Search results

Thanks, I've managed to get around this using modrewrite instead of mod_action. I will wait for 4.2.21 to be pushed to stable. Regards

Hello, One of our customers has a script that makes use of mod_action to send templates to a php script : AddType company/bjf .bjf Action company/bjf /template/parser.php DirectoryIndex index.bjf index.php index.html However when I call index.bjf in the browser it downloads the file. Should...

We have been concidering Interworx for some time now. Quite interested in their high availability cluster solution. Not having an easy way to install and update litespeed would actually be a stopper from our point of view. Not that we would actually be sure to move to interworx yet, but having...

Hello Michael. Any news on 5.0 stable or about that thing you are working in that the webhosting industry is crying for ? Very excited about both !

Will litespeed 5 have response body support when it makes it to stable ? About half of our server ressources go to brute force attacks, forgetting about the security impact, just the ressource usage alone is costing us alot. Recently attacks have been from bot,ets with lots of ip's and...

We need this too, make comodo cwaf rules be able to block brute force attacks. I belive the main issue is the lack of request body filtering. What we need the most is a real way to block all wordpress and joomla bruteforce attacks and the only way to do this seems bo require request body filtering.

Thanks for the information Michael ! I will see what we can do to make them know we would like this :) Varnish claims that it only integrated the ESI features that made a difference, would the aditional features make a big differece compared to Varnishes implementation ? Thanks

Hello, Unless I'm mistaken, it's not the cypher that needs to be changed but the protocols that need to be disabled. I've found this that explains for Apache, Dovecot, Nginx… For exim not 100% sure what the correct line is yet…

Is this still being worked on ?

Hello, I've read that the latest version of litespeed released today solves this without needing to change the cypher list. Does litespeed force sslv3 to be disabled or does it disallow browsers compatible with a more recent version to fallback ? Am I correct in understanding that in order...

Hello, I'm very excited about getting Turpentine working with LS 5.0 as explained here : http://blog.litespeedtech.com/2014/02/19/lsws-5-0-lscaches-esi-support-will-speed-up-web-applications/ Have you made any progress with Nexess implementing official support for LSCache ? Thanks !

If You are talking about the php extension, then yes it is, we use it for composer. You can enable php phar by just intialling the PHP extension.

It seems that the only way to do this correctly requires a feature that litespeed doesn't support. This is becomming quite urgent for us…

Comodo's answer about why these rules don't work So I'm back to trying to work out how to effectiently block Wordpress and Joomla brute forces… Any advice ?

Hello, Sadly I've just had proof that the rules aren't working : 213.251.182.12 - - [29/Aug/2014:11:01:02 +0200] "POST /wp-login.php HTTP/1.1" 200 4049 "-" "-" 213.251.182.12 - - [29/Aug/2014:11:01:02 +0200] "POST /wp-login.php HTTP/1.1" 200 4049 "-" "-" 213.251.182.12 - -...

Hello, Any news on this ? Thanks

I will see with them about differenciating wordpress from Joomla. While wordpress with wp-login should have a lower limit, Jooma runs all it's pages on index.php so should keep a threshold of 30.

I haven't been able to confirm the blockages are working yet, brute forces seem to be shared between multiple IP's to not go over 30 tries in 1 minute per IP : 46.165.228.144 - - [23/Aug/2014:10:21:03 +0200] "POST /wp-login.php HTTP/1.1" 200 4962 "-" "-" 125.253.124.48 - - [23/Aug/2014:10:21:03...

The brute force rule doesn't seem to be triggering anymore. Before it would trigger once when restarted litespeed without blocking the request but now it's just not doing anything. Can you also please confirm if I need to have : LoadFile /opt/lua/lib/liblua.so Every time I update something...

Thanks, I don't seem to have any brute force attacks at the moment (server load us low, hackers seem to have gone on holiday with their parents… :D ). I will watch it and let you know next time I get a definate brute force.