• Feature requests

  • Please implement the possibility of configuring OpenLiteSpeed free version

DracoBlue

Hi "DracoBlue" @Adam @Aliysa_Enhance

This request is also very important to me, and there are already many of us who have requested it, and I hope it will be added by the end of this year.

Have a good day and good work.

    a month later

    Thank you all for voting on this feature request.

    17 days later

    Just noticed, this is one of the most requested features, that has been requested for quite some time.

    I'm quite confused about this. I saw in features -> Web servers (https://enhance.com/product/features) that OpenLiteSpeed was supported (since nothing is mentioned otherwise), but is it not? Could someone explain what the issue is and what steps you need to take to delete the configuration, for example?

      Darkle I'm quite confused about this. I saw in features -> Web servers (https://enhance.com/product/features) that OpenLiteSpeed was supported (since nothing is mentioned otherwise), but is it not? Could someone explain what the issue is and what steps you need to take to delete the configuration, for example?

      Its supported, but you cant tweak any config, because when Enhance has an update, or docker restart, you will lose all your edits!

          adil I don't know how you see it, but if that means I can't edit php.ini, the number of workers, I/O Buffer, all the tuning, etc. (everything default), it's like it's not compatible at all... It's a shame because then this, along with ARM support, become the main reasons for not being able to use Enhance.

              This is why i would like to be able to alter the OpenLiteSpeed config options.

              scan webseite with SSL LABS, From the result i see only a Grade B while it is easy possible to get A+

              Get rid of old Protocol versions.
              TLS 1.3 Yes
              TLS 1.2 Yes*
              TLS 1.1 Yes
              TLS 1.0 No
              SSL 3 No
              SSL 2 No

              Adjust used Cipher Suites

              TLS 1.3 (server has no preference)

              TLS_AES_128_GCM_SHA256 (0x1301) ECDH x25519 (eq. 3072 bits RSA) FS 128
              TLS_AES_256_GCM_SHA384 (0x1302) ECDH x25519 (eq. 3072 bits RSA) FS 256
              TLS_CHACHA20_POLY1305_SHA256 (0x1303) ECDH x25519 (eq. 3072 bits RSA) FS 256

              TLS 1.2 (suites in server-preferred order)

              TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) ECDH x25519 (eq. 3072 bits RSA) FS 128
              TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) ECDH x25519 (eq. 3072 bits RSA) FS 256
              TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) ECDH x25519 (eq. 3072 bits RSA) FS WEAK 128
              TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH x25519 (eq. 3072 bits RSA) FS WEAK 128
              TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH x25519 (eq. 3072 bits RSA) FS WEAK 256
              TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) WEAK 128
              TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) WEAK 256
              TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) WEAK 128
              TLS_RSA_WITH_AES_256_CBC_SHA (0x35) WEAK 256

              This thing got discussed multiple times in the forum, but not yet addressed...
              It's not complicated to change the templates in one of the future versions in order to get a grade A or A+...

              Darkle adil I don't know how you see it, but if that means I can't edit php.ini, the number of workers, I/O Buffer, all the tuning, etc. (everything default), it's like it's not compatible at all... It's a shame because then this, along with ARM support, become the main reasons for not being able to use Enhance.

              You can change php.ini. You can use the hard resource limits feature to limit the number of worker processes. The default config should offer excellent performance and we also have an additional feature which monitors for .htaccess changes and gracefully reloads OLS when they are detected to give you similar rewrite functionality to Litespeed and Apache.

              Persisting config changes made directly in the OLS panel and merging it with the Enhance generated config is just a matter of development time. It will happen soon but I can't give you a firm date. At the moment we are focused on the 11.0.0 and 12.0.0 core releases.

                  Adam Thank you for the clarification. I was already in checklist mode to start using Enhance, and by chance, I read this discussion and it threw me off a bit. Now it's clear to me that you can modify the php.ini without losing the changes, and additionally, the System Resource Limits feature should definitely cover the most important aspects.

                  Persisting config changes made directly in the OLS panel and merging it with the Enhance generated config is just a matter of development time. It will happen soon but I can't give you a firm date. At the moment we are focused on the 11.0.0 and 12.0.0 core releases.

                  That's great, in that sense, I have no doubts. I've been following your development for a long time, and it's very solid.

                    7 days later
                    7 days later

                    So, does the current OLS implementation approach in Enhance make minor changes such as that detail in Show Real Visitor IP Instead of CloudFlare IPs not possible?
                    Further to that question, and more importantly in my case, does Enhance log the client IP in logs, or is it logging Cloudflare IPs (when CF is implemented), as discussed in this Cloudflare article, Restoring original visitor IPs?

                      inspiredearth The original IP is NOT currently logged. Still, the X-FORWARDED-FOR header does contain the real IP.. if you have your own logging via your web script.

                        14 days later
                        Follow @enhancecp