP_COUNTRY_CODE environment variable using IP2Location database.
    • NEW FEATURE Added full Captcha protection for WordPress login page.
    • NEW FEATURE Optionally skip rewrite processing for Let's Encrypt verification requests.
    • NEW FEATURE Automatically patch Set-Cookie with 'secure' flag when served over HTTPS.
    • IMPROVEMENT Added 'cssDecode' and 'utf8toUnicode' transformations to ModSecurity engine.
    • IMPROVEMENT Added support for 'REQUEST_SCHEME' request variable.
    • IMPROVEMENT Added '-vb' command line option to print out version and build number.
    • UPDATE Updated WHM plugin to v3.3.7.
    • BUGFIX Fixed websockets hanging on upgrade.
    • BUGFIX Fixed a WebAdmin Console socket address validation bug.
    • BUGFIX Fixed .htaccess configuration changes failing to apply for Python/Ruby/NodeJS applications.
    • BUGFIX Environment variable names are no longer converted to uppercase for Apache SetEnv directive.
    • BUGFIX Fixed a NodeJS wrapper script bug that failed to handle startup files with absolute paths.
    • BUGFIX External application process startup time is now reliably detected.
    • BUGFIX Fixed a minor regression with AHO string search.
    • BUGFIX Fixed a bug using wrong log ID in error log.

    LSWS 5.4.4(01-08-2020) New Feature, Security, Bug Fixes

    • NEW FEATURE Added support for Google QUIC Q050.
    • SECURITY Improved WebAdmin Console security by strictly checking request URLs.
    • BUGFIX Fixed a bug that caused HTTPS connections to stall when bandwidth throttling was enabled.
    • BUGFIX Fixed an ESI/Litemage output corruption bug.
    • BUGFIX Fixed a bug in AIO logging that caused the access log to stop working.
    • BUGFIX Fixed a bug causing 100% CPU usage for FreeBSD.
    • BUGFIX Removed an unnecessary CloudLinux CageFS mount point for "/tmp/lshttpd".
    • BUGFIX Fixed a crash caused by memory mapped files being truncated.

    LSWS 5.4.3(12-09-2019) New Features, Improvements, Bug Fixes

    • NEW FEATURE Websocket backend support via the "ProxyPass" directive.
    • NEW FEATURE Added HTTP/3 draft 24 support.
    • ENHANCEMENT Improved WordPress brute force protection when facing large botnet attacks.
    • TUNING Updated HTTP/3 QUIC engine default congestion control method to CUBIC for better performance in good network conditions.
    • UPDATE Updated WHM plugin to v3.3.5 (includes support for displaying "critical alerts").
    • BUGFIX Fixed a few bugs in HTTP/3 QUIC engine.
    • BUGFIX Fixed a bug in PID verification that failed to stop processes for detached applications.
    • BUGFIX Fixed a bug in modsecurity engine where LOGGING phase processing was bypassed if a client was using a QUIC connection.
    • BUGFIX Properly count 3 character second level domains against license domain limit.
    • BUGFIX Properly parse IPv6 mapped IPv4 addresses in request header.
    • BUGFIX Fixed missing "REMOTE_USER" request environment variable when HTTP authentication is used.
    • BUGFIX Fixed a problem with utf-8 characters in request URLs for Python applications.
    • BUGFIX Improved lock contention handling when detached mode PHP processes are started concurrently by multiple server worker processes.
    • BUGFIX Fixed an ESI sub-request bug that could stall proxy to backend communication.
    • BUGFIX Fixed a DirectAdmin userdir bug.

    LSWS 5.4.2(10-18-2019) New Features, Improvements, BugFix

    • NEW FEATURE Updated QUIC implementation to support IETF HTTP/3 draft 23.
    • NEW FEATURE BBR congestion control for QUIC and HTTP/3.
    • NEW FEATURE "Require env XXXX" access control support.
    • NEW FEATURE User/Account level bandwidth throttling for Redis dynamic virtual hosting.
    • IMPROVEMENT Further HTTPS SSL layer performance tuning.
    • IMPROVEMENT Automatically restart running PHP processes when PHP binary changes are detected.
    • IMPROVEMENT Automatically convert ea-phpXX handler configuration into a phpXX handler when an ea-php handler is not available.
    • IMPROVEMENT Improved AIO access logging to minimize disk I/O.
    • IMPROVEMENT Avoid reCAPTCHA verification on AJAX requests to minimize false positives.
    • IMPROVEMENT Built-in error and reCAPTCHA verification pages are now responsive.
    • IMPROVEMENT Remove '[' ']' enclosure for IPv6 addresses in the access log and request environment variable 'REMOTE_ADDR'.
    • IMPROVEMENT Reduced memory usage to improve server scalability.
    • IMPROVEMENT Improved accuracy of server real-time statistics.
    • IMPROVEMENT Enable SSL SHM session cache for Apache HTTPS vhost when server level SSH session cache is enabled.
    • IMPROVEMENT Disable TLSv1.0 by default for better PCI compliance.
    • IMPROVEMENT Automatically disable HTTP/2, SPDY, and QUIC for CSF messenger vhosts on port 8887.
    • IMPROVEMENT Added "SmartPush no-cookie" directive to disable cookies used for HTTP/2 and QUIC smart push.
    • IMPROVEMENT Added `lsws/logs/critical_alert` log file for writing common license errors that could cause LSWS to stop working.
    • IMPROVEMENT Improved compatibility with CloudLinux python selector.
    • IMPROVEMENT Improved modsecurity engine compatibility.
    • IMPROVEMENT Send "Alt-Svc" header advertising QUIC and HTTP/3 support only once per connection.
    • BUGFIX Fixed WordPress brute force protection bugs that were causing false positives and crashes.
    • BUGFIX Fixed a bug causing HTTP/2 requests to stall under rare conditions.
    • BUGFIX Fixed a bug causing broken non-keepalive HTTPS responses.
    • BUGFIX Fixed a Layer4 tunnel bug that caused random crashes.
    • BUGFIX Fixed Apache sometimes starting inside the lshttpd cgroup when switching from LSWS to Apache.
    • BUGFIX Fixed all LSPHP processes not being stopped when switching from LSWS to Apache.
    • BUGFIX Fixed an .htaccess cache bug that caused the server's default PHP handler to be used instead of configured per-vhost suEXEC handlers.
    • BUGFIX Per Apache vhost PHP 7.4 handler now runs in suEXEC mode.

    LSWS 5.4.1(08-15-2019) Security, New Features, Improvements, BugFix

    • SECURITY Addressed recent HTTP/2 DoS advisories. Fixed CVE-2019-9516 "0-Length Headers Leak" vulnerability. Completely blocks unaffected attacks: CVE-2019-9511 "Data Dribble", CVE-2019-9512 "Ping Flood", CVE-2019-9513 "Resource Loop", CVE-2019-9514 "Reset Flood", CVE-2019-9515 "Settings Flood", CVE-2019-9517 "Internal Data Buffering", and CVE-2019-9518 "Empty Frames Flood".
    • NEW FEATURE Updated HTTP/3 support to Internet Draft 22.
    • NEW FEATURE Smart server PUSH uses cookies to track pushed assets, avoiding pushing the same asset repeatedly.
    • IMPROVEMENT reCAPTCHA engine has been improved to reduce false positives.
    • BUGFIX Fixed a chunk encoding bug that could cause data corruption.
    • BUGFIX Fixed a bug that could cause truncated response bodies to be transferred over non-keepalive HTTPS connections. This usually affects front-end CDN services.
    • BUGFIX Fixed a regression that prevented Apache vhosts from using PHP daemon mode.
    • BUGFIX Fixed a cache engine bug that failed to forward the `X-Litespeed-purge2` response header to front-end ADC cache engines.
    • BUGFIX Fixed a bug that causes Python WSGI applications to fork child processes frequently.

    LSWS 5.4(07-23-2019) New Features, Improvements

    • MAJOR IMPROVEMENT Massive HTTP/2 HTTPS performance boost (up to 5x faster than LSWS v5.3.x).
    • MAJOR NEW FEATURE Experimental HTTP/3 draft 20 support.
    • MAJOR NEW FEATURE Redis and rewrite based dynamic virtual hosting.
    • MAJOR NEW FEATURE Server level reCAPTCHA protection efficiently defends against layer-7 DDoS attacks of any size.
    • NEW FEATURE Added support for Q046 in QUIC engine.
    • NEW FEATURE HTTPS accelerator with direct dynamic TLS record packaging, improving both HTTPS throughput and TTFB without compromise.
    • NEW FEATURE HTTPS handshake offloading, improving HTTPS handshake speed and avoiding clogging the server's main event loop.
    • NEW FEATURE SO_REUSEPORT support, improving multi-worker scalability for high traffic deployments.
    • NEW FEATURE HTTPS certificate compression, reducing the size of HTTPS handshake exchange data.
    • IMPROVEMENT Improved HTTP/2 stream prioritization for a better user browsing experience.

    LSWS 5.4RC4(05-24-2019) New Features

    • NEW FEATURE Support for SO_REUSEPORT for multi-worker license.
    • NEW FEATURE HTTPS/QUIC handshake offloading.
    • NEW FEATURE TLSv1.3 certificate compression.
    • NEW FEATURE High Availability for Redis dynamic vhost setup.
    • NEW FEATURE Support for Google QUIC 046.
    • NEW FEATURE Experimental IETF QUIC draft-20.

    LSWS 5.4RC3(03-18-2019) Major New Feature, Major Improvement & Bug Fixes

    • MAJOR NEW FEATURE Dynamic Virtual Host configuration through REDIS backend.
    • MAJOR IMPROVEMENT Greatly improved HTTP/2 performance -- up to 7x faster than previous implementations.
    • BUGFIX Improved QUIC engine performance and stability.
    • BUGFIX All bug fixes and enhancements on 5.3.x branch included.

    LSWS 5.4RC2(02-04-2019) Major New Feature, Improvement, New Feature & Bug Fixes

    • MAJOR NEW FEATURE Dynamic virtual hosting through rewrite rules.
    • IMPROVEMENT Improved HTTP/2 performance.
    • NEW FEATURE QUIC proxy backend support for backend communication through QUIC.
    • BUGFIX All applicable bug fixes from the 5.3 branch.
    • BUGFIX Fixed a few server crash bugs.

    LSWS 5.4RC1(01-03-2019) New Features, Major Improvements, & Bug Fixes

    • NEW FEATURE Recaptcha verification for DDoS attack mitigation.
    • NEW FEATURE Support for Ruby/Python/Nodejs applications in native configuration.
    • NEW FEATURE Added Virtual Host level trusted IP control, managed through .htaccess.
    • MAJOR IMPROVEMENT Added LiteSpeed TLS Accelerator, maximizing HTTPS & HTTP/2 performance.
    • MAJOR IMPROVEMENT HTTP/2 performance has been improved with a better header compression/decompression work flow.
    • BUGFIX All bug fixes from LSWS 5.3.5 incremental builds included.
  • LSWS 5.3.8(05-21-2019)Improvements & Bug Fixes

    • SECURITY Added built-in filter to block attempts at hacking LiteMage with crafted ESI requests.
    • NEW FEATURE lscmctl script can now be used to install/uninstall the LiteSpeed Web Cache Manager user-end plugin for cPanel.
    • NEW FEATURE Recommend a plugin or broadcast a message to all discovered WordPress installations with the dash notify feature, available in both the lscmctl script and WHM plugin.
    • IMPROVEMENT Bundled WHM and user-end cPanel plugins have been updated to v3.3.1 and v1.2.0.2 respectively.
    • IMPROVEMENT Support request header sizes of up to 64K.
    • IMPROVEMENT Ignore <if> <else> <elseif> configuration contexts.
    • IMPROVEMENT Added support for Apache configuration directive "Require ip ...".
    • IMPROVEMENT Improved lsup.sh with stable release tier.
    • IMPROVEMENT Improved rc-inst.sh to install systemd unit file for Plesk + Debain/Ubuntu.
    • IMPROVEMENT Improved NodeJS application compatibility and mod_passenger configuration handling.
    • IMPROVEMENT Added autoconfig for PHP 7.4.
    • IMPROVEMENT Improved compatibility with LSAPI 7.3 .
    • IMPROVEMENT Improved HPACK encoding performance.
    • IMPROVEMENT Cache engine now updates "X-LiteSpeed-Cache-Control max-age" value based on actual expire time when a front-end lscache proxy exists.
    • IMPROVEMENT Improved compatibility with Apache mod_security on variables REQUEST_BODY, REQUEST_FILENAME and LAST_UPDATE_TIME.
    • IMPROVEMENT Fixed PHP handler compatibility issues with Plesk's updated configuration template.
    • IMPROVEMENT Improved WordPress brute force detection IP logging.
    • BUGFIX Fixed an Apache SSL vhost SNI configuration bug.
    • BUGFIX Fixed a QuicEngine bug that could cause broken responses.
    • BUGFIX Fixed a cache + ESI engine bug that caused random server crashes.
    • BUGFIX Fixed rewrite engine infinite loop when rewrite map file is stored in an NFS mount.
    • BUGFIX Improved detached mode process manager to accurately stop detached processes when requested.
    • BUGFIX Added User-Agent and Referer headers to server pushed requests to avoid failing possible checks in a user's custom configuration.
    • BUGFIX Fixed FreeBSD 100% cpu usage for kqueue event loops when AIO logging is enabled.
    • BUGFIX Fixed an SSL OCSP stapling bug.
    • BUGFIX Fixed broken server restart when port offset had been set.
    • BUGFIX Fixed a memory leak in the GeoIP module.

    LSWS 5.3.7(03-15-2019)Improvements & Bug Fixes

    • SECURITY Fixed a XSS vulnerability in directory auto index script.
    • IMPROVEMENT Improved QUIC transport protocol performance and reliability.
    • IMPROVEMENT Improved default configuration for servers with heavy disk I/O wait.
    • IMPROVEMENT Made IP based SSL SNI configuration exactly match Apache's.
    • IMPROVEMENT Made .rtreport symbolic links root owned to avoid LFD file warnings.
    • IMPROVEMENT Improved ESI support for JSON responses.
    • IMPROVEMENT Improved lsup.sh script to check build number against latest build.
    • UPDATE Updated bundled WHM plugin to v3.2.0.3 and user-end cPanel plugin to v1.1.1.2 to address an integration issue with the recent LSCWP release.
    • BUGFIX Fixed a file descriptor leak in piped logger.
    • BUGFIX Fixed a bug that prevented changing the Cache-Control or Expire headers within PHP.
    • BUGFIX Fixed inaccurate real-time statistics.
    • BUGFIX Fixed a rewrite engine compatibility issue.
    • BUGFIX Fixed a regression in "Redirect" directive handling.
    • BUGFIX Fixed a QUIC engine bug when handling extra long response headers.
    • BUGFIX Fixed a regression that broke the "SetHandler" directive.
    • BUGFIX Fixed a rewrite engine bug where target URLs containing "../" could cause problems.
    • BUGFIX Fixed an external loop redirect detection bug.
    • BUGFIX Fixed a mod_security bug stopping response headers from being logged to the audit_log.
    • BUGFIX Fixed a mod_security engine bug that was mistakenly skipping some rules for POST requests.
    • BUGFIX Fixed an ESI engine bug that broke detection for looping includes, causing the server to run out of memory.
    • BUGFIX Increased logging for detach mode process manager. A forced lock release will now occur if a dead lock is detected when starting detach mode processes.
    • BUGFIX Fixed systemd unit file lshttpd.service by requiring network-online.target.
    • BUGFIX Allow xx.xx.xx.xx/32 as valid IP in ACL configuration.

    LSWS 5.3.6(01-30-2019)Improvements & Bug Fixes

    • NEW FEATURE lscmctl script can now be used to set custom server and virtual host cache roots with the 'setcacheroot' command.
    • IMPROVEMENT Added "ProxyPass"/"ProxyPassMatch" support for AJP backend.
    • IMPROVEMENT Added support for "IP:port" in "X-Forwarded-For" header.
    • IMPROVEMENT Reliably switch back to Apache in the case of a LiteSpeed licensing problem.
    • IMPROVEMENT Added back support for SecFilterEngine and SecFilterScanPOST directives for backward compatibility.
    • UPDATE Updated bundled WHM plugin to v3.2.0.1 and user-end cPanel plugin to v1.1.1.
    • BUGFIX Fixed AddHandler directive behavior to be the same as AddType.
    • BUGFIX Fixed an OCSP stapling bug that caused Mozilla connection issues.
    • BUGFIX Stopped PHP from logging errors into the error log when stderr.log was disabled.
    • BUGFIX Fixed a SecRemoteRule handling bug.
    • BUGFIX Fixed a bug causing detached PHP processes to be stopped during graceful restarts, which may cause random 503 errors.
    • BUGFIX Fixed a bug in processing GeoIP2 mmdb database.
    • BUGFIX Fixed a bug introduced in v5.3.5 build 5 that broke cPanel/WHM's "redirect to closest matched domain" feature.
    • BUGFIX Fixed cPanel two factor authentication.
    • BUGFIX Minor bug fixes involving Apache compatibility issues.

    LSWS 5.3.5(12-13-2018)Improvements & Bug Fixes

    • IMPROVEMENT Improvements to HTTP/2, QUIC, and rewrite engine.
    • BUGFIX HTTP/2, QUIC, and rewrite engine bug fixes.
    • BUGFIX Fixed mod_security engine not handling skipAfter properly in the `SecAction` directive.
    • BUGFIX [Bug Fix] Fixed server failing to automatically fix cache directory permission problems.

    LSWS 5.3.4(11-16-2018)Major Feature Enhancements & Bug Fixes

    • MAJOR NEW FEATURE Added support for Google QUIC v44.
    • NEW FEATURE Improved Ruby/Python selector support and apply engine version changes on the fly.
    • NEW FEATURE Allow overriding external application environment at vhost level.
    • NEW FEATURE Log HTTP/2 in access log for HTTP/2 connection.
    • NEW FEATURE Auto detect and use cPanel signed certificate for WebAdmin.
    • NEW FEATURE Auto correct bad HTTPS proxy backend configured as HTTP.
    • IMPROVEMENT Improved compatibility with ColdFusion engine.
    • UPDATE Updated bundled WHM plugin to v3.1.3.1.
    • UPDATE Updated bundled cPanel user-end plugin to v1.0.2.
    • BUGFIX Fixed mod_security engine compatibility issue with latest COMODO ruleset.
    • BUGFIX Added "Accept-Range: bytes" header back for static files.
    • BUGFIX Fixed bug in rewrite engine loop redirection detection.

    LSWS 5.3.3(11-2-2018)Bug Fixes

    • INTEGRATION Auto ignore a set of problematic rewrite rules introduced in a recent cPanel/WHM release that were causing 404 errors. (Since addressed by cPanel)

    LSWS 5.3.2(10-23-2018)Improvements & Bug Fixes

    • IMPROVEMENT Improved Ruby application support for Plesk.
    • BUGFIX Fixed a bug that prevented cache updates due to stale cache copies.
    • BUGFIX Fixed ESI engine incorrectly handling inline objects.
    • BUGFIX Fixed a bug causing the server to be overly strict with OCSP response.
    • BUGFIX Minor bug fixes to rewrite engine and detached PHP process manager.

    LSWS 5.3.1(10-2-2018)Improvements & Bug Fixes

    • IMPROVEMENT Improved PHP handler detection and detached mode configuration.
    • IMPROVEMENT Improved compatibility with cPanel v76.
    • UPDATE Update bundled WHM plugin to v3.1.1.
    • BUGFIX Fixed cache engine bugs causing random crashes and extended object expire times.
    • BUGFIX Fixed a bug that causes inaccurate connection counter.
    • BUGFIX Fixed a bug where dropping request headers affected Python Django backend applications.
    • BUGFIX Bug fixes in QUIC engine.

    LSWS 5.3(8-15-2018)Major Feature Enhancements & Bug Fixes

    • MAJOR NEW FEATURE Keep PHP workers running through server restarts with PHP detached mode.
    • MAJOR NEW FEATURE Support for CloudLinux NodeJS selector.
    • MAJOR NEW FEATURE Added BROTLI compression for dynamic responses.
    • MAJOR NEW FEATURE PHP handler auto configuration.
    • MAJOR NEW FEATURE LiteSpeed Web Cache Manager cPanel plugin v1.0.0.
    • MAJOR NEW FEATURE Automatic GZIP and BROTLI conversion for cached pages.
    • MAJOR IMPROVEMENT Added support for TLSv1.3.
    • MAJOR IMPROVEMENT Added support for PHP CRIU in CloudLinux environments.
    • MAJOR IMPROVEMENT Added support for maxmind database GeoIP2 lookup.
    • MAJOR IMPROVEMENT Updated QUIC engine to support GoogleQUIC v43.
    • IMPROVEMENT Improved cache engine to fix bad cache storage directory and file permissions.
    • UPDATE WHM plugin v3.1.0.
    • BUGFIX All bug fixes in 5.2.x releases.

    LSWS 5.3RC2(7-19-2018)Major Feature Enhancements & Improvements

    • MAJOR NEW FEATURE Added BROTLI compression for dynamic responses.
    • MAJOR NEW FEATURE LiteSpeed Web Cache Manager cPanel plugin.
    • NEW FEATURE Automatically convert between GZIP and BROTLI for cached pages.
    • UPDATE Updated boringSSL to support TLSv1.3 draft 28.
    • UPDATE Updated QUIC engine to support Google QUIC v43.
    • UPDATE WHM plugin v3.1.0
    • IMPROVEMENT Improved HTTP/2 performance.

    LSWS 5.3RC1(5-25-2018)Major Feature Enhancements & Improvements

    • MAJOR NEW FEATURE Keep PHP workers running through server restarts with PHP detached mode.
    • MAJOR NEW FEATURE NodeJS selector support.
    • MAJOR NEW FEATURE PHP CRIU support in CloudLinux environments.
    • MAJOR NEW FEATURE PHP handler auto configuration.
    • MAJOR IMPROVEMENT QUIC engine improved.
    • MAJOR IMPROVEMENT Updated WHM Plugin to v3.0.0.
    • MAJOR IMPROVEMENT WHM Plugin cache management feature improved.