Announcing:
LiteSpeed Web Server v5.4.7
In this release: security updates, bug fixes, and more!
RELEASE LOG:
[Security] Fixed a symbolic link attack in directory auto index script. Thank you KnownHost for the bug report. (CloudLinux user is not affected.)
[New Feature] Added strict suEXEC and ownership checking on scripts.
[New Feature] Added ability to configure static/dynamic request per second limit for Apache vhost.
[Bug Fix] Fixed reCAPTCHA triggering for the first access of an allowed robot.
[Bug Fix] Added "Cache-Control: no-cache" to reCAPTCHA verification page to disallow CDN/proxy cache.
[Bug fix] Fixed delayed .htaccess loading.
[Bug fix] Fixed a delayed server response bug with HTTP/2.
[Bug fix] Fixed a NodeJS websocket backend configuration bug.
[Bug fix] Shared lib for lscmctl script is now updated on server install/update.
[Tuning] Prevent ports 443 and 80 from being used as WebAdmin listener port.
[Tuning] Avoid triggering 503 errors when cPanel backend services (cpcontacts, webdisk, ...) are unavailable.
[Tuning] Automatically update /proc/sys/net/core/somaxconn to 1024 whenever server performs a fresh startup.
[Tuning] Added after=lve_namespaces.service to systemd unit file.
https://www.litespeedtech.com/products/litespeed-web-server/release-log
Please remember, there may be some delay between this announcement and the ability to auto-update. If you don't want to wait, you can update manually via the following command: `/usr/local/lsws/admin/misc/lsup.sh -f -v 5.4.7`
Cheers!
Friday, April 17, 2020
