Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
litespeed_wiki:changelog [2021/06/13 21:09]
Lucas Rolff add 6.0.1/6.0.2
litespeed_wiki:changelog [2024/03/19 21:03] (current)
Michael Alegre Added release log info for LSWS v6.2.1 builds [1,2].
Line 2: Line 2:
  
 **Note:** If a build is missing, you're always able to find it here as well: https://​groups.google.com/​g/​litespeed-edge-users **Note:** If a build is missing, you're always able to find it here as well: https://​groups.google.com/​g/​litespeed-edge-users
 +===== Version 6.2.1 =====
 +=== Build 2 ===
 +  [Bug Fix] Address compatibility issues with older versions of nodejs.
 +  [Bug Fix] Apply server level log rotation setting to modsec audit log.
 +  [Bug Fix] Address a few corner cases in HTTP/3 (lsquic). ​
 +=== Build 1 ===
 +  [Bug Fix] Addressed an HTTP/3 0-RTT packet validation issue.
 +=== Build 0 ===
 +  [New Feature] Add hCaptcha support for reCAPTCHA validation.
 +  [Improvement] Add support for .mjs nodeJS application startup file. 
 +  [Bug Fix] Address a crash related to SecRemoteRules handling.
 +  [Bug Fix] Address a rare corner case causing HTTP/3 responses to hang.
  
-===== Version 6.0.2 =====+===== Version 6.2 ===== 
 +=== Build 7 === 
 +  [Bug Fix] Address a crash related to SecRemoteRules handling. 
 +=== Build 6 === 
 +  [Bug Fix] Address broken auto index script introduced in build 5. 
 +  [Bug Fix] Address a potential HTTP/3 CPU spinning issue. 
 +  [Bug Fix] Address a false positive in install script that reports a port is in use. 
 +=== Build 5 === 
 +  [Bug Fix] Do not force override LSAPI_MAX_IDLE_CHILDREN if set explicitly. 
 +  [Bug Fix] Address PHP 8.2 warning in directory auto index script. 
 +  [Bug Fix] Address an issue in handling custom status code. 
 +  [Bug Fix] Increase rewrite engine PCRE match limit to avoid PCRE_ERROR_MATCHLIMIT.  
 +  [Tuning] Add dark mode for server generated error page and directory index page.  
 +=== Build 4 ==
 +  [Bug Fix] Fix a rare corner case in HTTP/3. 
 +  [Bug Fix] Fix "​RewriteOptions IngoreInherit"​ 
 +  [Bug Fix] enable suEXEC for PHP 8.3 by default. 
 +=== Build 3 === 
 +  [Bug Fix] Fix no-abort for CGI script. 
 +  [Bug Fix] Fix Redirect 410 handling. 
 +  [Bug Fix] Fix python application with long vhost name. 
 +  [Bug Fix] Fix CPU spinning caused by HTTP/3 corner case. 
 +=== Build 2 === 
 +  [Bug Fix] Fix HTTP/3 session resumption bug introduced in 6.2 Build 1. 
 +=== Build 1 === 
 +  [Security] Disable HTTP/2 when detecting a rapid reset attack. 
 +  [Improvement] Override server level per client connection soft limit with vhost level limit. 
 +  [Tuning] Limit pipe logger buffer size to 1MB. 
 +  [Bug Fix] Fix RackRunner.rb bug introduced in 6.1.2 build 8. 
 +  [Bug Fix] Fix minor mod_security issues. 
 +=== Build 0 === 
 +  [New Feature] Update HTTP/3 implementation to support QUICv2 protocol. 
 +  [New Feature] mod_security engine now has an option to use RE2 instead PCRE regex engine. 
 +  [New Feature] Add vhost level max request body length and max dynamic response length configurations. 
 +  [New Feature] Add vhost level dedicated PHP handler configuration option. 
 +  [New Feature] Add support for rewrite flags "​BNP",​ "​backrefnoplus",​ "​BCTLS",​ and "​BNE"​. 
 +  [Improvement] Improve reCAPTCHA custom error page handling to avoid expensive dynamic processing. 
 +  [Improvement] Add missing access log format following Apache spec. 
 +  [Improvement] Enhance Apache expression support with dynamic regular expression matching. 
 +  [Improvement] Apache expression support in RewriteCond. 
 +  [Improvement] Virtual host level reCAPTCHA trigger by concurrent connections. 
 +  [Security] More strict request header validation. 
 +  [Bug Fix] Fix a compatibility issue with Rack version >3.0 for Ruby applications. 
 +  [Bug Fix] Allow use of stdout/​stderr as log file names. 
 +  [Bug Fix] Address large request header compatibility issue with PHP-FPM. 
 +  [Tuning] Add PHP 8.3 support. 
 +  [Tuning] Lift default virtual memory limit for external applications. 
 +  [Bug Fix] Minor bug fixes to cache engine, mod_security engine, and request handling.
  
 +===== Version 6.1.2 =====
 +=== Build 8 ===
 +  [New Feature] Add support for rewrite flags "​BNP",​ "​backrefnoplus",​ "​BCTLS",​ and "​BNE"​.
 +  [Bug Fix] Fix cp_switch_ws.sh switch back to Apache failure.
 +  [Bug Fix] Fix a compatibility issue with Rack version >3.0 for Ruby applications. ​
 +  [Bug Fix] Allow use of stdout/​stderr as log file names.
 +  [Bug Fix] Fix a mod_security engine Multi-thread race condition.
 +=== Build 7 ===
 +  [Bug Fix] Address a bug in expression parser introduced in build 5.
 +=== Build 6 ===
 +  [Bug Fix] Address a bug in RewriteCond expression parser.
 +  [Bug Fix] Address a bug in SSI engine.
 +=== Build 5 ===
 +  [Improvement] Enhance Apache expression support with dynamic regular expression matching.
 +  [Improvement] Apache expression support in RewriteCond.
 +  [Improvement] Virtual host level reCAPTCHA trigger by concurrent connections.
 +  [Bug Fix] Fix FreeBSD + ZFS crash due to unsupported posix_fallocate() syscall.
 +  [Tuning] Add PHP 8.3 support.
 +  [Tuning] Tweak graceful restart to avoid being killed by systemd during service restart.
 +=== Build 4 ===
 +  [Security] Properly handle multiple HOST headers.
 +  [Tuning] Lift default virtual memory limit for external applications.
 +  [Improvement] Add "​wordpress_logged_in_*"​ session cookie detection. ​
 +  [Bug Fix] Address two rare crashes relating to ESI handling.
 +=== Build 3 ===
 +  [Improvement] Improve reCAPTCHA custom error page handling to avoid expensive dynamic processing. ​
 +  [Bug Fix] Address broken Plesk feature "deny access to the site".
 +  [Bug Fix] Improve install script to now automatically install missing dependencies. ​
 +=== Build 2 ===
 +  [Security] Address request header smuggling over HTTP/2 and HTTP/3.
 +  [Bug Fix] Address broken FastCGI POST for large request body, introduced in 6.1.2 build 1. 
 === Build 1 === === Build 1 ===
-  [Bug Fix] Address ​LiteSpeed worker high CPU usage due to malloc() spinlock dead lock.+  ​[New Feature] Add vhost level max request body length and max dynamic response length configurations. 
 +  [New Feature] Add vhost level dedicated PHP handler configuration option.  
 +  [Improvement] Install necessary ruby-lsapi gem package for alt-ruby 3.1+. 
 +  [Bug Fix] Address large request header compatibility issue with PHP-FPM. 
 +  ​[Bug Fix] Address a false positive for per client soft limit blocking. 
 +=== Build 0 === 
 +  [Improvement] Allow total header sizes > 64KB.  
 +  [Improvement] Add support for websocket upgrade using <​LocationMatch>​ and ProxyPassMatch ​(used by Plesk)
 +  [Improvement] Add support for Unix domain socket proxy target address (used by DirectAdmin). 
 +  [Bug Fix] Address a corner case in LSAPI 304 response handling. 
 +  [Bug Fix] Address unique ID duplication in mod_security audit log.  
 +  [Bug Fix] Address a corner case in mod_security request header matching.  
 +  [Bug Fix] Address a license key verification issue during server reboot. 
 +  [Bug Fix] Update ls-qpack to address a corner case.  
 +  [Bug Fix] Address a request header parser corner case for a look-alike header.  
 +  [Bug Fix] Address broken mailman support for Plesk 
 +  [Bug Fix] Address two corner cases in layer 4 proxy.  
 +  [Bug Fix] Address an issue with proxy forwarding to the Plesk admin panel. 
 +  [Tuning] Better handling of buggy HTTP/2 clients with poor flow control implementations.
  
 +===== Version 6.1.1 =====
 === Build 0 === === Build 0 ===
 +  [New Feature] Add SSL strict SNI mode option to fail SSL connections when there is no vhost level SSL certificate.
 +  [New Feature] Add a vhost level AllowBlockedUrl option to allow blocked URL passthrough. ​
 +  [Improvement] Add support for unix domain socket for redis dynamic vhost. ​
 +  [Improvement] Update WebAdmin Console login to use BCRYPT password hash.
 +  [Improvement] Add support for "​Require local" configuration directive.
 +  [Bug Fix] Avoid blocking on socket read for internal fetcher.
 +  [Bug Fix] Address broken "​RewriteOption inherit"​ corner case.
 +  [Bug Fix] Address duplicate unique ID field in mod_security audit log.
 +  [Bug Fix] Address a python application frequent restart issue.
 +  [Bug Fix] Address a python application upload hang issue.
 +  [Bug Fix] Fix SecRemoteRules certificate verification failure.
 +  [Bug Fix] Fix broken sub-directory password protection configuration for Plesk WordPress toolkit.
 +  [Bug Fix] Address an issue switching apache/lsws systemd unit file for Plesk.
 +  [Bug Fix] Address an issue with Plesk watchdog monitoring httpd service.
  
 +===== Version 6.1 =====
 +=== Build 6 ===
 +  [Bug Fix] Adjust unix domain socket address length for PHP suEXEC handler.
 +=== Build 5 ===
 +  [Bug Fix] Address a python application upload hanging issue.
 +  [Bug Fix] Fix SecRemoteRules certificate verification failure.
 +  [Bug Fix] Fix broken sub-directory password protection configuration for Plesk WordPress toolkit.
 +=== Build 4 ===
 +  [Bug Fix] Address a crash when handling .htaccess updates.
 +=== Build 3 ===
 +  [Bug Fix] Address an issue switching apache/lsws systemd unit file for Plesk. ​
 +  [Bug Fix] Address an issue with Plesk watchdog monitoring httpd service.
 +=== Build 2 ===
 +  [Improvement] ARM64 (aarch64) package is now available.
 +  [Improvement] Update WebAdmin Console login to use BCRYPT password hash.
 +  [Bug Fix] Update php3_mode and php4_mode for DirectAdmin panel in script cp_switch_lsws.sh.
 +=== Build 1 ===
 +  [Improvement] Add support for "​Require local" configuration directive.
 +  [Bug Fix] Avoid blocking on socket read for internal fetcher.
 +  [Bug Fix] Address broken "​RewriteOption inherit"​ corner case.
 +  [Bug Fix] Update lsquic to v3.3.1 to address a corner case hang caused by flow control congestion. ​
 +=== Build 0 ===
 +  [New Feature] Add PROXY protocol support.
 +  [New Feature] Add custom response status code support.
 +  [New Feature] Apply OOMScoreAdjust for lsws service to avoid being OOM killed.
 +  [New Feature] Trigger reCAPTCHA through mod_security engine via an environment variable.
 +  [Improvement] Inherit .htaccess belonging to parent context.
 +  [Improvement] Make SSI environment available to included CGIs/​scripts.
 +  [Improvement] Add conditional access logging using Expression.
 +  [Improvement] Configurable reCAPTCHA timeout.
 +  [Improvement] Add "​DisableForwardedIpBan"​ Apache style configuration directive to avoid blocking IPs forwarded by front-end proxies.
 +  [Improvement] Enhance '​disableCgiOverride'​ to cover options +ExecCGI and +Include.
 +  [Improvement] Add Apache style configurations "​LogKeepDays"​ and "​LogCompressArchive"​.
 +  [Improvement] Escape multiline STDERR messages.
 +  [Improvement] Detect update failures in lsup.sh.
 +  [Improvement] Improve WebAdmin Console realtime stats with a new JavaScript library.
 +  [Bug Fix] Set "​HOME"​ environment for CGI/​External apps when possible.
 +  [Bug Fix] Fix connection timeout false-positives for active HTTP3 connections.
 +  [Bug Fix] Fix domain limited licensing for Plesk servers.
 +  [Bug Fix] Update lsquic to v3.3.0 . 
 +  [Tuning] Disable TLSv1.1 by default.
 +
 +===== Version 6.1RC3 =====
 +=== Build 0 ===
 +  [New Feature] Add custom response status code support.
 +  [New Feature] Apply OOMScoreAdjust for lsws service to avoid having the server killed when low on memory.
 +  [Improvement] Escape multiline STDERR messages. ​
 +  [Improvement] Add "​DisableForwardedIpBan"​ Apache style configuration directive to avoid blocking IPs forwarded by front-end proxies.
 +  [Bug Fix] Address a few corner cases in HTTP/3 implementation.  ​
 +  [Bug Fix] Address an HTTP/2 decoder bug. 
 +  [Bug Fix] Include all bug fixes applied to 6.0.12 stable releases.
 +
 +===== Version 6.1RC2 =====
 +=== Build 0 ===
 +  [New Feature] PROXY protocol support.
 +  [Improvement] Make SSI environment available to included CGIs/​scripts.
 +  [Improvement] Enhance '​disableCgiOverride'​ to cover options +ExecCGI and +Include. ​
 +  [Improvement] Better handling of content-type with charset.
 +  [Improvement] Add "​x-frame-options"​ header for reCAPTCHA page.
 +  [Bug Fix] Inherit .htaccess belonging to parent context.
 +  [Bug Fix] Address bad target URL with native proxy configuration for '/'​ context. ​
 +  [Bug Fix] Avoid installing Ruby Rack 3.0 gem to avoid compatibility issues. ​
 +  [Bug Fix] Avoid using IPv6 mapped IPv4 addresses for HTTP/3 connections. ​
 +  [Bug Fix] Address memory leak in QUIC SHM. 
 +
 +===== Version 6.1RC1 =====
 +=== Build 1 ===
 +  [New Feature] Add "​LSPHP_ProcessGroup unmanaged"​ mode to support php-fpm like services for Apache vhost.
 +  [Bug Fix] Address an HTTP/2 header value compliance corner case that caused broken curl HTTP/2 connections.
 +  [Improvement] Add support for alt-python 3.10.
 +  [Bug Fix] Address HTTP/3 corner cases with lsquic v3.1.4 update.
 +=== Build 0 ===
 +  [New Feature] Trigger reCAPTCHA through mod_security engine via an environment variable.
 +  [Improvement] Add parent context .htaccess inheritance.
 +  [Improvement] Add conditional access logging using Expression.
 +  [Improvement] Configurable reCAPTCHA timeout.
 +  [Improvement] Add "​LogKeepDays",​ "​LogCompressArchive"​ Apache style configurations.
 +  [Tuning] Disable TLSv1.1 by default.
 +  [Bug Fix] Set "​HOME"​ environment for CGI/​External apps when possible.
 +  [Bug Fix] Update lsquic to the latest v3.1.2 release.
 +  [Bug Fix] Include all bug fixes applied to 6.0.12 stable releases.
 +
 +===== Version 6.0.12 =====
 +=== Build 13 ===
 +  [Bug Fix] Detect and ignore truncated log file path for DirectAdmin.
 +  [Bug Fix] Fix broken server switching script for cPanel + Ubuntu.
 +  [Bug Fix] Do not count Plesk internal Virtual Hosts against license domain limit.
 +  [Bug Fix] Fix broken connection timeout for HTTP/3 connections.
 +=== Build 12 ===
 +  [Bug Fix] Address default charset issue for static files. (Introduced in v6.0.12 build 4)
 +  [Bug Fix] Address a mod_security corner case. 
 +=== Build 11 ===
 +  [Improvement] Add support for PHP 8.2 handler auto-detection.
 +  [Bug Fix] Address broken lowercase transformation for certain mod_security variables.
 +=== Build 10 ===
 +  [Bug Fix] Properly handle "​%{local}p"​ access log format.
 +  [Bug Fix] Handle white spaces when detecting existing header values.
 +  [Bug Fix] Fix broken "​Trusted"​ IP configuration in .htaccess.
 +  [Improvement] Add "​x-frame-options"​ header for reCAPTCHA page.
 +  [Improvement] Make SSI environment available to included CGIs/​scripts.
 +  [Bug Fix] Address crash in parsing bad rewrite map data.
 +  [Bug Fix] Address memory leak in QUIC SHM. 
 +=== Build 9 ===
 +  [Bug Fix] Address a response header bug introduced in build 8 that causes errors serving from cached page.
 +=== Build 8 ===
 +  [Bug Fix] Address malformed HTTP/1.1 response header caused by header value modification operations introduced in build 7.
 +  [Bug Fix] Address bad target URL with native proxy configuration for '/'​ context.
 +  [Bug Fix] Avoid installing Ruby Rack 3.0 gem (compatibility issues).
 +  [Bug Fix] Avoid using IPv6 mapped IPv4 addresses for HTTP/3 connections. ​
 +=== Build 7 ===
 +  [Bug Fix]  Address an HTTP/2 header value compliance corner case that caused broken curl HTTP/2 connections. ​
 +=== Build 6 ===
 +  [Improvement] Add support for alt-python 3.10 .
 +  [Bug Fix] Address HTTP/3 corner cases with lsquic v3.1.4 update.
 +  [Bug Fix] Limit the size of unix domain socket address for PHP suEXEC handler.
 +  [Bug Fix] Address a minor display issue in WebAdmin.
 +=== Build 5 ===
 +  [Bug Fix] Address a regression in SHM operations that caused random crashes, introduced in build 4.
 +=== Build 4 ===
 +  [Bug Fix] Minor corner case fixes in HTTP/3 protocol implementation.
 +  [Bug Fix] Address bug in "​AddDefaultCharset"​ support for all "​text/​*"​ MIME types.
 +  [Bug Fix] More strict header filtering for HPACK/QPACK encoding to avoid protocol violations.
 +  [Tuning] Disable TLSv1.1 by default.
 +=== Build 3 ===
 +  [Bug Fix] Address a random crash bug.
 +  [Bug Fix] Address an auto index permissions issue for Redis mass vhosting.
 +  [Tuning] No longer enable SPDY protocol by default.
 +  [Bug Fix] Apply a minor fix to HTTP/3 protocol.
 +=== Build 2 ===
 +  [New Feature] Adjust external app OOM score via LS_OOM_SCORE_ADJ environment configuration.
 +  [Bug Fix] Address a random crash in mod_security engine.
 +  [Bug Fix] Address an SSL error handling problem to avoid high CPU usage.
 +=== Build 1 ===
 +  [Bug Fix] Address a chunked encoding parser bug that could cause an infinite loop.
 +  [Bug Fix] Address a bug when processing delayed request bodies that could cause random crashes.
 +  [Bug Fix] Address a suEXEC bug with native vhost configurations.
 +  [Bug Fix] Update mod_security JSON audit log to include required data for imunify360 log parser.
 +  [Tuning] Update log messages for bot detection to avoid confusion.
 +=== Build 0 ===
 +  [Security] Address a few crashes and memory leaks in HTTP/3 implementation.
 +  [Security] Add more strict virtual host name validation in WebAdmin to address a potential XSS vulnerability.
 +  [Improvement] Add server level control to return 404 or 403 when directory auto-index is disabled.
 +  [Improvement] Better stale cache purge handling.
 +  [Improvement] Add pagination for long auto indexed pages.
 +  [Improvement] Support following ErrorDocument customizations in .htaccess for early stage internal errors.
 +  [Tuning] Enable suEXEC for PHP 8.1 by default.
 +  [Tuning] Do not enable cPanel HTTP server monitoring in update script.
 +  [Tuning] Adjust internal shell scripts for better ubuntu compatibility.
 +  [Bug Fix] Address broken alt-python application caused by the new way virtualenv was built.
 +  [Bug Fix] Address broken vhost level mod_security configuration.
 +  [Bug Fix] Address random crashes in mod_security engine.
 +  [Bug Fix] Address a rare multi-threaded mod_security engine race condition.
 +  [Bug Fix] Add more validation checks to avoid accidentally killing system process when stopping detached external application processes.
 +  [Bug Fix] Improve auto index script to avoid calling function ini_set().
 +  [Bug Fix] Address crashes in ESI/SSI engine.
 +  [Bug Fix] Address POST cache issues.
 +  [Bug Fix] Block request header "​transfer-encoding:​ chunked"​ for HTTP/2 and HTTP/3.
 +  [Bug Fix] Enforce HTTP authentication for OPTIONS requests.
 +
 +===== Version 6.0.11 =====
 +=== Build 9 ===
 +  [Security] Address a crash in HTTP/3 implementation.
 +  [Improvement] Add server level control to return 404 or 403 when directory auto-index is disabled.
 +  [Bug Fix] A few minor fixes to HTTP/3 implementation.
 +  [Bug Fix] Address a bug in SSI engine that caused random crashes.
 +  [Bug Fix] Address broken alt-python 2.7 applications.
 +=== Build 8 ===
 +  [Bug Fix] Address broken alt-python application caused by the new way virtualenv was built.
 +  [Bug Fix] Address broken vhost level mod_security configuration.
 +  [Bug Fix] Add more validation checks to avoid accidentally killing system process when stopping detached external application processes.
 +  [Bug Fix] Improve auto index script to avoid calling function ini_set().
 +  [Bug Fix] Address a rare multi-threaded mod_security engine race condition.
 +  [Bug Fix] Address a crash in ESI/SSI engine.
 +=== Build 7 ===
 +  [Bug Fix] Address broken alt-python application.
 +  [Bug Fix] Address POST cache issues.
 +  [Bug Fix] Block request header "​transfer-encoding:​ chunked"​ for HTTP/2 and HTTP/3.
 +  [Bug Fix] Address an SSI engine crash.
 +=== Build 6 ===
 +  [Improvement] Better stale cache purge handling.
 +  [Improvement] Add pagination for long auto indexed pages.
 +  [Bug Fix] Address a random crash in mod_security engine.
 +  [Tuning] Do not enable cPanel HTTP server monitoring in update script.
 +  [Tuning] Adjust internal shell scripts for better ubuntu compatibility. ​
 +=== Build 5 ===
 +  [Bug Fix] Increase HTTP/3 max concurrent streams from 100 to 500 to work around a chrome bug.
 +  [Bug Fix] Enforce HTTP authentication for OPTIONS requests.
 +  [Bug Fix] Address a crash triggered by a debug log message.
 +  [Misc] Update bundled lsws_whm_plugin_install.sh script and attempt to download the latest version of this script before use. 
 +=== Build 4 ===
 +  [Security] Add more strict virtual host name validation in WebAdmin to address a potential XSS vulnerability.
 +  [New Feature] Add CloudLinux alt-python3.9 support.
 +  [Bug fix] Address a python application server configuration issue.
 +  [Bug fix] Address a "sub request timeout"​ crash.
 +=== Build 3 ===
 +  [Bug Fix] Address a random crash when handling connection level timer events.
 +  [Improvement] Support following ErrorDocument customizations in .htaccess for early stage internal errors.
 +  [Tuning] Enable suEXEC for PHP 8.1 by default. ​
 +=== Build 2 ===
 +  [New Feature] Add "​SecEngineHtaccessOverride on/​off"​ directive to allow/​disable turning on/off mod_security engine from .htaccess. Default to "​on"​.
 +  [New Feature] Add "​ModSec19Compatible on/​off"​ directive to support mod_security 1.9 style configurations. Default to "​off"​.
 +  [Bug Fix] Address a layer4 tunnel bug that was causing random crashes.
 +  [Bug Fix] Address a random crash in handling connection level timer events. ​
 +=== Build 1 ===
 +  [Bug Fix] Address a vhost level mod_security engine control corner case. 
 +=== Build 0 ===
 +  [New Feature] Add websocket proxy target support for rewrite rules.
 +  [Improvement] Improve HTTP/2 upload throughput.
 +  [Improvement] Improve HTTP/3 upload throughput.
 +  [Bug Fix] Address HTTP/3 handshake failures.
 +  [Bug Fix] Address an HTTP/1.1 request body chunk encoding corner case that caused unexpected 400 status for the next request made when over a keep-alive connection.
 +  [Bug Fix] Throttle unnecessary lscache purges generated by LSCWP.
 +  [Bug Fix] Improve cp_switch_ws.sh script compatibility with different shell interpreters.
 +  [Bug Fix] Avoid caching incomplete/​broken homepages for more than 1 minute.
 +  [Bug Fix] Address broken vhost level private cache lookup configuration.
 +
 +===== Version 6.0.10 =====
 +=== Build 2 ===
 +  [Bug Fix] Address HTTP/3 handshake failures.
 +  [Bug Fix] Improve HTTP/2 upload throughput.
 +=== Build 1 ===
 +  [Bug Fix] Address an HTTP/3 throughput regression introduced in v6.0.10.
 +  [Bug Fix] Improve HTTP/2 upload throughput.
 +  [Bug Fix] Throttle unnecessary lscache purges generated by LSCWP.
 +  [Bug Fix] Improve cp_switch_ws.sh script compatibility with different shell interpreters.
 +  [Bug Fix] Avoid caching incomplete/​broken homepages for more than 1 minute.
 +  [Bug Fix] Address broken vhost level private cache lookup configuration.
 +=== Build 0 ===
 +  [Improvement] Optimize SSL and HTTP/2 read speeds.
 +  [Bug Fix] Address a few bandwidth throttling issues.
 +  [Bug Fix] Address high CPU usage for server worker processes.
 +  [Bug Fix] Address issues with ModSecurity logging and persistent variable handling.
 +  [Bug Fix] Address a few minor HTTP/3 corner cases.
 +  [Bug Fix] Convert chunked encoding request bodies for proxy backends.
 +  [Bug Fix] Address a Server Side Includes corner case that could sometimes truncate large files.
 +  [Bug Fix] Do not block client access if reCAPTCHA is not properly configured when using WP full protection.
 +
 +===== Version 6.0.9 =====
 +=== Build 3 ===
 +  [Bug Fix] Address a few minor HTTP/3 corner cases.
 +  [Bug Fix] Avoid unnecessary error log warnings (introduced in v6.0.8).
 +  [Bug Fix] Convert chunked encoding request bodies for proxy backends.
 +  [Bug Fix] Address a Server Side Includes corner case that could sometimes truncate large files.
 +  [Bug Fix] Do not block client access if reCAPTCHA is not properly configured when using WP full protection.
 +=== Build 2 ===
 +  [Bug Fix] Address "​cannot find installed module for python application"​ regression (introduced in v6.0.9).
 +=== Build 1 ===
 +  [Bug Fix] Address mod_security request body scan getting randomly skipped (introduced in v6.0.8).
 +=== Build 0 ===
 +  [Bug Fix] Address cache engine corner case that randomly disabled cache or ignored purge requests.
 +  [Bug Fix] Cache engine should no longer purge again when serving a cached page with purge headers.
 +  [Bug Fix] Properly pass environment variables for python applications configured via CloudLinux python selector.
 +  [Bug Fix] Update ea-ruby24 to ea-ruby27 for cPanel Ruby application manager.
 +  [Bug Fix] Address POST requests randomly hanging.
 +  [Bug Fix] "​%{CONTENT_TYPE}"​ is now properly supported in Apache expressions.
 +  [New Feature] Add support for '​LogRotationSize'​ Apache directive at the server level to control access log rotation.
 +
 +===== Version 6.0.8 =====
 +=== Build 3 ===
 +  [Bug Fix] Address SSI expression back reference crash.
 +  [Bug Fix] Avoid long disk I/O blocking for cache storage cleaning up.
 +  [Bug Fix] Tweak PHP handler mapping to only use alt-php handler when available.
 +  [Bug Fix] Address target URL behavior change for conditional redirects.
 +=== Build 2 ===
 +  [Bug Fix] Address POST requests randomly hanging.
 +  [Bug Fix] "​%{CONTENT_TYPE}"​ is now properly supported in Apache expressions.
 +  [New Feature] Add LogRotationSize Apache directive at the server level to control access log rotation.
 +=== Build 1 ===
 +  [Bug Fix]  Address a regression introduced in v6.0.8 that can cause random crashing.
 +=== Build 0 ===
 +  [Bug Fix] Address a mod_security corner case causing hanging worker processes.
 +  [Bug Fix] Disable mod_security engine for requests rewritten to ReCAPTCHA.
 +  [Bug Fix] Address an ESI encoding corruption bug that mainly affected Prestashop caching.
 +  [Improvement] Internal redirects now carry over "​Last-Modified"​ and "​Content-type"​ response headers set by scripts.
 +  [Improvement] Add "​ProxyAddHeaders on|off"​ support to avoid sending "​x-Forwarded-for"​ and "​x-forwarded-host"​ proxy headers.
 +  [Improvement] Add `CachePost on|off` support to allow POST cache configuration in Apache configuration files.
 +  [Improvement] Avoid an unintended delay when processing the first request for a newly started PHP worker group.
 +
 +===== Version 6.0.7 =====
 +=== Build 1 ===
 +  [Bug Fix] Address an ESI encoding corruption bug that mainly affected Prestashop caching.
 +=== Build 0 ===
 +  [Bug Fix] Address additional random crashes in asynchronous mod_security engine.
 +  [Bug Fix] Address an HTTP/3 sendfile corner case.
 +  [Bug Fix] Address a problem with custom error page for OPTIONS request method.
 +
 +===== Version 6.0.6 =====
 +=== Build 0 ===
 +  [Bug Fix] Address a few random crashes in asynchronous mod_security engine.
 +  [Bug Fix] Address random server hangs when AIO is in use
 +  [Improvement] Cleanup SSL OCSP data cache folder.
 +
 +===== Version 6.0.5 =====
 +=== Build 2 ===
 +  [Bug Fix]  Address a random crash introduced in v6.0.5 build 1.
 +=== Build 1 ===
 +  [Bug Fix]  Address random server hangs when AIO is in use.
 +=== Build 0 ===
 +  [Bug Fix] Address a random crash with asynchronous mod_security engine.
 +  [Bug Fix] Resolve a problem with sending truncated static files over HTTP/3 connections.
 +  [Bug Fix] Resolve a problem with purging by URL.
 +  [Bug Fix] Address a crash when handling decoded HTTP/2 headers.
 +
 +===== Version 6.0.4 =====
 +=== Build 0 ===
 +  [Bug Fix] Address a chrome HTTP/3 connection timeout issue for long running scripts.
 +  [Bug Fix] Address a multi-thread race condition in mod_security engine.
 +  [Bug Fix] Detect dead HTTP/2 connections during server cool-down.
 +  [Bug Fix] Improve request/​response header name validation to avoid HTTP/2 and HTTP/3 protocol violations.
 +
 +===== Version 6.0.3 =====
 +=== Build 0 ===
 +  [New Feature] Optionally enable UNIQUE_ID environment variable for Apache mod_unique_id compatibility.
 +  [New Feature] Add server variable REDIRECT_REQUEST_METHOD for better Apache compatibility.
 +  [Bug Fix] Address an infinite loop when processing conditional context expressions.
 +  [Bug Fix] Address crashes in mod_security engine, SSL session cache, and response header processing.
 +  [Bug Fix] Address LiteSpeed worker high CPU usage due to a malloc() spinlock dead lock.
 +  [Bug Fix] Better follow PassengerAppLogFile configuration for Python/Ruby applications.
 +  [Bug Fix] Follow server level compressible configuration for MIME types defined in .htaccess.
 +  [Bug Fix] Improve chunk encoded request body handling for PHP scripts.
 +  [Bug Fix] Minor tweaks to HTTP/3 protocol.
 +
 +===== Version 6.0.2 =====
 +=== Build 2 ===
 +  [Bug Fix] Address a crash in response header processing.
 +  [Bug Fix] Better follow PassengerAppLogFile configuration for Python/Ruby applications.
 +  [Bug Fix] Follow server level compressible configuration for MIME types defined in .htaccess.
 +  [Bug Fix] Improve chunk encoded request body handling for PHP scripts.
 +  [Bug Fix] Minor tweaks to HTTP/3 protocol.
 +=== Build 1 ===
 +  [Bug Fix] Address LiteSpeed worker high CPU usage due to a malloc() spinlock dead lock.
 +=== Build 0 ===
   [New Feature] Enable HTTP/3 v1 by default.   [New Feature] Enable HTTP/3 v1 by default.
   [Improvement] Allow header customization for reCAPTCHA pages.   [Improvement] Allow header customization for reCAPTCHA pages.
Line 17: Line 472:
  
 ===== Version 6.0.1 ===== ===== Version 6.0.1 =====
- 
 === Build 0 === === Build 0 ===
   [New Feature] Add support for PassengerAppLogFile directive.   [New Feature] Add support for PassengerAppLogFile directive.
Line 79: Line 533:
 === Build 1 === === Build 1 ===
   [Security] Fix a bug that allowed bypassing of built-in blocked URLs.  ​   [Security] Fix a bug that allowed bypassing of built-in blocked URLs.  ​
- 
 === Build 0 === === Build 0 ===
   [New Feature] HTTP/3 v1 support with with DPLPMTUD, Adaptive congestion control, Delayed ACK, and zero-copy packetization.   [New Feature] HTTP/3 v1 support with with DPLPMTUD, Adaptive congestion control, Delayed ACK, and zero-copy packetization.
Line 97: Line 550:
   [Bug Fix] All applicable bug fixes from 5.4.X releases.   [Bug Fix] All applicable bug fixes from 5.4.X releases.
  
-=== RC3 ===+===== Version 6.0RC3 ===== 
 +=== Build 0 ===
   [New Feature] Support external application configuration using domain name for target address.   [New Feature] Support external application configuration using domain name for target address.
   [New Feature] HTTP/3 draft 32 support.   [New Feature] HTTP/3 draft 32 support.
Line 106: Line 560:
   [Improvement] Fix various HTTP/3 congestion control corner cases to maximize throughput.   [Improvement] Fix various HTTP/3 congestion control corner cases to maximize throughput.
  
-=== RC2 ===+===== Version 6.0RC2 ===== 
 +=== Build 0 ===
   [New Feature] ModSecurity scan response body support.   [New Feature] ModSecurity scan response body support.
   [New Feature] HTTP/3 draft 31 support.   [New Feature] HTTP/3 draft 31 support.
Line 113: Line 568:
   [Major Improvement] Revamp of SSL Multi-Cert support.   [Major Improvement] Revamp of SSL Multi-Cert support.
  
-=== RC1 ===+===== Version 6.0RC1 ===== 
 +=== Build 0 ===
   [Major New Feature] Apache 2.4 conditional context <If> <​Ifelse>​ <​Else>​ support.   [Major New Feature] Apache 2.4 conditional context <If> <​Ifelse>​ <​Else>​ support.
   [Major New Feature] Asynchronous mod_security engine.   [Major New Feature] Asynchronous mod_security engine.
Line 122: Line 578:
  
 ===== Version 5.4.12 ===== ===== Version 5.4.12 =====
- 
 === Build 8 === === Build 8 ===
   [Bug Fix] Properly apply whitelist for Quic.cloud and Cloudflare IPs when server level ACL is blank.   [Bug Fix] Properly apply whitelist for Quic.cloud and Cloudflare IPs when server level ACL is blank.
Line 128: Line 583:
   [Bug Fix] Correct a cPanel NodeJS application configuration problem.   [Bug Fix] Correct a cPanel NodeJS application configuration problem.
   [Bug Fix]  Fix Ubuntu Plesk Grafana integration.   [Bug Fix]  Fix Ubuntu Plesk Grafana integration.
- 
 === Build 7 === === Build 7 ===
   [Bug Fix] Address a native pipe logger configuration failure.   [Bug Fix] Address a native pipe logger configuration failure.
- 
 === Build 6 === === Build 6 ===
   [Bug Fix] Increase rewrite engine match limit to avoid unexpected mismatch.   [Bug Fix] Increase rewrite engine match limit to avoid unexpected mismatch.
- 
 === Build 4 === === Build 4 ===
   [Bug Fix] Address broken virtual host level reCAPTCHA sensitivity trigger.  ​   [Bug Fix] Address broken virtual host level reCAPTCHA sensitivity trigger.  ​
- 
 === Build 3 === === Build 3 ===
   [Security] Fix a bug that allowed bypassing of built-in blocked URLs.  ​   [Security] Fix a bug that allowed bypassing of built-in blocked URLs.  ​
- 
- 
 === Build 2 === === Build 2 ===
   [Bug Fix]  Correct problematic PCRE flag causing false positives in mod_security.   [Bug Fix]  Correct problematic PCRE flag causing false positives in mod_security.
 === Build 1 === === Build 1 ===
- 
   [Bug Fix] Address external application command sanitizer blocking some PHP binary paths.   [Bug Fix] Address external application command sanitizer blocking some PHP binary paths.
- 
 === Build 0 === === Build 0 ===
- 
   [Security] Fix a bug that allowed bypassing of built-in blocked URLs.   [Security] Fix a bug that allowed bypassing of built-in blocked URLs.
   [Security] Block improperly configured user/group and commands for external apps.   [Security] Block improperly configured user/group and commands for external apps.
Line 166: Line 612:
 ===== Version 5.4.11 ===== ===== Version 5.4.11 =====
 === Build 9 === === Build 9 ===
- 
   [Security] Fix a bug that allowed bypassing of built-in blocked URLs.   [Security] Fix a bug that allowed bypassing of built-in blocked URLs.
   [Bug Fix] Address a random crash in Layer 4 forwarding to websocket backends.   [Bug Fix] Address a random crash in Layer 4 forwarding to websocket backends.
Line 175: Line 620:
   [Bug Fix] Make "​AddDefaultCharset"​ work for javscript and json response.   [Bug Fix] Make "​AddDefaultCharset"​ work for javscript and json response.
   [Tuning] Finetune vhost reCAPTCHA sensitivity.   [Tuning] Finetune vhost reCAPTCHA sensitivity.
- 
 === Build 8 === === Build 8 ===
- 
   [Bug Fix] cPanel webmail proxy domain email attachment uploads no longer hang.   [Bug Fix] cPanel webmail proxy domain email attachment uploads no longer hang.
   [Bug Fix] Update wsgi-lsapi to v1.9 to address a unicode encoding problem for Django applications.   [Bug Fix] Update wsgi-lsapi to v1.9 to address a unicode encoding problem for Django applications.
   [Bug Fix] Update bundled WHM plugin to v4.1.3.1.   [Bug Fix] Update bundled WHM plugin to v4.1.3.1.
   [Debug] Improve private PURGE debug log messages with private cookie values.   [Debug] Improve private PURGE debug log messages with private cookie values.
- 
 === Build 7 === === Build 7 ===
- 
   [Security] Block improperly configured user/group and commands for external apps.   [Security] Block improperly configured user/group and commands for external apps.
   [Bug Fix] Improve ESI parser to handle improperly escaped ESI directives.   [Bug Fix] Improve ESI parser to handle improperly escaped ESI directives.
   [Bug Fix] Fix NodeJS application helper script which may call undefined function.   [Bug Fix] Fix NodeJS application helper script which may call undefined function.
   [Bug Fix] Avoid race condition when multiple workers try to start a detached external application.   [Bug Fix] Avoid race condition when multiple workers try to start a detached external application.
- 
 === Build 6 === === Build 6 ===
- 
   [Bug Fix] Properly support REQUEST_COOKIES collection in mod_security engine.   [Bug Fix] Properly support REQUEST_COOKIES collection in mod_security engine.
   [Bug Fix] Mod_security @rx operator now properly matches multi-line input.   [Bug Fix] Mod_security @rx operator now properly matches multi-line input.
Line 197: Line 636:
   [Bug Fix] Start Ruby applications through a login bash shell to apply the necessary shell environment variables.   [Bug Fix] Start Ruby applications through a login bash shell to apply the necessary shell environment variables.
   [Bug Fix] Update ruby-lsapi gem to 5.2 for alt-ruby and Plesk ruby installations.   [Bug Fix] Update ruby-lsapi gem to 5.2 for alt-ruby and Plesk ruby installations.
- 
 === Build 5 === === Build 5 ===
- 
   [Bug Fix] Use long delay for access logging when AIO logging is enabled.   [Bug Fix] Use long delay for access logging when AIO logging is enabled.
   [Bug Fix] Only throttle POST requests to wp-login.php for WordPress brute force protection.   [Bug Fix] Only throttle POST requests to wp-login.php for WordPress brute force protection.
Line 205: Line 642:
   [Bug Fix] Corner case that caused chunked input streams to hang (introduced in 5.4.11 build 3.) has been fixed.   [Bug Fix] Corner case that caused chunked input streams to hang (introduced in 5.4.11 build 3.) has been fixed.
   [Improvement] Allow the unsetting of non-indexed requested headers via the "​RequestHeader unset ..." directive.   [Improvement] Allow the unsetting of non-indexed requested headers via the "​RequestHeader unset ..." directive.
- 
 === Build 4 === === Build 4 ===
- 
   [Bug Fix] A timing issue with SSL ticket key rotation that causes brief SSL connection errors.   [Bug Fix] A timing issue with SSL ticket key rotation that causes brief SSL connection errors.
- 
 === Build 3 === === Build 3 ===
- 
   [Bug Fix] Rewrite rule triggered reCAPTCHA causing rare server hang.   [Bug Fix] Rewrite rule triggered reCAPTCHA causing rare server hang.
   [Bug Fix] Chunk decoding hanging issue for request body.   [Bug Fix] Chunk decoding hanging issue for request body.
Line 218: Line 651:
   [Tuning] Default timeout for SSL session ticket set to 1 hour.   [Tuning] Default timeout for SSL session ticket set to 1 hour.
   [Tuning] Default umask set to 022.   [Tuning] Default umask set to 022.
- 
 === Build 2 === === Build 2 ===
- 
   [Bug Fix] Matched Apache ModSecurity behavior by logging hits with "​pass"​ action to error log.   [Bug Fix] Matched Apache ModSecurity behavior by logging hits with "​pass"​ action to error log.
   [Bug Fix] Fixed NodeJS application directory index for static content.   [Bug Fix] Fixed NodeJS application directory index for static content.
   [Bug Fix] Improved lsquic busy loop detection to avoid false positives.   [Bug Fix] Improved lsquic busy loop detection to avoid false positives.
   [Bug Fix] Log and auto correct the issue where Python application switches the directory for serving static content.   [Bug Fix] Log and auto correct the issue where Python application switches the directory for serving static content.
- 
 === Build 1 === === Build 1 ===
- 
   [Bug Fix] Handle stream RESET in a timely manner for HTTP/3 and QUIC connections.   [Bug Fix] Handle stream RESET in a timely manner for HTTP/3 and QUIC connections.
   [Bug Fix] Automatically add local IPv4 and IPv6 addresses to trusted IP list.   [Bug Fix] Automatically add local IPv4 and IPv6 addresses to trusted IP list.
- 
 === Build 0 === === Build 0 ===
- 
   [New Feature] Support for Apache configuration directive '​AuthMerging'​.   [New Feature] Support for Apache configuration directive '​AuthMerging'​.
   [Improvement] Support for RewriteCond operators added by Apache 2.4 which includes '>​='​ , '<​=',​ '​-eq'​ , '​-ge'​ , '​-gt',​ '​-le'​ , '​-lt',​ '​-ne',​ '​-h',​ '​-L',​ and '​-x'​.   [Improvement] Support for RewriteCond operators added by Apache 2.4 which includes '>​='​ , '<​=',​ '​-eq'​ , '​-ge'​ , '​-gt',​ '​-le'​ , '​-lt',​ '​-ne',​ '​-h',​ '​-L',​ and '​-x'​.
Line 247: Line 674:
  
 ===== Version 5.4.10 ===== ===== Version 5.4.10 =====
- 
 === Build 4 === === Build 4 ===
- 
   [Bug Fix] Do not load .htaccess from parent directories beyond document root when AllowOverride is disabled for those parent directories in Apache configuration.   [Bug Fix] Do not load .htaccess from parent directories beyond document root when AllowOverride is disabled for those parent directories in Apache configuration.
   [Bug Fix] Address a crash in ESI sub request.   [Bug Fix] Address a crash in ESI sub request.
   [Bug Fix] Avoid restoring older system file backups if a switch back to Apache has been performed.   [Bug Fix] Avoid restoring older system file backups if a switch back to Apache has been performed.
   [Bug Fix] Avoid throttling or blocking local IP.   [Bug Fix] Avoid throttling or blocking local IP.
- 
 === Build 1 === === Build 1 ===
- 
   [Bug Fix] Allow default PHP handler to follow explicit configurations for DirectAdmin.   [Bug Fix] Allow default PHP handler to follow explicit configurations for DirectAdmin.
- 
 === Build 0 === === Build 0 ===
- 
   [New Feature] Add ForceSecureCookie configuration directive to enforce "​secure"​ and "​SameSite"​ cookie attributes. This directive can be set in an Apache config file at the server or vhost level, or in the document root directory'​s .htaccess file.   [New Feature] Add ForceSecureCookie configuration directive to enforce "​secure"​ and "​SameSite"​ cookie attributes. This directive can be set in an Apache config file at the server or vhost level, or in the document root directory'​s .htaccess file.
   [New Feature] Allow LiteSpeed Cache for WordPress plugin to use ESI combine sub-requests to improve ESI performance.   [New Feature] Allow LiteSpeed Cache for WordPress plugin to use ESI combine sub-requests to improve ESI performance.
Line 285: Line 706:
  
 ===== Version 5.4.9 ===== ===== Version 5.4.9 =====
- 
 === Build 4 === === Build 4 ===
- 
   [Improvement] Improve PHP default handler for DirectAdmin.   [Improvement] Improve PHP default handler for DirectAdmin.
   [Bug Fix] Avoid stapling expired OCSP responses.   [Bug Fix] Avoid stapling expired OCSP responses.
   [Bug Fix] HTTP3/IETF QUIC: close immediately if crypto session can't be initialized.   [Bug Fix] HTTP3/IETF QUIC: close immediately if crypto session can't be initialized.
   [Bug Fix] Address a rare/random crash.   [Bug Fix] Address a rare/random crash.
- 
 === Build 3 === === Build 3 ===
- 
   [New Feature] Allow LiteSpeed Cache for WordPress plugin to use ESI combine sub-requests to improve ESI performance.   [New Feature] Allow LiteSpeed Cache for WordPress plugin to use ESI combine sub-requests to improve ESI performance.
   [New Feature] Update cPanel plugin to automatically apply new ECC certificates generated through the plugin.   [New Feature] Update cPanel plugin to automatically apply new ECC certificates generated through the plugin.
   [Bug Fix] Normalize IPv6 address to properly reuse existing listener sockets.   [Bug Fix] Normalize IPv6 address to properly reuse existing listener sockets.
   [Bug Fix] Close down HTTP3/QUIC streams reset by peer in timely manner. ​   [Bug Fix] Close down HTTP3/QUIC streams reset by peer in timely manner. ​
- 
 === Build 2 === === Build 2 ===
- 
   [New Feature] New ForceSecureCookie configuration directive to enforce "​secure"​ and "​SameSite"​ cookie attributes. This directive can be set in an Apache config file at the server or vhost level, or in the document root directory'​s .htaccess file.   [New Feature] New ForceSecureCookie configuration directive to enforce "​secure"​ and "​SameSite"​ cookie attributes. This directive can be set in an Apache config file at the server or vhost level, or in the document root directory'​s .htaccess file.
   [Bug Fix] Apply header operations for pages generated by python/​nodejs applications.   [Bug Fix] Apply header operations for pages generated by python/​nodejs applications.
Line 309: Line 724:
   [Bug Fix] Avoid releasing cache objects too early.   [Bug Fix] Avoid releasing cache objects too early.
   [Bug Fix] Address a rare crash in ESI parser. ​   [Bug Fix] Address a rare crash in ESI parser. ​
- 
 === Build 1 === === Build 1 ===
- 
   [Feature] Apply Expires header to a partial response for a range request.   [Feature] Apply Expires header to a partial response for a range request.
   [Bugfix] Force apply ACL configuration changes when client access level is cached in SHM.   [Bugfix] Force apply ACL configuration changes when client access level is cached in SHM.
   [Bugfix] For directory auto index, avoid a blank file name when special characters are in the name.   [Bugfix] For directory auto index, avoid a blank file name when special characters are in the name.
- 
 === Build 0 === === Build 0 ===
- 
   [New Feature] WHM plugin 4.1 with Let's Encrypt ECC certificate support. QUIC.cloud integration with SSL certificates synchronization.   [New Feature] WHM plugin 4.1 with Let's Encrypt ECC certificate support. QUIC.cloud integration with SSL certificates synchronization.
   [New Feature] Automatic CloudFlare CDN IP detection.   [New Feature] Automatic CloudFlare CDN IP detection.
Line 324: Line 735:
  
 ===== Version 5.4.8 ===== ===== Version 5.4.8 =====
- 
 === Build 5 === === Build 5 ===
- 
   [Bug fix] Properly pass CHUNK encoded request body to script handler to address random file upload failure.   [Bug fix] Properly pass CHUNK encoded request body to script handler to address random file upload failure.
   [Bug fix] Addressed graceful restart failure when the server has many IPs in use and is forced to create listeners for individual IP.   [Bug fix] Addressed graceful restart failure when the server has many IPs in use and is forced to create listeners for individual IP.
- 
 === Build 4 === === Build 4 ===
- 
   [New Feature] Control whether to wait for the full request body or not before passing requests to the request handler with new environment variable "​wait-req-full-body"​. (Waiting allows the request handler to see the full request body immediately)   [New Feature] Control whether to wait for the full request body or not before passing requests to the request handler with new environment variable "​wait-req-full-body"​. (Waiting allows the request handler to see the full request body immediately)
   [Tuning] Increase reCAPTCHA verified status timeout from 1-hour to 1-day.   [Tuning] Increase reCAPTCHA verified status timeout from 1-hour to 1-day.
   [Tuning] Increase .htaccess processing time limit from 500ms to 2.5sec to allow for the processing of larger .htaccess files.   [Tuning] Increase .htaccess processing time limit from 500ms to 2.5sec to allow for the processing of larger .htaccess files.
- 
 === Build 3 === === Build 3 ===
- 
   [Bug Fix] LiteMage cache object count is now more accurate.   [Bug Fix] LiteMage cache object count is now more accurate.
   [Bug Fix] Address a few compatibility issues with Plesk admin console proxy through regular HTTPS access.   [Bug Fix] Address a few compatibility issues with Plesk admin console proxy through regular HTTPS access.
Line 343: Line 748:
   [Improvement] Protect WebAdmin listener port from duplicate regular listener configuration.   [Improvement] Protect WebAdmin listener port from duplicate regular listener configuration.
   [Improvement] Add Plesk git integration support.   [Improvement] Add Plesk git integration support.
- 
 === Build 2 === === Build 2 ===
- 
   [Bug Fix] Address 404 error for reCAPTCHA verification.   [Bug Fix] Address 404 error for reCAPTCHA verification.
   [Bug Fix] '​SetEnv'​ directive is now properly applied inside <​Files>​ or <​FilesMatch>​ contexts. ​   [Bug Fix] '​SetEnv'​ directive is now properly applied inside <​Files>​ or <​FilesMatch>​ contexts. ​
- 
 === Build 1 === === Build 1 ===
- 
   [Bug Fix] Correct DirectAdmin PHP handler detection when "​DirectAdmin"​ panel is selected under "​PHP"​ config tab.   [Bug Fix] Correct DirectAdmin PHP handler detection when "​DirectAdmin"​ panel is selected under "​PHP"​ config tab.
   [Bug Fix] WebSocket ProxyPass configuration now works correctly inside the <​Location>​ context.   [Bug Fix] WebSocket ProxyPass configuration now works correctly inside the <​Location>​ context.
   [Bug Fix] Match Apache'​s Redirect behavior by discarding original query string if target URL has query string set.   [Bug Fix] Match Apache'​s Redirect behavior by discarding original query string if target URL has query string set.
- 
 === Build 0 === === Build 0 ===
- 
   [New Feature] Add the ability to load an extra ECC certificate for an Apache virtual host when multi-cert support is enabled.   [New Feature] Add the ability to load an extra ECC certificate for an Apache virtual host when multi-cert support is enabled.
   [New Feature] Apply header modification configurations in .htaccess to dynamic responses for CloudLinux Python/​Ruby/​NodeJS selector application.   [New Feature] Apply header modification configurations in .htaccess to dynamic responses for CloudLinux Python/​Ruby/​NodeJS selector application.
Line 376: Line 775:
  
 ===== Version 5.4.7 ===== ===== Version 5.4.7 =====
- 
 === Build 9 === === Build 9 ===
- 
   [Bug Fix] Correct a SHM memory allocation issue.   [Bug Fix] Correct a SHM memory allocation issue.
   [Bug Fix] Address a URL handling regression introduced in build 7 that affected NextCloud WebDAV clients.   [Bug Fix] Address a URL handling regression introduced in build 7 that affected NextCloud WebDAV clients.
- 
 === Build 8 === === Build 8 ===
- 
   [New Feature] Use Client IP in Header can now be set to use the last IP listed in the X-Forwarded-For header for servers behind AWS ELB.   [New Feature] Use Client IP in Header can now be set to use the last IP listed in the X-Forwarded-For header for servers behind AWS ELB.
   [Bug Fix] Address cp_switch_ws.sh issues when switching back to Apache.   [Bug Fix] Address cp_switch_ws.sh issues when switching back to Apache.
Line 389: Line 784:
   [Bug Fix] Correct a crash bug in cache engine.   [Bug Fix] Correct a crash bug in cache engine.
   [Tuning] Separate IPv4 and IPv6 virtual hosts now share cached pages for the same domain.   [Tuning] Separate IPv4 and IPv6 virtual hosts now share cached pages for the same domain.
- 
 === Build 7 === === Build 7 ===
- 
   [New Feature] For CloudLinux Python/​Ruby/​NodeJS selector application,​ applies header modification configuration in .htaccess to dynamic response.   [New Feature] For CloudLinux Python/​Ruby/​NodeJS selector application,​ applies header modification configuration in .htaccess to dynamic response.
   [Bug Fix] A mod_security engine bug that causes random crash.   [Bug Fix] A mod_security engine bug that causes random crash.
   [Bug Fix] A bug in access log format validation.   [Bug Fix] A bug in access log format validation.
- 
 === Build 6 === === Build 6 ===
- 
   [Bug Fix] Fixed Plesk log rotation issue when LSWS override Apache rc script with symbolic link.    [Bug Fix] Fixed Plesk log rotation issue when LSWS override Apache rc script with symbolic link. 
   [Bug Fix] Fixed a crash when NodeJS default was not properly set in httpd_config.xml. ​   [Bug Fix] Fixed a crash when NodeJS default was not properly set in httpd_config.xml. ​
- 
 === Build 5 === === Build 5 ===
- 
   [Security] Blocks overriding LD_PRELOAD environment variable from .htaccess.   [Security] Blocks overriding LD_PRELOAD environment variable from .htaccess.
   [Bug Fix] Fixed a corner case that causes hanging HTTP/2 response when bandwidth throttling is enabled. ​   [Bug Fix] Fixed a corner case that causes hanging HTTP/2 response when bandwidth throttling is enabled. ​
   [Bug Fix] Properly apply UMASK configuration for external application. ​   [Bug Fix] Properly apply UMASK configuration for external application. ​
- 
 === Build 4 === === Build 4 ===
- 
   [New Feature] Added the ability to load extra ECC certificate for Apache virtual host when multi-cert support is enabled.   [New Feature] Added the ability to load extra ECC certificate for Apache virtual host when multi-cert support is enabled.
   [Improvement] New Ruby 2.0+ compatible RackRunner script for ruby-lsapi 5.0.    [Improvement] New Ruby 2.0+ compatible RackRunner script for ruby-lsapi 5.0. 
Line 414: Line 801:
   [Bug Fix] Minor bug fixes in cache engine. ​   [Bug Fix] Minor bug fixes in cache engine. ​
   [Bug Fix] Minor bug fix in mod_security engine.   [Bug Fix] Minor bug fix in mod_security engine.
- 
 === Build 3 === === Build 3 ===
- 
   [Bug Fix] Fixed an HTTP/2 protocol bug encountered when a PHP page failed without sending back a response header.   [Bug Fix] Fixed an HTTP/2 protocol bug encountered when a PHP page failed without sending back a response header.
   [Bug Fix] Fixed an internal memory management bug that caused random crashing.   [Bug Fix] Fixed an internal memory management bug that caused random crashing.
- 
 === Build 2 === === Build 2 ===
- 
   [Bug Fix] Fixed an AJPv13 protocol bug that caused requests containing a request body to hang.   [Bug Fix] Fixed an AJPv13 protocol bug that caused requests containing a request body to hang.
   [Tuning] Improved reCAPATCHA verification to make it compatible with WordPress password protected pages.   [Tuning] Improved reCAPATCHA verification to make it compatible with WordPress password protected pages.
- 
 === Build 0 === === Build 0 ===
- 
   [Security] Fixed a symbolic link attack in directory auto index script. Thank you KnownHost for the bug report. (CloudLinux user is not affected.)   [Security] Fixed a symbolic link attack in directory auto index script. Thank you KnownHost for the bug report. (CloudLinux user is not affected.)
   [New Feature] Added strict suEXEC and ownership checking on scripts.   [New Feature] Added strict suEXEC and ownership checking on scripts.
Line 442: Line 823:
  
 ===== Version 5.4.6 ===== ===== Version 5.4.6 =====
- 
 === Build 5 === === Build 5 ===
   [Bug Fix] Fixed a bug that reCAPTCHA was shown for the first access of an allowed robot.   [Bug Fix] Fixed a bug that reCAPTCHA was shown for the first access of an allowed robot.
   [Bug Fix] Added "​Cache-Control:​ no-cache"​ for reCAPTCHA verify page to disallow CDN/proxy cache. ​   [Bug Fix] Added "​Cache-Control:​ no-cache"​ for reCAPTCHA verify page to disallow CDN/proxy cache. ​
- 
 === Build 4 === === Build 4 ===
- 
   [Bug Fix] Minimize interference with mandatory rewrite processing when bypassing favicon URL rewrite.   [Bug Fix] Minimize interference with mandatory rewrite processing when bypassing favicon URL rewrite.
   [Tuning] Avoid triggering 503 errors when cPanel backend services (cpcontacts,​ webdisk, ...) are unavailable.   [Tuning] Avoid triggering 503 errors when cPanel backend services (cpcontacts,​ webdisk, ...) are unavailable.
- 
 === Build 3 === === Build 3 ===
- 
   [Bug Fix] Use request header value for RBL lookups.   [Bug Fix] Use request header value for RBL lookups.
   [Bug Fix] Fixed a configuration parser crash.   [Bug Fix] Fixed a configuration parser crash.
Line 459: Line 835:
   [Tuning] Automatically update /​proc/​sys/​net/​core/​somaxconn to 1024, when server performs a fresh startup.   [Tuning] Automatically update /​proc/​sys/​net/​core/​somaxconn to 1024, when server performs a fresh startup.
   [Tuning] Avoid adjusting external application process priority based on server'​s priority.   [Tuning] Avoid adjusting external application process priority based on server'​s priority.
- 
 === Build 2 === === Build 2 ===
- 
   [New Feature] Added strict suEXEC and ownership checks for scripts.   [New Feature] Added strict suEXEC and ownership checks for scripts.
   [New Feature] Added ability to configure static/​dynamic request per second limit for Apache vhost.   [New Feature] Added ability to configure static/​dynamic request per second limit for Apache vhost.
Line 468: Line 842:
   [Bug Fix] Fixed an HTTP/3 timestamp/​ACK ping-pong bug.   [Bug Fix] Fixed an HTTP/3 timestamp/​ACK ping-pong bug.
   [Bug Fix] Fixed a bug causing extra delay when response has content length = 0.   [Bug Fix] Fixed a bug causing extra delay when response has content length = 0.
- 
 === Build 1 === === Build 1 ===
- 
   [Bug fix] Fixed a bug causing delayed .htaccess loading.   [Bug fix] Fixed a bug causing delayed .htaccess loading.
   [Bug fix] Fixed an HTTP/2 bug that sometimes delayed server response.   [Bug fix] Fixed an HTTP/2 bug that sometimes delayed server response.
Line 476: Line 848:
   [Bug fix] Shared lib for lscmctl is now updated on server install/​update.   [Bug fix] Shared lib for lscmctl is now updated on server install/​update.
   [Tuning] Prevent ports 443 and 80 for use as a WebAdmin listener.   [Tuning] Prevent ports 443 and 80 for use as a WebAdmin listener.
- 
 === Build 0 === === Build 0 ===
- 
   [New Feature] Updated HTTP/3 support to include h3-27.   [New Feature] Updated HTTP/3 support to include h3-27.
   [Bug Fix] Fixed a bug that caused ProxyPass ws:// target to stop working for certain configuration combination.   [Bug Fix] Fixed a bug that caused ProxyPass ws:// target to stop working for certain configuration combination.
Line 492: Line 862:
  
 ===== Version 5.4.5 ===== ===== Version 5.4.5 =====
- 
 === Build 3 === === Build 3 ===
- 
   [Bug Fix] Fixed a false positive that triggered ACL denied for Plesk.   [Bug Fix] Fixed a false positive that triggered ACL denied for Plesk.
   [Bug Fix] Fixed a regression that broke /​tmp/​lshttpd/​swap auto cleanup.   [Bug Fix] Fixed a regression that broke /​tmp/​lshttpd/​swap auto cleanup.
Line 500: Line 868:
   [Bug Fix] Fixed a crash in ModSecurity using libinjection.   [Bug Fix] Fixed a crash in ModSecurity using libinjection.
   [Tuning] No longer add ECDHE-RSA-AES128-SHA cipher automatically.   [Tuning] No longer add ECDHE-RSA-AES128-SHA cipher automatically.
- 
 === Build 2 === === Build 2 ===
- 
   [Bug Fix] Minor ModSecurity compatibility fixes.   [Bug Fix] Minor ModSecurity compatibility fixes.
   [Bug Fix] Prevent WebAdmin Console 503 error on centos8 by installing libnsl package automatically.   [Bug Fix] Prevent WebAdmin Console 503 error on centos8 by installing libnsl package automatically.
Line 511: Line 877:
   [Tuning] Downgraded some modsec log messages from "​error"​ to "​warning"​.   [Tuning] Downgraded some modsec log messages from "​error"​ to "​warning"​.
   [Bug Fix] Fixed a rewrite engine compatibility regression introduced in v5.4.4.   [Bug Fix] Fixed a rewrite engine compatibility regression introduced in v5.4.4.
- 
 === Build 1 === === Build 1 ===
- 
   [Bug Fix] mod_security @validateUrlEncoding operator has been turned off to avoid unnecessary false positives.   [Bug Fix] mod_security @validateUrlEncoding operator has been turned off to avoid unnecessary false positives.
   [Bug Fix] Fixed a cache engine bug that broke the "​Respect Cacheable"​ feature.   [Bug Fix] Fixed a cache engine bug that broke the "​Respect Cacheable"​ feature.
Line 519: Line 883:
   [Tuning] Made HTML pages generated by the auto index script responsive.   [Tuning] Made HTML pages generated by the auto index script responsive.
   [Tuning] Hid confusing required/​restricted permission mask configurations in WebAdmin Console.   [Tuning] Hid confusing required/​restricted permission mask configurations in WebAdmin Console.
- 
 === Build 0 === === Build 0 ===
- 
   [New Feature] Added support for IETF HTTP/3 draft 25 (h3-25).   [New Feature] Added support for IETF HTTP/3 draft 25 (h3-25).
   [New Feature] Populate GEOIP_COUNTRY_CODE environment variable using IP2Location database.   [New Feature] Populate GEOIP_COUNTRY_CODE environment variable using IP2Location database.
Line 541: Line 903:
  
 ===== Version 5.4.4 ===== ===== Version 5.4.4 =====
- 
 === Build 8 === === Build 8 ===
- 
   [Bug Fix] In cPanel environment,​ disable rewrite bypass for Let's Encrypt verification requests if dedicate rewrite rule for '​acme-challenge'​ detected.   [Bug Fix] In cPanel environment,​ disable rewrite bypass for Let's Encrypt verification requests if dedicate rewrite rule for '​acme-challenge'​ detected.
- 
 === Build 7 === === Build 7 ===
- 
   [Bug Fix] Fixed a random crash that occurred during SSL handshakes.   [Bug Fix] Fixed a random crash that occurred during SSL handshakes.
   [Bug Fix] Fixed a bug that rarely cased CPU usage to climb to 99% when shutting down SSL connections.   [Bug Fix] Fixed a bug that rarely cased CPU usage to climb to 99% when shutting down SSL connections.
- 
 === Build 6 === === Build 6 ===
- 
   [Bug Fix] Fixed a NodeJS wrapper script bug that failed to handle startup files with absolute paths.   [Bug Fix] Fixed a NodeJS wrapper script bug that failed to handle startup files with absolute paths.
   [Bug Fix] Fixed a random reCAPTCHA verification failure with status code 500.   [Bug Fix] Fixed a random reCAPTCHA verification failure with status code 500.
   [Bug Fix] External application process startup time is now reliably detected.   [Bug Fix] External application process startup time is now reliably detected.
   [Bug Fix] Fixed a minor regression with AHO string search.   [Bug Fix] Fixed a minor regression with AHO string search.
- 
 === Build 5 === === Build 5 ===
- 
   [New Feature] Automatically patch Set-Cookie with '​secure'​ flag when served over HTTPS.   [New Feature] Automatically patch Set-Cookie with '​secure'​ flag when served over HTTPS.
   [Bug Fix] Fixed a regression in Python/​Ruby/​NodeJS application '​tmp/​restart.txt'​ marker file handling.   [Bug Fix] Fixed a regression in Python/​Ruby/​NodeJS application '​tmp/​restart.txt'​ marker file handling.
   [Bug Fix] Fixed a WebAdmin Console socket address validation bug.   [Bug Fix] Fixed a WebAdmin Console socket address validation bug.
   [Bug Fix] Fixed a corner case to load trusted IP configured in document root .htaccess before reCAPTCHA verification. ​   [Bug Fix] Fixed a corner case to load trusted IP configured in document root .htaccess before reCAPTCHA verification. ​
- 
 === Build 4 === === Build 4 ===
- 
   [New Feature] Skip rewrite processing for Let's Encrypt verification requests.   [New Feature] Skip rewrite processing for Let's Encrypt verification requests.
   [Bug Fix] Fixed websockets hanging on upgrade.   [Bug Fix] Fixed websockets hanging on upgrade.
Line 572: Line 924:
   [Bug Fix] Fixed .htaccess configuration changes failing to apply for Python/​Ruby/​NodeJS applications.   [Bug Fix] Fixed .htaccess configuration changes failing to apply for Python/​Ruby/​NodeJS applications.
   [Bug Fix] Environment variable names are no longer converted to uppercase for Apache SetEnv directive.   [Bug Fix] Environment variable names are no longer converted to uppercase for Apache SetEnv directive.
- 
 === Build 3 === === Build 3 ===
- 
   [New Feature] Added full Captcha protection for WordPress login page.   [New Feature] Added full Captcha protection for WordPress login page.
   [Bug Fix] Fixed a connection hang regression introduced in v5.4.4 build 2.   [Bug Fix] Fixed a connection hang regression introduced in v5.4.4 build 2.
- 
 === Build 2 === === Build 2 ===
- 
   [New Feature] Populate GEOIP_COUNTRY_CODE environment variable using IP2Location database.   [New Feature] Populate GEOIP_COUNTRY_CODE environment variable using IP2Location database.
   [Bug Fix] Minor bug fixes to ModSecurity engine.   [Bug Fix] Minor bug fixes to ModSecurity engine.
- 
 === Build 1 === === Build 1 ===
- 
   [Improvement] Fine tuned HTTP/3 and QUIC engine performance.   [Improvement] Fine tuned HTTP/3 and QUIC engine performance.
   [Improvement] Added '​cssDecode'​ and '​utf8toUnicode'​ transformations to ModSecurity engine.   [Improvement] Added '​cssDecode'​ and '​utf8toUnicode'​ transformations to ModSecurity engine.
Line 592: Line 938:
   [Update] Updated WHM plugin to v3.3.6.   [Update] Updated WHM plugin to v3.3.6.
   [Bug Fix] Minor bug fixes in ModSecurity engine.   [Bug Fix] Minor bug fixes in ModSecurity engine.
- 
 === Build 0 === === Build 0 ===
- 
   [New Feature] Added support for Google QUIC Q050.    [New Feature] Added support for Google QUIC Q050. 
   [Security] Improved WebAdmin Console security by strictly checking request URLs.    [Security] Improved WebAdmin Console security by strictly checking request URLs. 
Line 605: Line 949:
  
 ===== Version 5.4.3 ===== ===== Version 5.4.3 =====
- 
 === Build 5 === === Build 5 ===
- 
   [Bug Fix] Fixed a regression for mod_security request parser introduced in 5.4.3 build 4.   [Bug Fix] Fixed a regression for mod_security request parser introduced in 5.4.3 build 4.
   [Bug Fix] Fixed a crash due to memory mapped file being truncated. ​   [Bug Fix] Fixed a crash due to memory mapped file being truncated. ​
- 
 === Build 4 === === Build 4 ===
- 
   [Security] Improved WebAdmin console security by strictly checking request URL.    [Security] Improved WebAdmin console security by strictly checking request URL. 
   [Bug Fix] Fixed a regression for FastCGI protocol support, introduced in 5.4.3 build 0.   [Bug Fix] Fixed a regression for FastCGI protocol support, introduced in 5.4.3 build 0.
   [Bug Fix] There are minor bug fixes for mod_security engine. ​   [Bug Fix] There are minor bug fixes for mod_security engine. ​
- 
 === Build 3 === === Build 3 ===
- 
   [Bug Fix] Fixed a mutex dead-lock regression introduced in build 2 for AIO logging.   [Bug Fix] Fixed a mutex dead-lock regression introduced in build 2 for AIO logging.
- 
 === Build 2 === === Build 2 ===
- 
   [Bug Fix] Fixed a bug in AIO logging that caused access log stop working.   [Bug Fix] Fixed a bug in AIO logging that caused access log stop working.
   [Bug Fix] Fixed a bug caused 100% CPU usage for FreeBSD.   [Bug Fix] Fixed a bug caused 100% CPU usage for FreeBSD.
   [Bug Fix] Removed an unnecessary CloudLinux CageFS mount point for "/​tmp/​lshttpd"​.   [Bug Fix] Removed an unnecessary CloudLinux CageFS mount point for "/​tmp/​lshttpd"​.
- 
 === Build 1 === === Build 1 ===
- 
   [Bug Fix] Fixed a bug that caused HTTPS connections to stall when bandwidth throttling was enabled.   [Bug Fix] Fixed a bug that caused HTTPS connections to stall when bandwidth throttling was enabled.
   [Bug Fix] Fixed an ESI/​Litemage output corruption bug.   [Bug Fix] Fixed an ESI/​Litemage output corruption bug.
   [Tuning] Fine tuned keepalive timeout for detached PHP processes to reduce the number of idle PHP processes.   [Tuning] Fine tuned keepalive timeout for detached PHP processes to reduce the number of idle PHP processes.
- 
 === Build 0 === === Build 0 ===
- 
   [New Feature] Websocket backend support via the "​ProxyPass"​ directive. ​   [New Feature] Websocket backend support via the "​ProxyPass"​ directive. ​
   [Enhancement] Improved WordPress brute force protection when facing large botnet attacks.   [Enhancement] Improved WordPress brute force protection when facing large botnet attacks.
Line 651: Line 983:
  
 ===== Version 5.4.2 ===== ===== Version 5.4.2 =====
- 
 === Build 7 === === Build 7 ===
- 
   [Bug Fix] Fixed an HTTP/3 QUIC engine bug introduced in build 6 that could cause action connections to close at random.   [Bug Fix] Fixed an HTTP/3 QUIC engine bug introduced in build 6 that could cause action connections to close at random.
   [Tuning] Updated HTTP/3 QUIC engine default congestion control method to CUBIC for better performance in good network conditions.   [Tuning] Updated HTTP/3 QUIC engine default congestion control method to CUBIC for better performance in good network conditions.
   [Tuning] Lowered WordpressProtect minimum limit from 5 to 2 to better pairing with reCAPTCHA verification.   [Tuning] Lowered WordpressProtect minimum limit from 5 to 2 to better pairing with reCAPTCHA verification.
- 
 === Build 6 === === Build 6 ===
- 
   [Bug Fix] Fixed a few minor HTTP/3 and QUIC engine bugs.   [Bug Fix] Fixed a few minor HTTP/3 and QUIC engine bugs.
   [Bug Fix] Fixed an HTTPS bug that caused a busy loop in FreeBSD.   [Bug Fix] Fixed an HTTPS bug that caused a busy loop in FreeBSD.
Line 665: Line 993:
   [Bug Fix] Properly parse IPv6 mapped IPv4 addresses in request header.   [Bug Fix] Properly parse IPv6 mapped IPv4 addresses in request header.
   [Bug Fix] Fixed missing "​REMOTE_USER"​ request environment variable when HTTP authentication is used.   [Bug Fix] Fixed missing "​REMOTE_USER"​ request environment variable when HTTP authentication is used.
- 
 === Build 5 === === Build 5 ===
   [Bug Fix] Fixed a bug that caused excessive buffering for HTTP/2 connection.   [Bug Fix] Fixed a bug that caused excessive buffering for HTTP/2 connection.
   [Bug Fix] Fixed a bug in QUIC, HTTP/3 engine that caused large file downloads to stall. ​   [Bug Fix] Fixed a bug in QUIC, HTTP/3 engine that caused large file downloads to stall. ​
   [Bug Fix] Fixed a bug that caused random 404 error. ​   [Bug Fix] Fixed a bug that caused random 404 error. ​
-  ​ 
 === Build 4 === === Build 4 ===
   [Bug Fix] Improved HTTP/3 draft 24 inter-operability with other HTTP/3 clients. ​   [Bug Fix] Improved HTTP/3 draft 24 inter-operability with other HTTP/3 clients. ​
Line 677: Line 1003:
   [Bug Fix] Fixed a problem with utf-8 characters in request URLs for Python applications. ​   [Bug Fix] Fixed a problem with utf-8 characters in request URLs for Python applications. ​
   [Bug Fix] Fixed a rare HTTP/2 connection stalling problem.   [Bug Fix] Fixed a rare HTTP/2 connection stalling problem.
- 
 === Build 3 === === Build 3 ===
   [Bug Fix] Fixed a bug in mod_security engine @validateUrlEncoding operator resulting in false positives.   [Bug Fix] Fixed a bug in mod_security engine @validateUrlEncoding operator resulting in false positives.
   [Bug Fix] Fixed a compatibility issue with Plesk'​s autodiscover feature.   [Bug Fix] Fixed a compatibility issue with Plesk'​s autodiscover feature.
   [Bug Fix] Fixed a random 404 error for NodeJS applications.   [Bug Fix] Fixed a random 404 error for NodeJS applications.
- 
 === Build 2 === === Build 2 ===
   [Enhancement] Improved Wordpress brute force protection when facing large botnet attacks. ​   [Enhancement] Improved Wordpress brute force protection when facing large botnet attacks. ​
Line 689: Line 1013:
   [Bugfix] Fixed a DirectAdmin userdir bug.   [Bugfix] Fixed a DirectAdmin userdir bug.
   [Bugfix] Fixed a Python application compatibility bug.   [Bugfix] Fixed a Python application compatibility bug.
- 
 === Build 1 === === Build 1 ===
   [Bug Fix] Fixed a bug introduced in v5.4.2 build 0 where some mod_security rules could cause false positives.   [Bug Fix] Fixed a bug introduced in v5.4.2 build 0 where some mod_security rules could cause false positives.
   [Bug Fix] Fixed a bug that caused 503 errors when the configuration of python/​node/​ruby selector applications where updated.   [Bug Fix] Fixed a bug that caused 503 errors when the configuration of python/​node/​ruby selector applications where updated.
   [Bug Fix] Minor bug fixes in QUIC and HTTP/3 engine.   [Bug Fix] Minor bug fixes in QUIC and HTTP/3 engine.
- 
 === Build 0 === === Build 0 ===
   [New Feature] Updated QUIC implementation to support IETF HTTP/3 draft 23.   [New Feature] Updated QUIC implementation to support IETF HTTP/3 draft 23.
Line 727: Line 1049:
  
 ===== Version 5.4.1 ===== ===== Version 5.4.1 =====
- 
 === Build 8 === === Build 8 ===
   [Improvement] Improved python application configuration to allow swapping applications on the same URL.    [Improvement] Improved python application configuration to allow swapping applications on the same URL. 
Line 733: Line 1054:
   [Bug Fix] Fixed a mod_security configuration bug that reordered some rules under certain conditions.   [Bug Fix] Fixed a mod_security configuration bug that reordered some rules under certain conditions.
   [Bug Fix] Fixed a systemd warning under Plesk 18.0.   [Bug Fix] Fixed a systemd warning under Plesk 18.0.
- 
 === Build 7 === === Build 7 ===
   [Improvement] Automatically disable HTTP/2, SPDY, and QUIC for CSF messenger vhost on port 8887.   [Improvement] Automatically disable HTTP/2, SPDY, and QUIC for CSF messenger vhost on port 8887.
Line 739: Line 1059:
   [Improvement] Added `lsws/​logs/​critical_alert` log file for writing common licensing problems that could cause LSWS to stop working.   [Improvement] Added `lsws/​logs/​critical_alert` log file for writing common licensing problems that could cause LSWS to stop working.
   [Bug Fix] Fixed a compatibility issue with CloudLinux python selector.   [Bug Fix] Fixed a compatibility issue with CloudLinux python selector.
- 
 === Build 6 === === Build 6 ===
   [Bug Fix] Fixed a bug introduced in build 5 that caused the server to crash when "​require env xxxx" was used.   [Bug Fix] Fixed a bug introduced in build 5 that caused the server to crash when "​require env xxxx" was used.
Line 746: Line 1065:
   [Improvement] Use '​pkill'​ instead of '​killall'​ in various scripts to minimize dependencies on installed system packages.   [Improvement] Use '​pkill'​ instead of '​killall'​ in various scripts to minimize dependencies on installed system packages.
   [Improvement] Update "​Alt-Svc"​ string for gQUIC advertising.   [Improvement] Update "​Alt-Svc"​ string for gQUIC advertising.
- 
 === Build 5 === === Build 5 ===
   [FEATURE] Enable SSL SHM session cache for Apache HTTPS vhost when server level SSH session cache is enabled. ​   [FEATURE] Enable SSL SHM session cache for Apache HTTPS vhost when server level SSH session cache is enabled. ​
Line 753: Line 1071:
   [BUGFIX] Make statistics more accurate for requests processed .    [BUGFIX] Make statistics more accurate for requests processed . 
   [BUGFIX] Fixed a minor regression in 5.4 that performs redirect before rewrite when URL without a trailing slash pointing to a directory. ​   [BUGFIX] Fixed a minor regression in 5.4 that performs redirect before rewrite when URL without a trailing slash pointing to a directory. ​
- 
 === Build 4 === === Build 4 ===
   [Improvement] Automatically restart running PHP processes after detecting PHP binary updates.   [Improvement] Automatically restart running PHP processes after detecting PHP binary updates.
Line 762: Line 1079:
   [Bug Fix] Make per Apache vhost PHP 7.4 handler run in suEXEC mode.   [Bug Fix] Make per Apache vhost PHP 7.4 handler run in suEXEC mode.
   [Bug Fix] Fixed a bug reading CGI '​umask'​ configuration as an octal number.   [Bug Fix] Fixed a bug reading CGI '​umask'​ configuration as an octal number.
- 
 === Build 3 === === Build 3 ===
   [Bug Fix] Fixed a .htaccess cache bug that caused the server'​s default PHP handler to be used instead of per-vhost suEXEC handlers.   [Bug Fix] Fixed a .htaccess cache bug that caused the server'​s default PHP handler to be used instead of per-vhost suEXEC handlers.
Line 770: Line 1086:
   [Tuning] Reduced Brotli compression memory usage.   [Tuning] Reduced Brotli compression memory usage.
   [Tuning] Allow mapping www.TLD.com and TLD.com to different native virtual hosts.   [Tuning] Allow mapping www.TLD.com and TLD.com to different native virtual hosts.
- 
 === Build 2 === === Build 2 ===
- 
   [New Feature] Added an option to allow generation of full real time status report, including idle virtual host and external app stats.   [New Feature] Added an option to allow generation of full real time status report, including idle virtual host and external app stats.
   [Bug Fix] Fixed an RBL compatibility issue with modsecurity rules from Imunify360.   [Bug Fix] Fixed an RBL compatibility issue with modsecurity rules from Imunify360.
Line 779: Line 1093:
   [Bug Fix] Fixed all LSPHP processes not being stopped when switching from LSWS to Apache.   [Bug Fix] Fixed all LSPHP processes not being stopped when switching from LSWS to Apache.
   [Bug Fix] Fixed a QuicEngine bug that sometimes caused a server crash.   [Bug Fix] Fixed a QuicEngine bug that sometimes caused a server crash.
- 
 === Build 1 === === Build 1 ===
- 
   [Improvement] Avoid reCAPTCHA verification on AJAX requests to minimize false positives.   [Improvement] Avoid reCAPTCHA verification on AJAX requests to minimize false positives.
   [Improvement] Make built-in error and reCAPTCHA verification pages responsive.   [Improvement] Make built-in error and reCAPTCHA verification pages responsive.
Line 788: Line 1100:
   [Bug Fix] Fixed a bug that caused broken non-keepalive HTTPS responses.   [Bug Fix] Fixed a bug that caused broken non-keepalive HTTPS responses.
   [Bug Fix] Fixed a bug that caused WordPress brute force protection false positive.   [Bug Fix] Fixed a bug that caused WordPress brute force protection false positive.
- 
 === Build 0 === === Build 0 ===
- 
   [Security] Addressed recent HTTP/2 DoS advisories (https://​github.com/​Netflix/​security-bulletins/​blob/​master/​advisories/​third-party/​2019-002.md). Fixed CVE-2019-9516 ""​0-Length Headers Leak""​ vulnerability. Completely blocks unaffected attacks: ​ CVE-2019-9511 ""​Data Dribble"",​ CVE-2019-9512 ""​Ping Flood"",​ CVE-2019-9513 ""​Resource Loop"",​ CVE-2019-9514 ""​Reset Flood"",​ CVE-2019-9515 ""​Settings Flood"",​ CVE-2019-9517 ""​Internal Data Buffering"",​ and CVE-2019-9518 ""​Empty Frames Flood""​.   [Security] Addressed recent HTTP/2 DoS advisories (https://​github.com/​Netflix/​security-bulletins/​blob/​master/​advisories/​third-party/​2019-002.md). Fixed CVE-2019-9516 ""​0-Length Headers Leak""​ vulnerability. Completely blocks unaffected attacks: ​ CVE-2019-9511 ""​Data Dribble"",​ CVE-2019-9512 ""​Ping Flood"",​ CVE-2019-9513 ""​Resource Loop"",​ CVE-2019-9514 ""​Reset Flood"",​ CVE-2019-9515 ""​Settings Flood"",​ CVE-2019-9517 ""​Internal Data Buffering"",​ and CVE-2019-9518 ""​Empty Frames Flood""​.
   [New Feature] Updated HTTP/3 support to Internet Draft 22.   [New Feature] Updated HTTP/3 support to Internet Draft 22.
Line 802: Line 1112:
  
 ===== Version 5.4 ===== ===== Version 5.4 =====
- 
 === Build 3 === === Build 3 ===
- 
   [Bug Fix] Fixed a bug that could cause truncated response bodies to be transferred over non-keepalive HTTPS connections. This usually affects front-end CDN services.   [Bug Fix] Fixed a bug that could cause truncated response bodies to be transferred over non-keepalive HTTPS connections. This usually affects front-end CDN services.
- 
 === Build 2 === === Build 2 ===
- 
   [New Feature] Updated HTTP/3 support to Internet Draft 22 .   [New Feature] Updated HTTP/3 support to Internet Draft 22 .
   [New Feature] Smart server PUSH uses cookies to track pushed assets, avoiding pushing the same asset repeatedly.   [New Feature] Smart server PUSH uses cookies to track pushed assets, avoiding pushing the same asset repeatedly.
Line 814: Line 1120:
   [Improvement] Tuned reCAPTCHA verification to avoid requesting verification on image/​css/​js files.   [Improvement] Tuned reCAPTCHA verification to avoid requesting verification on image/​css/​js files.
   [Bug Fix] Minor bug fixes for 404 logging and some rare crashes.   [Bug Fix] Minor bug fixes for 404 logging and some rare crashes.
- 
 === Build 1 === === Build 1 ===
- 
   [Update] Updated cPanel/WHM plugins to v1.2.3.3 and v3.3.3.5 respectively.   [Update] Updated cPanel/WHM plugins to v1.2.3.3 and v3.3.3.5 respectively.
   [Bug fix] Fixed a chunk encoding bug that could cause data corruption.   [Bug fix] Fixed a chunk encoding bug that could cause data corruption.
Line 822: Line 1126:
   [Bug fix] Fixed a QUIC engine bug that affected graceful restarts.   [Bug fix] Fixed a QUIC engine bug that affected graceful restarts.
   [Bug fix] Fixed a BAN request method parsing bug.   [Bug fix] Fixed a BAN request method parsing bug.
- 
 === Build 0 === === Build 0 ===
- 
   [Major Improvement] Massive HTTP/2 HTTPS performance boost (up to 5x faster than LSWS v5.3.x).   [Major Improvement] Massive HTTP/2 HTTPS performance boost (up to 5x faster than LSWS v5.3.x).
   [Major New Feature] Experimental HTTP/3 draft 20 support.   [Major New Feature] Experimental HTTP/3 draft 20 support.
Line 836: Line 1138:
   [Improvement] Improved HTTP/2 stream prioritization for a better user browsing experience.   [Improvement] Improved HTTP/2 stream prioritization for a better user browsing experience.
  
-=== RC4 === +===== Version 5.4RC4 ===== 
 +=== Build 0 ===
   [New Feature] Support for SO_REUSEPORT for multi-worker license.   [New Feature] Support for SO_REUSEPORT for multi-worker license.
   [New Feature] HTTPS/QUIC handshake offloading.   [New Feature] HTTPS/QUIC handshake offloading.
Line 845: Line 1147:
   [New Feature] Experimental IETF QUIC draft-20.   [New Feature] Experimental IETF QUIC draft-20.
  
-=== RC3 === +===== Version 5.4RC3 ===== 
 +=== Build 0 ===
   [Major New Feature] Dynamic Virtual Host configuration through REDIS backend.   [Major New Feature] Dynamic Virtual Host configuration through REDIS backend.
   [Major Improvement] Greatly improved HTTP/2 performance -- up to 7x faster than previous implementations.   [Major Improvement] Greatly improved HTTP/2 performance -- up to 7x faster than previous implementations.
Line 852: Line 1154:
   [Bug fix] All bug fixes and enhancements on 5.3.x branch included.   [Bug fix] All bug fixes and enhancements on 5.3.x branch included.
  
-=== RC2 === +===== Version 5.4RC2 ===== 
 +=== Build 0 ===
   [Major New Feature] Dynamic virtual hosting through rewrite rules.   [Major New Feature] Dynamic virtual hosting through rewrite rules.
   [Improvement] Improved HTTP/2 performance.   [Improvement] Improved HTTP/2 performance.
Line 860: Line 1162:
   [Bug fix] Fixed a few server crash bugs.   [Bug fix] Fixed a few server crash bugs.
  
-=== RC1 === +===== Version 5.4RC1 ===== 
 +=== Build 0 ===
   [New Feature] Recaptcha verification for DDoS attack mitigation.   [New Feature] Recaptcha verification for DDoS attack mitigation.
   [New Feature] Support for Ruby/​Python/​Nodejs applications in native configuration.   [New Feature] Support for Ruby/​Python/​Nodejs applications in native configuration.
Line 870: Line 1172:
  
 ===== Version 5.3.8 ===== ===== Version 5.3.8 =====
- 
 === Build 6 === === Build 6 ===
- 
   [Update] Updated cPanel/WHM plugins v1.2.3.2 and v3.3.3.4 respectively.   [Update] Updated cPanel/WHM plugins v1.2.3.2 and v3.3.3.4 respectively.
   [Bug fix] Temporarily stop PHP processes with SIGKILL as a workaround for problems caused by clean shutdown logic added to PHP LiteSpeed SAPI v7.4.3.   [Bug fix] Temporarily stop PHP processes with SIGKILL as a workaround for problems caused by clean shutdown logic added to PHP LiteSpeed SAPI v7.4.3.
   [Bug fix] Added websocket proxy support for cPanel and webmail subdomains in addition to WHM subdomains.   [Bug fix] Added websocket proxy support for cPanel and webmail subdomains in addition to WHM subdomains.
   [Bug fix] Fixed a QUIC engine bug and made QUIC more DoS attack resistant.   [Bug fix] Fixed a QUIC engine bug and made QUIC more DoS attack resistant.
- 
 === Build 5 === === Build 5 ===
- 
   [Bug Fix] Updated WHM plugin to v3.3.3.2 to fix a bug introduced in the previous version that caused most plugin actions to result in a PHP fatal error.   [Bug Fix] Updated WHM plugin to v3.3.3.2 to fix a bug introduced in the previous version that caused most plugin actions to result in a PHP fatal error.
   [Bug Fix] To avoid server crash, PCLMUL will be disabled in the zlib library if the server CPU does not support PCLMUL instructions.   [Bug Fix] To avoid server crash, PCLMUL will be disabled in the zlib library if the server CPU does not support PCLMUL instructions.
- 
 === Build 4 === === Build 4 ===
- 
   [New feature] Web Cache Manager CLI support for DirectAdmin.   [New feature] Web Cache Manager CLI support for DirectAdmin.
   [Bug fix] Fixed websocket proxy from https to ws:// backend; made WHM terminal work properly through proxy.   [Bug fix] Fixed websocket proxy from https to ws:// backend; made WHM terminal work properly through proxy.
Line 891: Line 1187:
   [Bug fix] Updated WebAdmin code to avoid some E_STRICT warnings.   [Bug fix] Updated WebAdmin code to avoid some E_STRICT warnings.
   [Bug fix] Fixed server PUSH parsing problem when '​Link'​ header contains multiple URLs.   [Bug fix] Fixed server PUSH parsing problem when '​Link'​ header contains multiple URLs.
- 
 === Build 3 === === Build 3 ===
- 
   [Bug fix] Fixed an ACL bug occurring when environment variables are used in Allow/Deny configurations.   [Bug fix] Fixed an ACL bug occurring when environment variables are used in Allow/Deny configurations.
   [Bug fix] Fixed a request parser bug which caused the server to crash when a partition holding a temp file is out of space.   [Bug fix] Fixed a request parser bug which caused the server to crash when a partition holding a temp file is out of space.
   [Bug fix] Fixed a cache engine bug that caused requests to certain URLs to hang.   [Bug fix] Fixed a cache engine bug that caused requests to certain URLs to hang.
- 
 === Build 2 === === Build 2 ===
- 
   [Bug fix] Fixed a regression in PHP daemon mode that causes 503 errors.   [Bug fix] Fixed a regression in PHP daemon mode that causes 503 errors.
- 
 === Build 1 === === Build 1 ===
- 
   [Bug fix] Fixed an IP2Location configuration bug that could cause the server to crash during startup.   [Bug fix] Fixed an IP2Location configuration bug that could cause the server to crash during startup.
   [Bug fix] Fixed a bug with nested ESI subrequests that caused random crashes.   [Bug fix] Fixed a bug with nested ESI subrequests that caused random crashes.
- 
 === Build 0 === === Build 0 ===
- 
   [Security] Added built-in filter to block attempts at hacking LiteMage with crafted ESI requests.   [Security] Added built-in filter to block attempts at hacking LiteMage with crafted ESI requests.
   [New Feature] lscmctl script can now be used to install/​uninstall the LiteSpeed Web Cache Manager user-end plugin for cPanel. ​   [New Feature] lscmctl script can now be used to install/​uninstall the LiteSpeed Web Cache Manager user-end plugin for cPanel. ​
Line 938: Line 1226:
  
 ===== Version 5.3.7 ===== ===== Version 5.3.7 =====
- 
- 
 === Build 8 === === Build 8 ===
- 
   [Bug Fix] Fixed a cache + ESI bug that could cause random crashes.   [Bug Fix] Fixed a cache + ESI bug that could cause random crashes.
   [Bug Fix] Fixed a rewrite engine bug.   [Bug Fix] Fixed a rewrite engine bug.
   [Bug Fix] Fixed a memory leak in the GeoIP module.   [Bug Fix] Fixed a memory leak in the GeoIP module.
   [Bug Fix] Fixed a Plesk compatibility issue.   [Bug Fix] Fixed a Plesk compatibility issue.
- 
 === Build 7 === === Build 7 ===
- 
   [Improvement] Better WordPress brute force detection IP logging.   [Improvement] Better WordPress brute force detection IP logging.
   [Improvement] Allow request header sizes greater than 32K.   [Improvement] Allow request header sizes greater than 32K.
Line 955: Line 1238:
   [Bug fix] Fixed an SSL OCSP stapling bug.   [Bug fix] Fixed an SSL OCSP stapling bug.
   [Bug Fix] Fixed broken server restart when port offset had been set.   [Bug Fix] Fixed broken server restart when port offset had been set.
- 
 === Build 6 === === Build 6 ===
- 
   [New Feature] Added the ability to install/​uninstall the LiteSpeed Web Cache Manager user-end plugin for cPanel using the lscmctl script.   [New Feature] Added the ability to install/​uninstall the LiteSpeed Web Cache Manager user-end plugin for cPanel using the lscmctl script.
   [Improvement] Fixed PHP handler compatibility issues with Plesk'​s updated configuration template.   [Improvement] Fixed PHP handler compatibility issues with Plesk'​s updated configuration template.
Line 964: Line 1245:
   [Improvement] Cache engine now updates X-LiteSpeed-Cache-Control max-age value based on actual expire time when a front-end lscache proxy exists.   [Improvement] Cache engine now updates X-LiteSpeed-Cache-Control max-age value based on actual expire time when a front-end lscache proxy exists.
   [Improvement] Natively configured detached PHP process groups are now gracefully restarted. ​   [Improvement] Natively configured detached PHP process groups are now gracefully restarted. ​
- 
 === Build 5 === === Build 5 ===
- 
   [New Feature] Recommend a plugin or broadcast a message to all discovered WordPress installations with the dash notify feature available in the lscmctl script and WHM plugin.   [New Feature] Recommend a plugin or broadcast a message to all discovered WordPress installations with the dash notify feature available in the lscmctl script and WHM plugin.
   [Improvement] Ignore <if> <​else>​ <​elseif>​ configuration contexts.   [Improvement] Ignore <if> <​else>​ <​elseif>​ configuration contexts.
Line 974: Line 1253:
   [Bug Fix] Fixed freeBSD 100% cpu usage for kqueue event loops.   [Bug Fix] Fixed freeBSD 100% cpu usage for kqueue event loops.
   [Bug Fix] Fixed a detached mode process manager bug that accidentally killed other lshttpd worker processes. ​   [Bug Fix] Fixed a detached mode process manager bug that accidentally killed other lshttpd worker processes. ​
- 
 === Build 4 === === Build 4 ===
- 
   [Improvement] Improved lsup.sh with stable tier.   [Improvement] Improved lsup.sh with stable tier.
   [Improvement] Improved NodeJS application compatibility and mod_passenger configuration handling.   [Improvement] Improved NodeJS application compatibility and mod_passenger configuration handling.
Line 982: Line 1259:
   [Bug Fix] Added User-Agent and Referer headers to server pushed requests to avoid failing possible checks in a user's custom configuration.   [Bug Fix] Added User-Agent and Referer headers to server pushed requests to avoid failing possible checks in a user's custom configuration.
   [Bug Fix] Implemented mod_security REQUEST_BODY as a dedicate variable.   [Bug Fix] Implemented mod_security REQUEST_BODY as a dedicate variable.
- 
 === Build 3 === === Build 3 ===
- 
   [Improvement] Improved rc-inst.sh to install systemd unit file for Plesk + Debain/​Ubuntu.   [Improvement] Improved rc-inst.sh to install systemd unit file for Plesk + Debain/​Ubuntu.
   [Bug fix] Fixed an ESI engine memory management bug that caused random server crashes.   [Bug fix] Fixed an ESI engine memory management bug that caused random server crashes.
   [Bug fix] Fixed rewrite engine infinite loop when rewrite map file is stored in an NFS mount.   [Bug fix] Fixed rewrite engine infinite loop when rewrite map file is stored in an NFS mount.
- 
 === Build 2 === === Build 2 ===
- 
   [Bug Fix] Fixed a detached mode process manager bug introduced in build 1.   [Bug Fix] Fixed a detached mode process manager bug introduced in build 1.
- 
 === Build 1 === === Build 1 ===
- 
   [Security] Added built-in filter to block attempts to hack LitemMage with crafted ESI request.   [Security] Added built-in filter to block attempts to hack LitemMage with crafted ESI request.
   [Bug Fix] Fixed a detached mode process manager bug made killing other unrelated processes possible.   [Bug Fix] Fixed a detached mode process manager bug made killing other unrelated processes possible.
   [Bug Fix] Fixed an Apache SSL vhost SNI configuration bug.   [Bug Fix] Fixed an Apache SSL vhost SNI configuration bug.
   [Bug Fix] Fixed a QuicEngine bug that could cause broken responses.   [Bug Fix] Fixed a QuicEngine bug that could cause broken responses.
- 
 === Build 0 === === Build 0 ===
- 
   [Security] Fixed a XSS vulnerability in directory auto index script.   [Security] Fixed a XSS vulnerability in directory auto index script.
   [Improvement] Improved QUIC transport protocol performance and reliability.   [Improvement] Improved QUIC transport protocol performance and reliability.
Line 1027: Line 1296:
  
 ===== Version 5.3.6 ===== ===== Version 5.3.6 =====
- 
 === Build 6 === === Build 6 ===
- 
   [Security] .rtreport no longer world readable.   [Security] .rtreport no longer world readable.
   [Improvement] Improved QUIC transport protocol performance and reliability.   [Improvement] Improved QUIC transport protocol performance and reliability.
Line 1035: Line 1302:
   [Improvement] Made .rtreport symbolic links root owned to avoid LFD file warnings.   [Improvement] Made .rtreport symbolic links root owned to avoid LFD file warnings.
   [Bug Fix] Fixed inaccurate real-time statistics.   [Bug Fix] Fixed inaccurate real-time statistics.
- 
 === Build 5 === === Build 5 ===
- 
   [Update] Updated bundled WHM plugin to v3.2.0.3 and user-end cPanel plugin to v1.1.1.2.   [Update] Updated bundled WHM plugin to v3.2.0.3 and user-end cPanel plugin to v1.1.1.2.
   [Improvement] Improved lsup.sh script to check build number against latest build.   [Improvement] Improved lsup.sh script to check build number against latest build.
   [Bug Fix] Fixed systemd unit file lshttpd.service,​ by requiring network-online.target.   [Bug Fix] Fixed systemd unit file lshttpd.service,​ by requiring network-online.target.
   [Bug Fix] Allow xx.xx.xx.xx/​32 as valid IP in ACL configuration.   [Bug Fix] Allow xx.xx.xx.xx/​32 as valid IP in ACL configuration.
- 
 === Build 4 === === Build 4 ===
- 
   [Update] Updated bundled WHM plugin to v3.2.0.2 and user-end cPanel plugin to v1.1.1.1 to address an integration issue with the recent LSCWP v2.9.3.   [Update] Updated bundled WHM plugin to v3.2.0.2 and user-end cPanel plugin to v1.1.1.1 to address an integration issue with the recent LSCWP v2.9.3.
   [Bug Fix] Fixed a mod_security engine bug that was mistakenly skipping some rules for POST requests.   [Bug Fix] Fixed a mod_security engine bug that was mistakenly skipping some rules for POST requests.
   [Bug Fix] Fixed an ESI engine bug that broke detection for looping includes, causing the server to run out of memory.   [Bug Fix] Fixed an ESI engine bug that broke detection for looping includes, causing the server to run out of memory.
   [Bug Fix] Increased logging for detach mode process manager. A forced lock release will now occur if a dead lock is detected when starting detach mode processes.   [Bug Fix] Increased logging for detach mode process manager. A forced lock release will now occur if a dead lock is detected when starting detach mode processes.
- 
 === Build 3 === === Build 3 ===
- 
   [Improvement] Improved ESI support for JSON responses.   [Improvement] Improved ESI support for JSON responses.
   [Bug fix] Fixed rewrite engine bug where target URLs containing "​../"​ could cause problems.   [Bug fix] Fixed rewrite engine bug where target URLs containing "​../"​ could cause problems.
   [Bug fix] Fixed an external loop redirect detection bug.   [Bug fix] Fixed an external loop redirect detection bug.
   [Bug Fix] Fixed a mod_security bug stopping response headers from being logged to the audit_log.   [Bug Fix] Fixed a mod_security bug stopping response headers from being logged to the audit_log.
- 
 === Build 2 === === Build 2 ===
- 
   [Bug Fix] Fixed a regression that broke the "​SetHandler"​ directive.   [Bug Fix] Fixed a regression that broke the "​SetHandler"​ directive.
   [Bug Fix] OCSP cache directory now properly adjusted in chroot environments.   [Bug Fix] OCSP cache directory now properly adjusted in chroot environments.
- 
 === Build 1 === === Build 1 ===
- 
   [Improvement] Improved default configuration for servers with heavy disk I/O wait.   [Improvement] Improved default configuration for servers with heavy disk I/O wait.
   [Bug Fix] Fixed a rewrite engine compatibility issue.   [Bug Fix] Fixed a rewrite engine compatibility issue.
   [Bug Fix] Fixed a regression in "​Redirect"​ directive handling.   [Bug Fix] Fixed a regression in "​Redirect"​ directive handling.
   [Bug Fix] Fixed a QUIC engine bug when handling extra long response headers.   [Bug Fix] Fixed a QUIC engine bug when handling extra long response headers.
- 
 === Build 0 === === Build 0 ===
- 
   [New Feature] lscmctl script can now be used to set custom server and virtual host cache roots with the '​setcacheroot'​ command.   [New Feature] lscmctl script can now be used to set custom server and virtual host cache roots with the '​setcacheroot'​ command.
   [Improvement] Added "​ProxyPass"/"​ProxyPassMatch"​ support for AJP backend.   [Improvement] Added "​ProxyPass"/"​ProxyPassMatch"​ support for AJP backend.
Line 1088: Line 1343:
  
 ===== Version 5.3.5 ===== ===== Version 5.3.5 =====
- 
 === Build 9 === === Build 9 ===
- 
   [Bug Fix] Fixed a bug causing detached PHP processes to be stopped during graceful restarts.   [Bug Fix] Fixed a bug causing detached PHP processes to be stopped during graceful restarts.
- 
 === Build 8 === === Build 8 ===
- 
   [Bug Fix] Fixed an OCSP response verification bug (introduced in the previous build) that caused crashing.   [Bug Fix] Fixed an OCSP response verification bug (introduced in the previous build) that caused crashing.
   [Bugfix] Fixed a bug in processing GeoIP2 mmdb database. ​   [Bugfix] Fixed a bug in processing GeoIP2 mmdb database. ​
   [Bugfix] Fixed a bug introduced in 5.3.5 build 5 that breaks cPanel/WHM redirect to closest matched domain feature.   [Bugfix] Fixed a bug introduced in 5.3.5 build 5 that breaks cPanel/WHM redirect to closest matched domain feature.
- 
 === Build 7 === === Build 7 ===
- 
   [Enhancement] Added extra validation on OCSP response to avoid outdated response for newly renewed certificate. ​   [Enhancement] Added extra validation on OCSP response to avoid outdated response for newly renewed certificate. ​
   [Integration] Made LSWS compatible with Apache configuration generated by cPanel v78.   [Integration] Made LSWS compatible with Apache configuration generated by cPanel v78.
   [Bug Fix] Fixed AddHandler directive behavior to be the same as AddType.   [Bug Fix] Fixed AddHandler directive behavior to be the same as AddType.
- 
 === Build 6 === === Build 6 ===
- 
   [New Feature] Added "​ProxyPass"/"​ProxyPassMatch"​ support for AJP backend.   [New Feature] Added "​ProxyPass"/"​ProxyPassMatch"​ support for AJP backend.
   [New Feature] Added support for "​IP:​port"​ in "​X-Forwarded-For"​ header.   [New Feature] Added support for "​IP:​port"​ in "​X-Forwarded-For"​ header.
Line 1112: Line 1359:
   [Bug Fix] Applied a SecRemoteRules fix to avoid rule file corruption.   [Bug Fix] Applied a SecRemoteRules fix to avoid rule file corruption.
   [Bug Fix] Fixed a bug that could cause a blank response body for pre-compressed content.   [Bug Fix] Fixed a bug that could cause a blank response body for pre-compressed content.
- 
 === Build 5 === === Build 5 ===
- 
   [Update] Updated default welcome page content.   [Update] Updated default welcome page content.
   [Bug Fix] Fixed a SecRemoteRule handling bug.   [Bug Fix] Fixed a SecRemoteRule handling bug.
Line 1120: Line 1365:
   [Bug Fix] Fixed an awstats integration bug that broke dynamic page generation mode.   [Bug Fix] Fixed an awstats integration bug that broke dynamic page generation mode.
   [Bug Fix] Fixed an infinite loop bug that occurred with badly configured contexts.   [Bug Fix] Fixed an infinite loop bug that occurred with badly configured contexts.
- 
 === Build 4 === === Build 4 ===
- 
   [Improvement] Reliably switch back to Apache when there is a LiteSpeed licensing problem.   [Improvement] Reliably switch back to Apache when there is a LiteSpeed licensing problem.
   [Improvement] Added back support for SecFilterEngine and SecFilterScanPOST directives for backward compatibility.   [Improvement] Added back support for SecFilterEngine and SecFilterScanPOST directives for backward compatibility.
   [Bug Fix] Stopped PHP error logging into error log when stderr.log is disabled.   [Bug Fix] Stopped PHP error logging into error log when stderr.log is disabled.
- 
 === Build 3 === === Build 3 ===
- 
   [Bug Fix] Fixed a bug that causes excessive requests to OSCP responder.   [Bug Fix] Fixed a bug that causes excessive requests to OSCP responder.
   [Bug Fix] Fixed a bug that failed to handle some types of Node.js selector configurations.   [Bug Fix] Fixed a bug that failed to handle some types of Node.js selector configurations.
   [Bug Fix] Fixed a bug that failed cPanel two factor authentication.   [Bug Fix] Fixed a bug that failed cPanel two factor authentication.
   [Bug Fix] Fixed a bug in LiteMage combined subrequest handling.   [Bug Fix] Fixed a bug in LiteMage combined subrequest handling.
- 
 === Build 0 === === Build 0 ===
- 
   [Improvement] Improvements to HTTP/2, QUIC, and rewrite engine.   [Improvement] Improvements to HTTP/2, QUIC, and rewrite engine.
   [Bug Fix] HTTP/2, QUIC, and rewrite engine bug fixes.   [Bug Fix] HTTP/2, QUIC, and rewrite engine bug fixes.
Line 1142: Line 1381:
  
 ===== Version 5.3.4 ===== ===== Version 5.3.4 =====
- 
 === Build 8 === === Build 8 ===
- 
   [Bug Fix] Fixed a rewrite engine bug introduced in 5.3.4 build 7, which could cause ERR_SPDY_PROTOCOL_ERROR and redirect problems.   [Bug Fix] Fixed a rewrite engine bug introduced in 5.3.4 build 7, which could cause ERR_SPDY_PROTOCOL_ERROR and redirect problems.
- 
 === Build 7 === === Build 7 ===
- 
   [Improvement] Improved mod_rewrite compatibility.   [Improvement] Improved mod_rewrite compatibility.
   [Improvement] Improved QUIC engine by dynamically adjust batch size of outgoing packets.   [Improvement] Improved QUIC engine by dynamically adjust batch size of outgoing packets.
- 
 === Build 5 === === Build 5 ===
- 
   [Improvement] Improved PHP process abort feature to occur in a more timely manner.   [Improvement] Improved PHP process abort feature to occur in a more timely manner.
   [Bug Fix] Fixed an HTTP/2 engine bug that caused connections to reset under certain situations.   [Bug Fix] Fixed an HTTP/2 engine bug that caused connections to reset under certain situations.
- 
 === Build 4 === === Build 4 ===
- 
   [Improvement] Improved mod_security engine with UNIQUE_ID support.   [Improvement] Improved mod_security engine with UNIQUE_ID support.
   [Update] Disabled 503 auto fix by default.   [Update] Disabled 503 auto fix by default.
Line 1165: Line 1396:
   [Bug Fix] Fixed incompatible behavior with Python selector support.   [Bug Fix] Fixed incompatible behavior with Python selector support.
   [Bug Fix] Fixed a license information display bug in WebAdmin Console.   [Bug Fix] Fixed a license information display bug in WebAdmin Console.
- 
 === Build 2 === === Build 2 ===
- 
   [Improvement] Improved compatibility for WebCache manager.   [Improvement] Improved compatibility for WebCache manager.
   [Bug Fix] This build include a fix for gQUIC v044 support   [Bug Fix] This build include a fix for gQUIC v044 support
- 
 === Build 1 === === Build 1 ===
- 
   [Improvement] Improved NODEJS support.   [Improvement] Improved NODEJS support.
   [Improvement] Detect curl + HTTP/2 combination and disable HTTP/2 for future access.   [Improvement] Detect curl + HTTP/2 combination and disable HTTP/2 for future access.
   [Update] Updated WHM plugin to v3.1.3.2 to address a compatibility issue with newer versions of the LSCWP plugin.   [Update] Updated WHM plugin to v3.1.3.2 to address a compatibility issue with newer versions of the LSCWP plugin.
   [Update] Updated cPanel user-end plugin to v1.0.2.1 to address a compatibility issue with newer versions of the LSCWP plugin.   [Update] Updated cPanel user-end plugin to v1.0.2.1 to address a compatibility issue with newer versions of the LSCWP plugin.
- 
 === Build 0 === === Build 0 ===
- 
   [MAJOR NEW FEATURE] Added support for Google QUIC v44.    [MAJOR NEW FEATURE] Added support for Google QUIC v44. 
   [NEW FEATURE] Improved Ruby/Python selector support and apply engine version changes on the fly.   [NEW FEATURE] Improved Ruby/Python selector support and apply engine version changes on the fly.
Line 1194: Line 1419:
  
 ===== Version 5.3.3 ===== ===== Version 5.3.3 =====
- 
 === Build 3 === === Build 3 ===
- 
   [Bug Fix]  Fixed a mod_security engine bug that caused incorrect behavior with the comodo ruleset.   [Bug Fix]  Fixed a mod_security engine bug that caused incorrect behavior with the comodo ruleset.
- 
 === Build 2 === === Build 2 ===
- 
   [Bug Fix] Made adjustments to PHP handler configuration to fix broken PHP selector.   [Bug Fix] Made adjustments to PHP handler configuration to fix broken PHP selector.
   [Bug Fix] Fixed a memory leak in HTTP/2.   [Bug Fix] Fixed a memory leak in HTTP/2.
   [Bug Fix] Fixed a crash when parsing Apache configuration.   [Bug Fix] Fixed a crash when parsing Apache configuration.
- 
 === Build 0 === === Build 0 ===
- 
   [Bug Fix] Emergency release to ignore faulty rewrite rule introduced by cPanel   [Bug Fix] Emergency release to ignore faulty rewrite rule introduced by cPanel
  • Admin
  • Last modified: 2021/06/13 21:09
  • by Lucas Rolff