mod_security compatibility

lsws try to be compatible with latest mod_security 2.5(and above) + latest gotroot rules. lsws support most of them, and don't want to miss any really important features/rules in real world and keeps updating based on our users' feedback. However since the complexity and the always updating security rules, it's not possible to be 100% compatible with apache in any time. This wiki will address the most current compatibility status.

• scan response header/body.(Note: request header/body are supported)
• scan attached files content in multi-part upload
• PDF functions
• lua
• parsing XML

• the feature is less used
• the feature may slow down litespeed considerably due to the single-thread event driven architecture
• the rules for static files are skipped as it would unlikely cause any real security issue.

• http://www.litespeedtech.com/support/wiki/doku.php?id=litespeed_wiki:mod_security_tips_tricks